VIRY.CZ

Zdravim, potreboval bych pomoci. NTB strasne dlouho startuje asi 10min. ccleaner nepomohl, a tak prikladam log z RSITu. Predem dekuji za jakoukoliv pomoc.

Logfile of random's system information tool 1.09 (written by random/random)
Run by jnem at 2012-08-20 13:21:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 641 GB (92%) free of 700 GB
Total RAM: 4078 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:21:09, on 20.8.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files\trend micro\jnem.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [NokiaPCInternetAccess] "C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe" /b
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Acer VCM.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://90.179.152.40:8090/activex/AMC.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B380C2F1-F08D-5DF8-8CBA-8AA5B487AB66}: NameServer = 62.141.0.1 213.162.65.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13252 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
taskeng.exe {6CF0E73C-F08E-450F-A717-D4D75BE89BBC}
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe" /b
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
{3BC66D9D-258E-44A8-91A2-53034B7167BF}
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskeng.exe {98C9DD6D-B25A-46C1-9FE1-834B56961F5C}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\jnem\Desktop\test\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-08-13 253584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-02-29 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-08-13 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-01-03 1514152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-02-29 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-08-13 253584]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-01-03 1514152]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-08-13 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-25 11780712]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2011-02-09 2589480]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-03-13 617120]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-03-13 379552]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 1831528]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-04-07 2839840]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile Communication Centre"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2010-03-02 1347496]
"NokiaPCInternetAccess"=C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe [2009-09-17 663552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-02 1155928]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-06-14 1100880]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-02-09 336384]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
""= []
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2012-01-03 1391272]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-08-20 13:21:05 ----D---- C:\rsit
2012-08-20 13:21:05 ----D---- C:\Program Files\trend micro
2012-08-20 08:14:20 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-08-20 08:14:20 ----A---- C:\Windows\system32\qdvd.dll
2012-08-15 15:40:53 ----A---- C:\Windows\system32\drivers\bthport.sys
2012-08-15 15:39:42 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-08-15 15:39:42 ----A---- C:\Windows\system32\mshtmled.dll
2012-08-15 15:39:41 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-08-15 15:39:41 ----A---- C:\Windows\SYSWOW64\url.dll
2012-08-15 15:39:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-08-15 15:39:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-08-15 15:39:41 ----A---- C:\Windows\system32\urlmon.dll
2012-08-15 15:39:41 ----A---- C:\Windows\system32\url.dll
2012-08-15 15:39:41 ----A---- C:\Windows\system32\ieUnatt.exe
2012-08-15 15:39:41 ----A---- C:\Windows\system32\ieui.dll
2012-08-15 15:39:41 ----A---- C:\Windows\system32\iertutil.dll
2012-08-15 15:39:40 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-08-15 15:39:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-08-15 15:39:39 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-08-15 15:39:39 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-08-15 15:39:39 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-08-15 15:39:39 ----A---- C:\Windows\system32\wininet.dll
2012-08-15 15:39:39 ----A---- C:\Windows\system32\jsproxy.dll
2012-08-15 15:39:39 ----A---- C:\Windows\system32\jscript9.dll
2012-08-15 15:39:39 ----A---- C:\Windows\system32\jscript.dll
2012-08-15 15:39:38 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-08-15 15:39:37 ----A---- C:\Windows\system32\mshtml.dll
2012-08-15 15:39:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-08-15 15:39:36 ----A---- C:\Windows\system32\ieframe.dll
2012-08-15 14:59:16 ----SHD---- C:\Config.Msi
2012-08-15 08:06:17 ----A---- C:\Windows\system32\win32k.sys
2012-08-15 08:06:16 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-08-15 08:06:16 ----A---- C:\Windows\system32\win32spl.dll
2012-08-15 08:06:16 ----A---- C:\Windows\system32\spoolsv.exe
2012-08-15 08:06:16 ----A---- C:\Windows\splwow64.exe
2012-08-15 08:06:15 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-08-15 08:06:15 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-08-15 08:06:15 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-08-15 08:06:15 ----A---- C:\Windows\system32\srcore.dll
2012-08-15 08:06:15 ----A---- C:\Windows\system32\netapi32.dll
2012-08-15 08:06:15 ----A---- C:\Windows\system32\localspl.dll
2012-08-15 08:06:15 ----A---- C:\Windows\system32\browser.dll
2012-08-15 08:06:15 ----A---- C:\Windows\system32\browcli.dll
2012-08-10 11:16:54 ----D---- C:\Program Files\CCleaner
2012-08-10 11:16:14 ----D---- C:\ProgramData\Google

