Zasekávanie PC po "odstranení" virusu

[smeagl]

Dobrý deň, prosím Vás o pomoc pri obnove PC. Pred par dnami mi zacal vyskakovat virus "Váš počítač bol zablokovaný". To som sa snažil odstrániť, čo sa koniec-koncov podarilo -už sa nezobrazuje-, ale PC začalo po štarte sekať, a to pri bežných činnosťiach (otvorenie prehliadača, zložek a pod.). Nikdy som nepoužíval antivírusové programy a som zástancom názoru, že porno je druh umenia. Samozrejme po týchto ťažkostiach som nainštaloval freetrial verzie kasperskeho a nod-u, obe nie su schopné skontrolovať ani základne "C" bez toho, aby sa nezasekol PC. Dúfam že mi s tým poradíte. Prípájam log a info.

LOG:
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2012-12-20 814088]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-02-18 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll [2012-12-20 426504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-02-18 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll [2012-12-20 486408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{215BA832-75A3-426E-A4FC-7C5B58CE6A10} - Kaspersky Passsword Manager Toolbar - C:\PROGRA~2\KASPER~1\KASPER~1.0\KASPER~2\spIEBho.dll [2013-03-06 2404920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2013-03-21 6330568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun []
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-04-26 3111744]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2013-03-18 448736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=C:\AdwCleaner[S1].txt [2013-05-08 2696]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-05-25 1564368]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2010-04-12 180224]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-10-10 39792]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
""= []
"HPUsageTrackingLEDM"=C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [2009-10-15 30264]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2012-11-01 1263512]
"Bonus.SSR.FR11"=D:\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [2011-11-07 934152]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [2012-12-20 356968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableInstallerDetection"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-05-08 13:28:59 ----D---- C:\rsit
2013-05-08 13:28:59 ----D---- C:\Program Files\trend micro
2013-05-08 10:56:49 ----A---- C:\AdwCleaner[S1].txt
2013-05-08 10:29:50 ----A---- C:\Windows\ntbtlog.txt
2013-05-08 08:35:00 ----A---- C:\Windows\system32\klfphc.dll
2013-05-08 08:34:30 ----A---- C:\Windows\system32\drivers\CSVirtualDiskDrv.sys
2013-05-08 08:34:28 ----DC---- C:\Windows\system32\DRVSTORE
2013-05-08 08:34:28 ----A---- C:\Windows\system32\drivers\CSCrySec.sys
2013-05-08 08:34:01 ----D---- C:\Windows\ELAMBKUP
2013-05-08 08:33:54 ----D---- C:\ProgramData\Kaspersky Lab
2013-05-08 08:33:54 ----D---- C:\Program Files (x86)\Kaspersky Lab
2013-05-08 08:33:42 ----A---- C:\Windows\system32\drivers\klif.sys
2013-05-08 08:33:42 ----A---- C:\Windows\system32\drivers\klflt.sys
2013-05-08 08:14:54 ----D---- C:\ProgramData\ESET
2013-05-08 08:14:54 ----D---- C:\Program Files\ESET
2013-05-07 08:30:40 ----SHD---- C:\found.000
2013-05-06 04:06:33 ----D---- C:\Users\Matej\AppData\Roaming\Malwarebytes
2013-05-06 04:06:25 ----D---- C:\ProgramData\Malwarebytes
2013-05-06 04:06:24 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-05-06 04:06:23 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-05 23:44:17 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-05-05 10:58:11 ----A---- C:\ProgramData\rundll32.exe
2013-05-04 21:54:41 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2013-05-04 21:54:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2013-05-04 21:54:41 ----A---- C:\Windows\system32\d3dx10_40.dll
2013-05-04 21:54:41 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2013-05-04 21:54:39 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2013-05-04 21:54:39 ----A---- C:\Windows\system32\D3DX9_40.dll
2013-05-04 15:11:53 ----A---- C:\ProgramData\as98213.txt
2013-05-04 15:11:53 ----A---- C:\ProgramData\77gmj.js
2013-05-04 15:11:53 ----A---- C:\ProgramData\77gmj.bat
2013-05-04 13:30:22 ----D---- C:\Users\Matej\AppData\Roaming\Signal Ops
2013-04-24 08:18:26 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-18 14:29:16 ----D---- C:\Users\Matej\AppData\Roaming\The Longest Journey
2013-04-15 09:14:22 ----D---- C:\Windows\rescache
2013-04-10 23:44:47 ----D---- C:\Program Files (x86)\99 Best of C64 CLX
2013-04-10 17:20:10 ----A---- C:\Windows\system32\mstscax.dll
2013-04-10 17:20:09 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-04-10 17:20:09 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-04-10 17:20:09 ----A---- C:\Windows\system32\mstsc.exe
2013-04-10 17:20:08 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-04-10 17:20:08 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-04-10 17:20:08 ----A---- C:\Windows\system32\wksprt.exe
2013-04-10 17:20:08 ----A---- C:\Windows\system32\tsgqec.dll
2013-04-10 17:20:08 ----A---- C:\Windows\system32\aaclient.dll
2013-04-10 17:19:57 ----A---- C:\Windows\system32\win32k.sys
2013-04-10 17:19:54 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-10 17:19:53 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-04-10 17:19:53 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-04-10 17:19:52 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2013-04-10 17:19:52 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-04-10 17:19:52 ----A---- C:\Windows\system32\smss.exe
2013-04-10 17:19:52 ----A---- C:\Windows\system32\drivers\appid.sys
2013-04-10 17:19:52 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-10 17:19:52 ----A---- C:\Windows\system32\appidsvc.dll
2013-04-10 17:19:52 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2013-04-10 17:19:52 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2013-04-10 17:19:52 ----A---- C:\Windows\system32\appidapi.dll
2013-04-09 21:23:15 ----D---- C:\Users\Matej\AppData\Roaming\MMFApplications
2013-04-09 15:49:52 ----D---- C:\Program Files (x86)\MSXML 4.0

