Pomaly PC

[Xero47]

cawte mam nasledujuci porblem. Pocitac ide strasne pomaly aj ked skoro nic nerobim je komplet vycisteny vymenena chladiaca pasta ale stale to robi co sa tyka programov tak smazim sa neinstalowat kazdu hlupost. registre si pravidelne cistim Ccleaner-om a programy odstranujem cez Your Uninstaler. Kamos ma este slabsi PC a jemu ide PC omnoho rychlejsie aj ked am viacej veci nainstalovanych
tu je log s RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Fero at 2010-02-21 11:49:00
Microsoft Windows 7 Ultimate Service Pack 3
System drive C: has 59 GB (59%) free of 100 GB
Total RAM: 1535 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:49:41, on 21. 2. 2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Winamp\winamp.exe
C:\Users\Fero\Desktop\RSIT.exe
C:\Program Files\trend micro\Fero.exe
C:\Windows\system32\Rundll32.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--
End of file - 4113 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-02-20 1471768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-26 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-02-20 2007320]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-04-21 24264488]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-12-03 429392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
C:\Program Files\Registry Mechanic\RMTray.exe /H []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSDMonitor]
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-26 149280]

C:\Users\Fero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86c92ab0-c14b-11de-bed1-001167aca73e}]
shell\AutoRun\command - J:\RunGame.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c742dcc7-c0d0-11de-87a1-806e6f6e6963}]
shell\AutoRun\command - E:\setup.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 2 months======