======List of files/folders modified in the last 1 month======

2012-08-20 13:21:06 ----D---- C:\Windows\Temp
2012-08-20 13:21:05 ----RD---- C:\Program Files
2012-08-20 13:14:35 ----D---- C:\Windows
2012-08-20 13:12:39 ----A---- C:\Windows\SYSWOW64\log.txt
2012-08-20 13:09:58 ----D---- C:\Windows\system32\config
2012-08-20 12:22:19 ----D---- C:\Program Files (x86)\Cyklotrasy
2012-08-20 12:22:17 ----HD---- C:\ProgramData
2012-08-20 08:14:42 ----D---- C:\Windows\winsxs
2012-08-20 08:14:42 ----D---- C:\Windows\SysWOW64
2012-08-20 08:14:42 ----D---- C:\Windows\System32
2012-08-20 08:14:38 ----SHD---- C:\System Volume Information
2012-08-20 08:12:58 ----D---- C:\Windows\system32\catroot
2012-08-17 20:28:33 ----D---- C:\Windows\Prefetch
2012-08-17 14:34:39 ----HD---- C:\PerfLogs
2012-08-17 14:07:57 ----RD---- C:\Program Files (x86)
2012-08-17 13:11:11 ----D---- C:\ebanka
2012-08-16 21:00:01 ----D---- C:\Windows\system32\Tasks
2012-08-16 21:00:00 ----D---- C:\Windows\Tasks
2012-08-15 19:28:34 ----RSD---- C:\Windows\Fonts
2012-08-15 19:28:33 ----D---- C:\Program Files (x86)\Internet Explorer
2012-08-15 19:28:32 ----D---- C:\Windows\SYSWOW64\migration
2012-08-15 19:28:31 ----D---- C:\Windows\system32\migration
2012-08-15 19:28:29 ----D---- C:\Program Files\Internet Explorer
2012-08-15 19:28:25 ----D---- C:\Windows\system32\DriverStore
2012-08-15 19:28:25 ----D---- C:\Windows\system32\drivers
2012-08-15 19:26:37 ----D---- C:\Windows\system32\catroot2
2012-08-15 15:40:44 ----SHD---- C:\Windows\Installer
2012-08-15 15:40:42 ----D---- C:\ProgramData\Microsoft Help
2012-08-15 08:25:32 ----D---- C:\Windows\debug
2012-08-15 08:06:51 ----A---- C:\Windows\system32\MRT.exe
2012-08-14 23:23:34 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-08-14 15:51:07 ----D---- C:\Windows\ModemLogs
2012-08-13 22:42:26 ----D---- C:\Windows\inf
2012-08-13 22:42:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-08-10 11:26:23 ----D---- C:\Users\jnem\AppData\Roaming\Skype
2012-08-10 11:24:08 ----D---- C:\Windows\Panther
2012-08-10 11:18:56 ----D---- C:\Windows\Logs
2012-08-10 11:16:51 ----D---- C:\Program Files\Google
2012-08-10 11:16:51 ----D---- C:\Program Files (x86)\Google
2012-07-31 20:02:05 ----D---- C:\Windows\system32\wdi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-01-13 439320]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-07 139704]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-04-07 163888]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-04-07 124760]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-11-30 16120]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-02-08 9078272]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-02-08 299520]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-02 2750464]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
R3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
R3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
R3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2011-02-09 141096]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-03-01 2787688]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-09-27 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-09-10 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-07-20 247400]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\Windows\system32\DRIVERS\silabenm.sys [2009-06-15 23040]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\Windows\system32\DRIVERS\silabser.sys [2009-06-15 68608]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-02-08 203776]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-13 249648]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-06-14 353872]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-04-07 810120]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 872552]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2010-05-21 110736]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-02 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-11 193824]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-09-23 575488]
S2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2010-03-02 67312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-10 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-15 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-14 250056]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-04-07 42336]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-09-29 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-10 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-13 194032]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-26 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

Také zdravím!
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na púlochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\Ask.com
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files (x86)\Microsoft\BingBar
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ApnUpdater"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Restartujte a dejte nový log RSIT.

vse jak jste psal provedeno, zatim spousteni bez velkych zmen a tak prikladam dalsi log z RSITu