======List of files/folders modified in the last 1 month======

2013-05-08 13:28:59 ----RD---- C:\Program Files
2013-05-08 12:43:10 ----D---- C:\Windows\Temp
2013-05-08 10:58:03 ----SHD---- C:\System Volume Information
2013-05-08 10:57:47 ----D---- C:\Windows\system32\catroot
2013-05-08 10:56:57 ----RD---- C:\Program Files (x86)
2013-05-08 10:29:50 ----D---- C:\Windows
2013-05-08 10:25:41 ----D---- C:\Windows\system32\wdi
2013-05-08 10:08:39 ----D---- C:\Users\Matej\AppData\Roaming\vlc
2013-05-08 08:35:32 ----SHD---- C:\Windows\Installer
2013-05-08 08:35:00 ----D---- C:\Windows\system32\drivers
2013-05-08 08:35:00 ----D---- C:\Windows\System32
2013-05-08 08:34:55 ----D---- C:\Windows\inf
2013-05-08 08:34:53 ----D---- C:\Windows\system32\DriverStore
2013-05-08 08:33:59 ----D---- C:\Windows\SysWOW64
2013-05-08 08:33:56 ----D---- C:\Program Files (x86)\Common Files
2013-05-08 08:33:54 ----HD---- C:\ProgramData
2013-05-08 08:31:04 ----D---- C:\Windows\system32\config
2013-05-05 23:37:28 ----SD---- C:\Users\Matej\AppData\Roaming\Microsoft
2013-05-05 23:27:13 ----D---- C:\Windows\Tasks
2013-05-05 23:27:13 ----D---- C:\Windows\system32\wfp
2013-05-05 23:27:13 ----D---- C:\Windows\system32\CodeIntegrity
2013-05-05 23:27:13 ----D---- C:\Windows\system32\catroot2
2013-05-05 23:27:12 ----D---- C:\Users\Matej\AppData\Roaming\uTorrent
2013-05-05 23:27:12 ----D---- C:\Users\Matej\AppData\Roaming\GHISLER
2013-05-05 23:27:11 ----D---- C:\Windows\registration
2013-05-05 23:27:07 ----RSD---- C:\Windows\assembly
2013-05-05 09:37:57 ----D---- C:\Users\Matej\AppData\Roaming\ICQ
2013-05-04 01:18:32 ----D---- C:\Program Files (x86)\uTorrent
2013-05-03 06:51:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-02 08:25:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-04-29 11:46:58 ----D---- C:\ProgramData\Sony Ericsson
2013-04-29 11:46:46 ----D---- C:\Program Files (x86)\Sony Ericsson
2013-04-24 18:45:59 ----D---- C:\Windows\winsxs
2013-04-10 20:32:58 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-04-10 20:32:57 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-04-10 20:32:57 ----D---- C:\Windows\system32\sk-SK
2013-04-10 20:32:57 ----D---- C:\Windows\system32\cs-CZ
2013-04-10 19:47:09 ----A---- C:\Windows\system32\MRT.exe
2013-04-10 14:53:39 ----D---- C:\Program Files (x86)\Opera
2013-04-09 15:22:18 ----D---- C:\Windows\LiveKernelReports