2010-02-21 11:35:37 ----D---- C:\Program Files\trend micro
2010-02-21 11:35:34 ----D---- C:\rsit
2010-02-20 23:16:28 ----D---- C:\Program Files\CCleaner
2010-02-20 22:34:38 ----HD---- C:\$AVG
2010-02-20 22:34:38 ----A---- C:\Windows\system32\avgrsstx.dll.old
2010-02-20 22:34:38 ----A---- C:\Windows\system32\avgrsstx.dll
2010-02-20 22:34:04 ----D---- C:\Program Files\AVG
2010-02-20 22:34:03 ----D---- C:\ProgramData\avg9
2010-02-10 08:28:53 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-02-10 08:28:53 ----A---- C:\Windows\system32\kernel32.dll
2010-02-10 08:28:52 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-02-10 08:28:52 ----A---- C:\Windows\system32\apphelp.dll
2010-02-10 08:28:44 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-10 08:28:44 ----A---- C:\Windows\system32\secproc.dll
2010-02-10 08:28:43 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-10 08:28:43 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-10 08:28:43 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-10 08:28:42 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-10 08:28:42 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-10 08:28:42 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-10 08:27:40 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-10 08:27:40 ----A---- C:\Windows\system32\quartz.dll
2010-02-10 08:27:40 ----A---- C:\Windows\system32\msyuv.dll
2010-02-10 08:27:40 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-10 08:27:40 ----A---- C:\Windows\system32\msrle32.dll
2010-02-10 08:27:40 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-10 08:27:40 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-10 08:27:40 ----A---- C:\Windows\system32\avifil32.dll
2010-02-01 20:31:08 ----D---- C:\Program Files\Adobe
2010-01-27 12:24:22 ----A---- C:\Windows\system32\winlogon.exe
2010-01-27 12:24:22 ----A---- C:\Windows\explorer.exe
2010-01-24 14:56:17 ----D---- C:\Program Files\Electronic Arts
2010-01-24 14:56:16 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-01-24 14:56:16 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-01-24 14:56:15 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-01-24 14:56:15 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-01-24 14:56:15 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-01-24 14:56:15 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-01-24 14:56:14 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-01-24 14:56:14 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-01-24 14:56:14 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-01-24 14:56:14 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-01-24 14:56:14 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-01-24 14:56:14 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-01-24 14:56:14 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-01-24 14:56:14 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-01-24 14:56:13 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-01-24 14:56:13 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-01-24 14:56:13 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-01-24 14:56:13 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-01-24 14:56:13 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-01-24 14:56:11 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-01-24 14:56:11 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-01-24 14:56:11 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-01-24 14:56:10 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-01-24 14:56:10 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-01-24 14:56:10 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-01-24 14:56:10 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-01-24 14:56:10 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-01-24 14:56:09 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-01-24 14:56:09 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-01-24 14:56:09 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-01-24 14:56:08 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-01-24 14:56:08 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-01-24 14:56:08 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-01-24 14:56:08 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-01-24 14:56:07 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-01-24 14:56:07 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-01-24 14:56:07 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-01-24 14:56:06 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-01-24 14:56:06 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-01-24 14:56:06 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-01-24 14:56:05 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-01-24 14:56:05 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-01-24 14:56:05 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-01-24 14:56:05 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-01-24 14:56:05 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-01-24 14:56:04 ----A---- C:\Windows\system32\xinput1_3.dll
2010-01-24 14:56:04 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-01-24 14:56:04 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-01-24 14:56:03 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-01-24 14:56:03 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-01-24 14:56:03 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-01-24 14:56:03 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-01-24 14:56:02 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-01-24 14:56:02 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-01-24 14:56:02 ----A---- C:\Windows\system32\d3dx10.dll
2010-01-24 14:56:01 ----A---- C:\Windows\system32\xinput1_2.dll
2010-01-24 14:56:01 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-01-24 14:56:01 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-01-24 14:56:01 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-01-24 14:56:01 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-01-24 14:56:00 ----A---- C:\Windows\system32\xinput1_1.dll
2010-01-24 14:56:00 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-01-24 14:56:00 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-01-24 14:55:49 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-01-24 14:55:49 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-01-24 14:55:49 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-01-24 14:55:48 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-01-24 14:55:48 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-01-24 14:55:47 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-01-24 14:50:23 ----D---- C:\Windows\system32\AGEIA
2010-01-24 14:50:22 ----D---- C:\Program Files\AGEIA Technologies
2010-01-24 00:07:41 ----D---- C:\Program Files\Rockstar Games
2010-01-23 23:51:28 ----AD---- C:\ProgramData\TEMP
2010-01-22 11:29:32 ----A---- C:\Windows\system32\mshtml.dll
2010-01-22 11:29:30 ----A---- C:\Windows\system32\ieframe.dll
2010-01-22 11:29:29 ----A---- C:\Windows\system32\wininet.dll
2010-01-22 11:29:29 ----A---- C:\Windows\system32\urlmon.dll
2010-01-22 11:29:29 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-01-22 11:29:29 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-14 21:50:38 ----D---- C:\ProgramData\Nero
2010-01-14 21:50:37 ----D---- C:\Program Files\Common Files\Nero
2010-01-13 22:07:48 ----D---- C:\Users\Fero\AppData\Roaming\Nero
2010-01-13 22:04:14 ----A---- C:\Windows\system32\MsiExec.exe.log
2010-01-13 22:02:45 ----D---- C:\Program Files\Nero
2010-01-13 21:58:03 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-01-13 21:58:02 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-01-13 09:56:53 ----A---- C:\Windows\system32\t2embed.dll
2010-01-13 09:56:53 ----A---- C:\Windows\system32\fontsub.dll
2010-01-08 22:43:27 ----A---- C:\debugoutput.txt
2010-01-08 22:43:22 ----D---- C:\Program Files\KillWinamp
2010-01-01 22:09:55 ----N---- C:\Windows\Setup1.exe
2010-01-01 22:09:54 ----A---- C:\Windows\ST6UNST.EXE
2010-01-01 12:27:28 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-01 10:52:27 ----A---- C:\Windows\system32\d3dx9_26.dll
2009-12-26 23:30:08 ----D---- C:\Windows\pss
2009-12-26 22:57:46 ----D---- C:\Program Files\THQ