Logfile of random's system information tool 1.09 (written by random/random)
Run by jnem at 2012-08-20 15:18:25
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 641 GB (92%) free of 700 GB
Total RAM: 4078 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:18:28, on 20.8.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\jnem\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jnem\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\jnem.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [NokiaPCInternetAccess] "C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe" /b
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Acer VCM.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://90.179.152.40:8090/activex/AMC.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B380C2F1-F08D-5DF8-8CBA-8AA5B487AB66}: NameServer = 62.141.0.1 213.162.65.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bing Bar Update Service (BBSvc) - Unknown owner - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (file missing)
O23 - Service: BBUpdate - Unknown owner - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12048 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
taskeng.exe {767116E0-4C99-468D-8478-56896888F643}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
taskeng.exe {C5756B7A-5DA2-42FC-8876-CE2DAD986C0E}
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
"C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe" /b
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
{1E97FAFF-7F37-40EC-8964-1CB25943968D}
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Users\jnem\AppData\Local\Google\Chrome\Application\chrome.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Users\jnem\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --enable-print-preview --channel=2212.06C0CC60.1783841845 /prefetch:3
"C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\jnem\Desktop\test\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-02-29 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-02-29 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-25 11780712]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2011-02-09 2589480]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-03-13 617120]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-03-13 379552]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 1831528]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-04-07 2839840]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile Communication Centre"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2010-03-02 1347496]
"NokiaPCInternetAccess"=C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe [2009-09-17 663552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-06-14 1100880]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-02-09 336384]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-08-20 15:05:25 ----D---- C:\_OTM
2012-08-20 13:21:05 ----D---- C:\rsit
2012-08-20 13:21:05 ----D---- C:\Program Files\trend micro
2012-08-20 08:14:20 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-08-20 08:14:20 ----A---- C:\Windows\system32\qdvd.dll
2012-08-15 15:40:53 ----A---- C:\Windows\system32\drivers\bthport.sys
2012-08-15 15:39:42 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-08-15 15:39:42 ----A---- C:\Windows\system32\mshtmled.dll
2012-08-15 15:39:41 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-08-15 15:39:41 ----A---- C:\Windows\SYSWOW64\url.dll
2012-08-15 15:39:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-08-15 15:39:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-08-15 15:39:41 ----A---- C:\Windows\system32\urlmon.dll
2012-08-15 15:39:41 ----A---- C:\Windows\system32\url.dll
2012-08-15 15:39:41 ----A---- C:\Windows\system32\ieUnatt.exe
2012-08-15 15:39:41 ----A---- C:\Windows\system32\ieui.dll
2012-08-15 15:39:41 ----A---- C:\Windows\system32\iertutil.dll
2012-08-15 15:39:40 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-08-15 15:39:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-08-15 15:39:39 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-08-15 15:39:39 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-08-15 15:39:39 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-08-15 15:39:39 ----A---- C:\Windows\system32\wininet.dll
2012-08-15 15:39:39 ----A---- C:\Windows\system32\jsproxy.dll
2012-08-15 15:39:39 ----A---- C:\Windows\system32\jscript9.dll
2012-08-15 15:39:39 ----A---- C:\Windows\system32\jscript.dll
2012-08-15 15:39:38 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-08-15 15:39:37 ----A---- C:\Windows\system32\mshtml.dll
2012-08-15 15:39:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-08-15 15:39:36 ----A---- C:\Windows\system32\ieframe.dll
2012-08-15 08:06:17 ----A---- C:\Windows\system32\win32k.sys
2012-08-15 08:06:16 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-08-15 08:06:16 ----A---- C:\Windows\system32\win32spl.dll
2012-08-15 08:06:16 ----A---- C:\Windows\system32\spoolsv.exe
2012-08-15 08:06:16 ----A---- C:\Windows\splwow64.exe
2012-08-15 08:06:15 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-08-15 08:06:15 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-08-15 08:06:15 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-08-15 08:06:15 ----A---- C:\Windows\system32\srcore.dll
2012-08-15 08:06:15 ----A---- C:\Windows\system32\netapi32.dll
2012-08-15 08:06:15 ----A---- C:\Windows\system32\localspl.dll
2012-08-15 08:06:15 ----A---- C:\Windows\system32\browser.dll
2012-08-15 08:06:15 ----A---- C:\Windows\system32\browcli.dll
2012-08-10 11:16:54 ----D---- C:\Program Files\CCleaner