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 CSCrySec;InfoWatch Encrypt Sector Library driver; C:\Windows\system32\DRIVERS\CSCrySec.sys [2011-06-02 84536]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-06-19 458584]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2012-01-29 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-12 283200]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 34032]
S1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2012-01-29 514560]
S1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [2011-06-02 66616]
S1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-02-14 213416]
S1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-01-10 150616]
S1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2012-11-02 613720]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2012-08-02 28504]
S1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2012-10-18 54104]
S1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2012-08-13 178008]
S1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 91568]
S2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-01-10 139768]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 5352960]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2; C:\Windows\system32\DRIVERS\aabed2.sys [2008-03-20 28672]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032e.sys [2009-06-10 278016]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-02-03 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-02-03 27760]
S3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2012-09-03 29016]
S3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2012-09-03 29528]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2009-12-04 20480]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDID1109;BR-800; C:\Windows\system32\Drivers\rdwm1109.sys [2010-02-22 198144]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2012-01-29 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\Windows\system32\DRIVERS\s0017bus.sys [2008-10-21 113704]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 19496]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 152616]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 133160]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\Windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 34856]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0017obex.sys [2008-10-21 128552]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\Windows\system32\DRIVERS\s0017unic.sys [2008-10-21 145960]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver; C:\Windows\system32\drivers\Synth3dVsc.sys [2012-01-29 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 952320]
S2 AVP;Kaspersky Anti-Virus Service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [2012-12-20 356968]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-01-29 27648]
S2 CSObjectsSrv;CryptoStorage control service; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2012-12-21 819040]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2013-03-21 1341664]
S2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-05-25 1564368]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-25 136176]
S2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
S2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2009-12-04 126520]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
S2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-08-15 75064]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-14 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2012-01-29 27648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-25 136176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2012-01-29 27648]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2012-01-29 27648]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-05-27 1255736]

-----------------EOF-----------------



INFO:
info.txt logfile of random's system information tool 1.09 2013-05-08 13:29:03