======List of files/folders modified in the last 2 months======

2010-02-21 11:49:39 ----D---- C:\Windows\Prefetch
2010-02-21 11:49:37 ----D---- C:\Windows\Temp
2010-02-21 11:35:37 ----RD---- C:\Program Files
2010-02-21 11:23:58 ----D---- C:\Users\Fero\AppData\Roaming\Skype
2010-02-21 11:19:56 ----D---- C:\Windows\System32
2010-02-21 11:15:17 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-21 11:15:06 ----SHD---- C:\System Volume Information
2010-02-21 11:09:40 ----D---- C:\Windows\system32\drivers
2010-02-21 11:09:39 ----D---- C:\Windows\system32\config
2010-02-21 10:57:17 ----D---- C:\Users\Fero\AppData\Roaming\skypePM
2010-02-21 10:55:50 ----D---- C:\Windows
2010-02-21 00:03:47 ----D---- C:\Windows\system32\LogFiles
2010-02-21 00:00:39 ----D---- C:\Windows\debug
2010-02-20 22:54:57 ----SHD---- C:\Windows\Installer
2010-02-20 22:34:03 ----HD---- C:\ProgramData
2010-02-20 22:32:33 ----SD---- C:\Users\Fero\AppData\Roaming\Microsoft
2010-02-20 22:29:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-20 22:29:52 ----D---- C:\Windows\inf
2010-02-20 16:38:31 ----SD---- C:\ProgramData\Microsoft
2010-02-19 18:52:32 ----D---- C:\Program Files\Google
2010-02-16 10:00:56 ----D---- C:\Windows\system32\catroot2
2010-02-10 20:49:40 ----D---- C:\Windows\winsxs
2010-02-10 18:26:46 ----D---- C:\Windows\system32\catroot
2010-02-07 12:43:35 ----D---- C:\Program Files\JDownloader
2010-02-06 01:09:36 ----D---- C:\Program Files\EA GAMES
2010-02-01 20:31:14 ----D---- C:\ProgramData\Adobe
2010-02-01 20:31:14 ----D---- C:\Program Files\Common Files\Adobe
2010-02-01 20:26:20 ----A---- C:\Windows\system32\MRT.exe
2010-01-27 21:56:53 ----D---- C:\Windows\system32\DriverStore
2010-01-27 21:56:53 ----D---- C:\Program Files\Internet Explorer
2010-01-24 14:56:00 ----RSD---- C:\Windows\assembly
2010-01-24 14:55:34 ----D---- C:\Windows\Logs
2010-01-24 13:24:57 ----D---- C:\Program Files\Nokia
2010-01-24 13:24:44 ----D---- C:\Program Files\Common Files\Nokia
2010-01-24 00:07:18 ----D---- C:\Program Files\Common Files\InstallShield
2010-01-23 23:46:08 ----D---- C:\Program Files\Transformers Revenge of the Fallen - The Game
2010-01-23 22:54:39 ----D---- C:\Program Files\Mozilla Firefox
2010-01-22 16:16:17 ----D---- C:\Windows\SoftwareDistribution
2010-01-17 14:08:47 ----D---- C:\ProgramData\NVIDIA
2010-01-17 14:08:44 ----D---- C:\Windows\system32\spool
2010-01-17 14:08:41 ----D---- C:\Windows\system32\wbem
2010-01-17 13:32:35 ----D---- C:\Windows\LiveKernelReports
2010-01-17 13:32:06 ----D---- C:\Program Files\Common Files\microsoft shared
2010-01-17 13:32:05 ----D---- C:\Program Files\Common Files
2010-01-17 13:31:49 ----D---- C:\Program Files\QuickTime
2010-01-17 13:31:48 ----D---- C:\ProgramData\PC Suite
2010-01-17 13:31:12 ----HD---- C:\Windows\system32\GroupPolicy
2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-01-13 22:02:41 ----D---- C:\Windows\Cursors
2010-01-07 20:08:23 ----D---- C:\Windows\system32\wdi
2010-01-02 23:03:56 ----D---- C:\Windows\Downloaded Program Files
2010-01-02 23:00:28 ----D---- C:\Windows\system32\Tasks
2010-01-02 12:31:50 ----D---- C:\Program Files\Opera
2010-01-01 22:59:40 ----RSD---- C:\Windows\Fonts
2010-01-01 10:52:29 ----D---- C:\Windows\Microsoft.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-02-20 333192]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-02-21 28424]
R1 AvgTdiX;AVG Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-02-21 360584]
R1 blbdrive;blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys [2009-07-14 35328]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\Windows\System32\Drivers\dfsc.sys [2009-07-14 78336]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-07-14 32256]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys [2009-07-14 16896]
R1 RDPENCDD;@%systemroot%\system32\drivers\RDPENCDD.sys,-101; C:\Windows\system32\drivers\rdpencdd.sys [2009-07-14 6656]
R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2009-07-14 74240]
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys [2009-07-14 63488]
R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-14 9728]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:\Windows\system32\DRIVERS\lltdio.sys [2009-07-14 48128]
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys [2009-07-14 86528]
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2009-07-14 586752]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\Windows\system32\DRIVERS\rspndr.sys [2009-07-14 60928]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2009-07-14 34816]