======List of files/folders modified in the last 1 month======

2012-08-20 15:18:25 ----D---- C:\Windows\Temp
2012-08-20 15:16:36 ----A---- C:\Windows\SYSWOW64\log.txt
2012-08-20 15:14:22 ----D---- C:\Windows\system32\config
2012-08-20 15:06:47 ----D---- C:\Program Files (x86)\Microsoft
2012-08-20 15:04:24 ----RD---- C:\Downloads
2012-08-20 15:00:54 ----D---- C:\Windows\inf
2012-08-20 14:36:51 ----D---- C:\Program Files (x86)\Google
2012-08-20 14:36:48 ----D---- C:\Windows\system32\Tasks
2012-08-20 14:36:47 ----D---- C:\Windows\Tasks
2012-08-20 14:36:43 ----SD---- C:\ProgramData\Microsoft
2012-08-20 14:36:34 ----SHD---- C:\Windows\Installer
2012-08-20 14:27:45 ----D---- C:\Windows
2012-08-20 13:53:39 ----RD---- C:\Program Files (x86)
2012-08-20 13:53:39 ----HD---- C:\ProgramData
2012-08-20 13:53:19 ----SHD---- C:\System Volume Information
2012-08-20 13:21:05 ----RD---- C:\Program Files
2012-08-20 12:22:19 ----D---- C:\Program Files (x86)\Cyklotrasy
2012-08-20 08:14:42 ----D---- C:\Windows\winsxs
2012-08-20 08:14:42 ----D---- C:\Windows\SysWOW64
2012-08-20 08:14:42 ----D---- C:\Windows\System32
2012-08-20 08:12:58 ----D---- C:\Windows\system32\catroot
2012-08-17 20:28:33 ----D---- C:\Windows\Prefetch
2012-08-17 14:34:39 ----HD---- C:\PerfLogs
2012-08-17 13:11:11 ----D---- C:\ebanka
2012-08-15 19:28:34 ----RSD---- C:\Windows\Fonts
2012-08-15 19:28:33 ----D---- C:\Program Files (x86)\Internet Explorer
2012-08-15 19:28:32 ----D---- C:\Windows\SYSWOW64\migration
2012-08-15 19:28:31 ----D---- C:\Windows\system32\migration
2012-08-15 19:28:29 ----D---- C:\Program Files\Internet Explorer
2012-08-15 19:28:25 ----D---- C:\Windows\system32\DriverStore
2012-08-15 19:28:25 ----D---- C:\Windows\system32\drivers
2012-08-15 19:26:37 ----D---- C:\Windows\system32\catroot2
2012-08-15 15:40:42 ----D---- C:\ProgramData\Microsoft Help
2012-08-15 08:25:32 ----D---- C:\Windows\debug
2012-08-15 08:06:51 ----A---- C:\Windows\system32\MRT.exe
2012-08-14 23:23:34 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-08-14 15:51:07 ----D---- C:\Windows\ModemLogs
2012-08-13 22:42:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-08-10 11:26:23 ----D---- C:\Users\jnem\AppData\Roaming\Skype
2012-08-10 11:24:08 ----D---- C:\Windows\Panther
2012-08-10 11:18:56 ----D---- C:\Windows\Logs
2012-08-10 11:16:51 ----D---- C:\Program Files\Google
2012-07-31 20:02:05 ----D---- C:\Windows\system32\wdi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-01-13 439320]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-07 139704]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-04-07 163888]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-04-07 124760]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-11-30 16120]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-02-08 9078272]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-02-08 299520]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-02 2750464]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2011-02-09 141096]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-03-01 2787688]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-09-27 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-09-10 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-07-20 247400]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\Windows\system32\DRIVERS\silabenm.sys [2009-06-15 23040]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\Windows\system32\DRIVERS\silabser.sys [2009-06-15 68608]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-02-08 203776]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2010-03-02 67312]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-06-14 353872]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-04-07 810120]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 872552]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2010-05-21 110736]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-11 193824]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-09-23 575488]
S2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-15 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-14 250056]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE []
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-04-07 42336]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-09-29 655624]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-26 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

Log je již OK. Nastala nějaká změna? Spusťte znovu OTM a klikněte na >CleanUp<. OTM po sobě uklidí. Restartujte PC.

Provedeno, ale zadna zmena. po spusteni PC trva docela dost dlouho nez se zobrazi zadost o heslo, po zadani hesla opet dlouhe cekani na plochu cele asi 10min. kdyz se zobrazi plocha tak jeste asi 5min trva nez se NTB rozebehne. potom to jiz docela jede i kdyz napr. pri prohlizeni videa se tak v intervalu 10min video sekne. Rikam si jestli tedy nehledat chybku v HW i kdyz NTB je asi rok stary, ale necham si poradit

HW problém to může být samozřejmě také. Nejdříve ale musíme zkusit sw. Zkuste Startmenu>přík. řádek>(napsat) msconfig>Enter. Na záložkách "Po spuštění" a "Služby" odstraňte zatržítko u všech položek, které nemusí automaticky startovat. Tj. u takových, které lze v případě potřeby spustit ručně.

asi se blbe zeptam jak poznam, ktere polozky to jsou a ktere jdou spustit rucne?

v zalozce po spusteni jsem zrusil vse, a v zalozce sluzby jsem nechal skryt sluzby mikrosoft a to co zbylo jsem take zrusil /jedine eset zustal/. no moc to zatim nepomohlo. tedy jestli jsem to udelal spravne?