======Uninstall list======

-->C:\Program Files (x86)\Sony Ericsson\Update Engine\uninst.exe
-->D:\GOG.com\The Longest Journey\unins000.exe
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
7-Zip 9.20-->"C:\Program Files (x86)\7-Zip\Uninstall.exe"
ABBYY FineReader 11-->MsiExec.exe /I{F1100000-0009-0000-0001-074957833700}
abgx360 v1.0.6-->"C:\Program Files (x86)\abgx360\uninstall.exe"
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{FDB3B167-F4FA-461D-976F-286304A57B2A}
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_Plugin.exe -maintain plugin
Adobe Reader 8.1.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81100000003}
Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
Any Audio Converter 3.0.7-->"C:\Program Files (x86)\AnvSoft\Any Audio Converter\unins000.exe"
Any Video Converter 3.3.9-->"C:\Program Files (x86)\AnvSoft\Any Video Converter\unins000.exe"
AP Tuner 3.08-->"C:\Program Files (x86)\AP Tuner\AP Tuner 3.08\uninstall.exe"
Avanquest update-->"C:\Program Files (x86)\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe" -runfromtemp -l0x0009 -removeonly
BR-800 Driver-->C:\Program Files\RdDrv001\RDID0109\Uninstal.exe
Call Of Cthulhu DCoTE-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E4406ED3-B04C-44F1-ABB4-08775B74934F}\setup.exe" -l0x9
Catalyst Control Center - Branding-->MsiExec.exe /I{8D7133DE-27D2-47E5-B248-4180278D32AA}
Counter-Strike 1.6-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{13B792AA-C078-43A4-8A3A-8B12D629940D}\Setup.exe" -l0x19
DAEMON Tools Pro-->C:\Program Files (x86)\DAEMON Tools Pro\uninst.exe
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall
Google Earth-->MsiExec.exe /X{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Guard.ICQ-->"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /uninstall
Guitar Pro 5.0-->"C:\Program Files (x86)\Guitar Pro 5\unins000.exe"
Guitar Pro 6-->"C:\Program Files (x86)\Guitar Pro 6\unins000.exe"
HP LaserJet Professional M1130-M1210 MFP Series-->C:\Program Files\HP\HP LaserJet M1210 MFP Series\Uninstall.exe
HPSSupply-->MsiExec.exe /X{7902E313-FF0F-4493-ACB1-A8147B78DCD0}
ICQ7M-->"C:\Program Files (x86)\InstallShield Installation Information\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Java 7 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217021FF}
Kaspersky PURE 3.0-->MsiExec.exe /I{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}
Kaspersky PURE 3.0-->MsiExec.exe /I{D0702EE9-9DE4-419A-9C6C-4730B1C985BA} REMOVE=ALL
LEGO Racers-->C:\Windows\IsUninst.exe -f"D:\LEGO Racers\Uninst.isu"
Malwarebytes Anti-Malware verzia 1.75.0.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (English) 2007-->MsiExec.exe /X{90120000-002A-0409-1000-0000000FF1CE}
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0116-0409-1000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Mplayer.com-->C:\Program Files (x86)\Mplayer\System\Unwise32.exe /a C:\PROGRA~2\Mplayer\System\install.log
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 9 Lite-->C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="XM2C-80A4-3H0E-X8KW-K1AE-4853-7C1Z-UMK5"
Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
Nero Online Upgrade-->MsiExec.exe /X{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}
Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Opera 12.15-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall
PowerISO-->"C:\Program Files (x86)\PowerISO\uninstall.exe"
Quake Live Mozilla Plugin-->MsiExec.exe /I{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}
RAD Video Tools-->"C:\Program Files (x86)\RADVideo\uninstall.exe"
Scan To-->MsiExec.exe /I{E8A34AC8-0137-4515-A94B-0A0946DDC251}
Shutdown Timer 1.1-->"C:\Program Files (x86)\Shutdown Timer\unins000.exe"
Signal Ops-->"E:\GOG Games\Signal Ops\unins000.exe"
Soldat 1.6.3-->"C:\Soldat\unins000.exe"
Soldat 1.6.3-->"D:\Soldat\unins000.exe"
Sony Ericsson PC Suite 6.012.00-->"C:\Program Files (x86)\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\ISAdmin.exe" -runfromtemp -l0x0009 -removeonly
Sony Ericsson Update Engine-->C:\Program Files (x86)\Sony Ericsson\Update Engine\uninst.exe
Sony PC Companion 2.10.155-->"C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe" -runfromtemp -l0x0409 -removeonly
Source SDK Base 2007-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/218
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
System Requirements Lab Test-->MsiExec.exe /I{D62576C2-C084-4698-974A-5BE77714FDDD}
Tennis Critters-->C:\Windows\IsUninst.exe -f"C:\Program Files (x86)\Nerd Riot Games\Tennis Critters\Uninst.isu"
The Longest Journey-->"D:\GOG.com\The Longest Journey\unins000.exe"
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
VC80CRTRedist - 8.0.50727.6195-->MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}
WinRAR 4.11 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe
YTD Video Downloader 3.9.2-->"E:\Hudba\Nový priečinok\uninstall.exe"

======Hosts File======

127.0.0.1 localhost

======System event log======

Computer Name: Matej-PC
Event Code: 1014
Message: Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.
Record Number: 154954
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20130131034317.050980-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: Matej-PC
Event Code: 1014
Message: Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.
Record Number: 154752
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20130130173128.813545-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: Matej-PC
Event Code: 1014
Message: Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.
Record Number: 154507
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20130130131706.296145-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: Matej-PC
Event Code: 1014
Message: Name resolution for the name _bittorrent-tracker._tcp.adsl-d104.84-47-41.t-com.sk timed out after none of the configured DNS servers responded.
Record Number: 154402
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20130130113640.593385-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: Matej-PC
Event Code: 1014
Message: Name resolution for the name p4-dzrgplzdqeuay-z35okntr5ndmpo7b-906104-i1-v6exp3-v4.metric.gstatic.com timed out after none of the configured DNS servers responded.
Record Number: 154340
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20130130102042.988705-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