R3 AmdK8;AMD K8 Processor Driver; C:\Windows\system32\DRIVERS\amdk8.sys [2009-07-14 55296]
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys [2009-07-14 69632]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BTHMODEM;Bluetooth Modem Communications Driver; C:\Windows\system32\DRIVERS\bthmodem.sys [2009-07-14 56320]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 CompositeBus;Composite Bus Enumerator Driver; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-07-14 31232]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2009-10-02 728648]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-07-14 304128]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\Windows\system32\DRIVERS\HDAudBus.sys [2009-07-14 108544]
R3 HidUsb;Microsoft HID Class Driver; C:\Windows\system32\DRIVERS\hidusb.sys [2009-07-14 24064]
R3 kbdhid;Keyboard HID Driver; C:\Windows\system32\DRIVERS\kbdhid.sys [2009-07-14 28160]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 monitor;Microsoft Monitor Class Function Driver Service; C:\Windows\system32\DRIVERS\monitor.sys [2009-07-14 23552]
R3 mouhid;Mouse HID Driver; C:\Windows\system32\DRIVERS\mouhid.sys [2009-07-14 26112]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2009-07-14 60416]
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2010-01-08 221184]
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2009-07-14 95744]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-09-27 9509832]
R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 49152]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2009-07-14 75264]
R3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys [2009-07-14 306688]
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2009-12-08 113664]
R3 tunnel;Microsoft Tunnel Miniport Adapter Driver; C:\Windows\system32\DRIVERS\tunnel.sys [2009-07-14 108544]
R3 umbus;UMBus Enumerator Driver; C:\Windows\system32\DRIVERS\umbus.sys [2009-07-14 39936]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\Windows\system32\DRIVERS\usbccgp.sys [2009-07-14 75264]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbehci.sys [2009-10-24 41984]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\Windows\system32\DRIVERS\usbhub.sys [2009-10-24 258560]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbohci.sys [2009-07-14 20480]
R3 USBSTOR;USB Mass Storage Driver; C:\Windows\system32\DRIVERS\USBSTOR.SYS [2009-07-14 74752]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
S3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-07-14 163328]
S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-07-14 9728]
S3 adp94xx;adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [2009-07-14 422976]
S3 adpahci;adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [2009-07-14 297552]
S3 adpu320;adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [2009-07-14 146512]
S3 agp440;Intel AGP Bus Filter; C:\Windows\system32\DRIVERS\agp440.sys [2009-07-14 53312]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 amdide;amdide; C:\Windows\system32\DRIVERS\amdide.sys [2009-07-14 14912]
S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-07-14 52736]
S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-07-14 79952]
S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-07-14 50176]
S3 arc;arc; C:\Windows\system32\DRIVERS\arc.sys [2009-07-14 76368]
S3 arcsas;arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [2009-07-14 86608]
S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbdx.sys [2009-07-13 430080]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\Windows\system32\DRIVERS\BrFiltLo.sys [2009-07-13 13568]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\Windows\system32\DRIVERS\BrFiltUp.sys [2009-07-13 5248]
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\Windows\System32\Drivers\Brserid.sys [2009-07-14 272128]
S3 BrSerWdm;Brother WDM Serial driver; C:\Windows\System32\Drivers\BrSerWdm.sys [2009-07-13 62336]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\Windows\System32\Drivers\BrUsbMdm.sys [2009-07-13 12160]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\Windows\System32\Drivers\BrUsbSer.sys [2009-07-13 11904]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 circlass;Consumer IR Devices; C:\Windows\system32\DRIVERS\circlass.sys [2009-07-14 37888]
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2009-07-14 14080]
S3 Compbatt;Compbatt; C:\Windows\system32\DRIVERS\compbatt.sys [2009-07-14 19024]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbdx.sys [2009-07-13 3100160]