Musí to být položkami, spouštěnými při startu, kterých je mnoho a tím se prodlužuje čas startu.

souhlasim, ale jake to tedy jsou? abych je mohl vymaznout.

Stačí je dektivovat. Zapnuté ponechte vše, co od microsoftu, plus antivir. Ostatní (téměř), lze vypnout.

tak jsem to vse povypinal, ale nevim porad mi prijde ze je to stejne, dlouhe spousteni pc + potom jeste nez se radne rozebehne, je pravda trochu se to zlepsilo ale o moc to neni.

OK. Spusťte znovu OTM a klikněte na >CleanUp<. OTM po sobě uklidí. Restartujte PC a dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

vlozen log z combofixu


ComboFix 12-08-20.02 - jnem 20.08.2012 20:50:06.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4078.3028 [GMT 2:00]
Spuštěný z: c:\users\jnem\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\WinInt.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-20 do 2012-08-20 )))))))))))))))))))))))))))))))
.
.
2012-08-20 19:01 . 2012-08-20 19:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-20 11:21 . 2012-08-20 13:18 -------- d-----w- c:\program files\trend micro
2012-08-20 06:14 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-08-20 06:14 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-08-15 13:40 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-08-15 06:06 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 06:06 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 06:06 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 06:06 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-15 06:06 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-15 06:06 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-15 06:06 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 06:06 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-15 06:06 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-15 06:06 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-08-15 06:06 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 06:06 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-10 09:16 . 2012-08-10 09:16 -------- d-----w- c:\program files\CCleaner
2012-08-02 20:21 . 2012-08-02 20:21 -------- d-----w- c:\users\jnem\AppData\Local\ESET
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-20 18:57 . 2012-08-20 18:57 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EBAEDCF9-B9B7-435F-8C3D-3F3B863C7D7B}\offreg.dll
2012-08-15 06:06 . 2012-02-28 07:36 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-08-14 21:23 . 2012-04-02 16:47 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-14 21:23 . 2011-08-31 09:12 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-29 10:04 . 2012-08-17 06:12 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EBAEDCF9-B9B7-435F-8C3D-3F3B863C7D7B}\mpengine.dll
2012-06-09 05:43 . 2012-07-11 05:48 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:49 . 2012-06-06 06:49 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2012-06-06 06:06 . 2012-07-11 05:48 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 05:48 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 05:47 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 05:48 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 05:48 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 05:47 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-21 07:34 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 07:34 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 07:34 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 07:34 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 07:34 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 07:34 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 07:34 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 07:34 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 07:34 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 05:50 . 2012-07-11 05:48 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 05:48 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48 . 2012-07-11 05:48 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45 . 2012-07-11 05:48 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 05:48 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 05:48 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 05:48 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 05:48 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-05-31 10:25 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-07-20 247400]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys [2009-06-15 23040]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys [2009-06-15 68608]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-26 1255736]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-14 250056]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-02-08 203776]
R4 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2010-03-02 67312]
R4 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R4 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-06-14 353872]
R4 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 872552]
R4 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
R4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
R4 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R4 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
R4 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-15 158856]
R4 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R4 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-04-07 139704]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-04-07 163888]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-04-07 810120]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-04-07 124760]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-02-08 9078272]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-02-08 299520]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-16 115216]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2011-02-09 141096]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-09-27 76912]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 21:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-04-07 2839840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B380C2F1-F08D-5DF8-8CBA-8AA5B487AB66}: NameServer = 62.141.0.1 213.162.65.1
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://90.179.152.40:8090/activex/AMC.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-SLABCOMM&10C4&EA60 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-08-20 21:11:17
ComboFix-quarantined-files.txt 2012-08-20 19:11
.
Před spuštěním: Volných bajtů: 671 559 626 752
Po spuštění: Volných bajtů: 671 506 481 152
.
- - End Of File - - 23C62F70B2DB5AE1AF46F9C8939BCEE1

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.