=====Application event log=====

Computer Name: Matej-PC
Event Code: 1130
Message: .NET Runtime Optimization Service (2.0.50727.5692) - Version or flavor did not match with repository: Microsoft.ApplicationId.Framework
Record Number: 145
Source Name: .NET Runtime Optimization Service
Time Written: 20120525145238.000000-000
Event Type: Warning
User:

Computer Name: Matej-PC
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 144
Source Name: Microsoft-Windows-WMI
Time Written: 20120525145237.000000-000
Event Type: Error
User:

Computer Name: Matej-PC
Event Code: 1130
Message: .NET Runtime Optimization Service (2.0.50727.5692) - Version or flavor did not match with repository: AuditPolicyGPManagedStubs.Interop
Record Number: 143
Source Name: .NET Runtime Optimization Service
Time Written: 20120525145230.000000-000
Event Type: Warning
User:

Computer Name: Matej-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-14853907-3517109280-1935836873-1000:
Process 476 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-14853907-3517109280-1935836873-1000

Record Number: 135
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20120525144954.798229-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Matej-PC
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 118
Source Name: Microsoft-Windows-WMI
Time Written: 20120525144719.000000-000
Event Type: Error
User:

=====Security event log=====

Computer Name: 37L4247F27-25
Event Code: 4735
Message: A security-enabled local group was changed.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247F27-25$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin

Changed Attributes:
SAM Account Name: -
SID History: -

Additional Information:
Privileges: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120525143920.880862-000
Event Type: Audit Success
User:

Computer Name: 37L4247F27-25
Event Code: 4731
Message: A security-enabled local group was created.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247F27-25$
Account Domain: WORKGROUP
Logon ID: 0x3e7

New Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin

Attributes:
SAM Account Name: Backup Operators
SID History: -

Additional Information:
Privileges: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120525143920.865262-000
Event Type: Audit Success
User:

Computer Name: 37L4247F27-25
Event Code: 4902
Message: The Per-user audit policy table was created.

Number of Elements: 0
Policy ID: 0x33a2c
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120525143920.381661-000
Event Type: Audit Success
User:

Computer Name: 37L4247F27-25
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Logon Type: 0

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x4
Process Name:

Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: -
Authentication Package: -
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120525143917.714056-000
Event Type: Audit Success
User:

Computer Name: 37L4247F27-25
Event Code: 4608
Message: Windows is starting up.

This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120525143917.573656-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 15 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=0f02
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"SAFEBOOT_OPTION"=MINIMAL

-----------------EOF-----------------



Ďakujem.

[vyosek]

Zdravim

Dva antiviry na jednom systemu nedelaji vzdy neplechu, proto mozna nemohou ani proskenovat disk. Udelame s nimi poradek a nainstalujem bezplatne (ale kvalitni) reseni

v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) projedte PC temito utilitami, at se zbavime zbytku antiviru co tam mate

• http://media.kaspersky.com/utilities/co ... emover.exe
• http://download.eset.com/special/ESETUninstaller.exe navod zde http://www.viry.cz/forum/viewtopic.php?p=889437#p889437

Nainstalujte Avast Free http://www.avast.com/cs-cz/index

Stahnete SecurityCheck http://screen317.spywareinfoforum.org/SecurityCheck.exe

• Ulozte nejlepe na Plochu
• Spustte tradicne dvouklikem a postupujte dle pokynu utility
• Po dokonceni skenu se vytvori a otevre log, ten mi sem vlozte

[smeagl]

Aj ked riskujem odtrhnutie ruk za robenie akcii navyse, podarilo sa mi dostat do windowsu. Spustil som kaspersky aby prebehol disky. Tak som odinstaloval oba antivirusy, isiel do usporneho rezimu, stiahol utility, a doodstranoval zvysky.

Momentalny stav: safe mode nedojde dalej ako po odkliknutie "safe mode", a pc sa zasekne. + v normale dochadzam po zadanie hesla uzivatela. tam to bud sekne, alebo obrazovka scerna.

Pripadam si uz ako na divokom zapade. To uz nenapravime ze? teda, vzdy je tu moznost preinstalovat windows.

[vyosek]

Smarja, co jste to tam provadel

Nefunguje zadny nouzovy rezim (se siti, bez site, MS-DOS)??

Zkuste jeste Posledni znama funkcni konfigurace