S3 elxstor;elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [2009-07-14 453712]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [2009-07-14 7168]
S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2009-07-14 142336]
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys [2009-07-14 28160]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-07-14 46160]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\system32\DRIVERS\gagp30kx.sys [2009-07-14 57936]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-07-13 26624]
S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-14 21504]
S3 HidBth;Microsoft Bluetooth HID Miniport; C:\Windows\system32\DRIVERS\hidbth.sys [2009-07-14 91136]
S3 HidIr;Microsoft Infrared HID Driver; C:\Windows\system32\DRIVERS\hidir.sys [2009-07-14 37888]
S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-07-14 67152]
S3 iaStorV;iaStorV; C:\Windows\system32\DRIVERS\iaStorV.sys [2009-07-14 332352]
S3 iirsp;iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [2009-07-14 41040]
S3 intelide;intelide; C:\Windows\system32\DRIVERS\intelide.sys [2009-07-14 15424]
S3 intelppm;Intel Processor Driver; C:\Windows\system32\DRIVERS\intelppm.sys [2009-07-14 53760]
S3 IPMIDRV;IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [2009-07-14 65536]
S3 isapnp;isapnp; C:\Windows\system32\DRIVERS\isapnp.sys [2009-07-14 46656]
S3 iScsiPrt;iScsiPort Driver; C:\Windows\system32\DRIVERS\msiscsi.sys [2009-07-14 186960]
S3 LSI_FC;LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [2009-07-14 95824]
S3 LSI_SAS;LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [2009-07-14 89168]
S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]
S3 LSI_SCSI;LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [2009-07-14 96848]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2009-12-03 19160]
S3 megasas;megasas; C:\Windows\system32\DRIVERS\megasas.sys [2009-07-14 30800]
S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 235584]
S3 mpio;mpio; C:\Windows\system32\DRIVERS\mpio.sys [2009-07-14 130624]
S3 msahci;msahci; C:\Windows\system32\DRIVERS\msahci.sys [2009-07-14 27712]
S3 msdsm;msdsm; C:\Windows\system32\DRIVERS\msdsm.sys [2009-07-14 115792]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-07-14 4096]
S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2009-07-14 162896]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2009-07-14 6144]
S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-14 12288]
S3 NativeWifiP;NativeWiFi Filter; C:\Windows\system32\DRIVERS\nwifi.sys [2009-07-14 267264]
S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-14 27136]
S3 nfrd960;nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [2009-07-14 44624]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-10-06 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-10-06 8320]
S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\Windows\system32\DRIVERS\nv_agp.sys [2009-07-14 105024]
S3 nvraid;nvraid; C:\Windows\system32\DRIVERS\nvraid.sys [2009-07-14 117312]
S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy); C:\Windows\system32\DRIVERS\ohci1394.sys [2009-07-14 62464]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 ql2300;ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [2009-07-14 1383488]
S3 ql40xx;ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [2009-07-14 106064]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2009-07-14 31744]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sbp2port;sbp2port; C:\Windows\system32\DRIVERS\sbp2port.sys [2009-07-14 85568]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-07-14 26624]
S3 sermouse;Serial Mouse Driver; C:\Windows\system32\DRIVERS\sermouse.sys [2009-07-14 19968]
S3 sffdisk;SFF Storage Class Driver; C:\Windows\system32\DRIVERS\sffdisk.sys [2009-07-14 11264]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:\Windows\system32\DRIVERS\sffp_mmc.sys [2009-07-14 12288]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\Windows\system32\DRIVERS\sffp_sd.sys [2009-07-14 12800]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 SiSRaid2;SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [2009-07-14 40016]
S3 SiSRaid4;SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [2009-07-14 77888]
S3 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\Windows\system32\DRIVERS\smb.sys [2009-07-14 71168]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\Windows\system32\DRIVERS\snp2sxp.sys [2007-03-30 12033024]
S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TCPIP6;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2009-07-14 1285712]
S3 tssecsrv;@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101; C:\Windows\System32\DRIVERS\tssecsrv.sys [2009-07-14 30208]
S3 uagp35;Microsoft AGPv3.5 Filter; C:\Windows\system32\DRIVERS\uagp35.sys [2009-07-14 55888]
S3 uliagpkx;Uli AGP Bus Filter; C:\Windows\system32\DRIVERS\uliagpkx.sys [2009-07-14 57424]
S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-07-14 8192]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-07-14 80640]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys []
S3 usbcir;eHome Infrared Receiver (USBCIR); C:\Windows\system32\DRIVERS\usbcir.sys [2009-07-14 86016]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\Windows\system32\DRIVERS\usbprint.sys [2009-07-14 19968]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbuhci.sys [2009-07-14 24064]
S3 vga;vga; C:\Windows\system32\DRIVERS\vgapnp.sys [2009-07-14 26112]
S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-07-14 159824]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 vsmraid;vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [2009-07-14 141904]
S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys [2009-07-14 19968]
S3 WacomPen;Wacom Serial Pen HID Driver; C:\Windows\system32\DRIVERS\wacompen.sys [2009-07-14 21632]
S3 Wd;Wd; C:\Windows\system32\DRIVERS\wd.sys [2009-07-14 19024]
S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]
S3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2009-07-14 11264]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S4 crcdisk;Crcdisk Filter Driver; C:\Windows\system32\DRIVERS\crcdisk.sys [2009-07-14 22096]
S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; C:\Windows\system32\drivers\ws2ifsl.sys [2009-07-14 16384]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-02-20 285392]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-09-27 215656]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-07-14 3179520]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 WinDefend;@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files\Windows Media Player\wmpnetwk.exe [2009-07-14 1121280]
R2 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; C:\Windows\system32\SearchIndexer.exe [2009-07-14 428032]
R2 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2009-07-14 22528]
R3 netprofm;@%SystemRoot%\system32\netprofm.dll,-202; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
S3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-06-10 66384]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-07-14 22528]
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\Windows\ehome\ehRecvr.exe [2009-07-14 557056]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\Windows\ehome\ehsched.exe [2009-07-14 94720]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2009-07-14 522752]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2009-06-10 42856]
S3 idsvc;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2009-06-10 878416]
S3 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IPBusEnum;@%systemroot%\system32\IPBusEnum.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2009-07-14 12800]
S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2009-07-14 204800]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2009-07-14 35840]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-07-14 22528]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2009-07-14 452608]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-07-14 1202688]
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-12-03 276816]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]

-----------------EOF-----------------

[Rudy]

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[Xero47]

ComboFix 10-02-20.04 - Fero . 02. 2010 12:18:27.1.1 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1033.18.1535.646 [GMT 1:00]
Running from: c:\users\Fero\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-4203658064-3794158811-3199634120-1003
c:\users\Fero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2010-01-21 to 2010-02-21 )))))))))))))))))))))))))))))))
.

2010-02-21 11:29 . 2010-02-21 11:29 -------- d-----w- c:\users\Fero\AppData\Local\temp
2010-02-21 11:29 . 2010-02-21 11:29 -------- d-----w- c:\users\miro.Fero-PC\AppData\Local\temp
2010-02-21 10:35 . 2010-02-21 10:49 -------- d-----w- c:\program files\trend micro
2010-02-21 10:35 . 2010-02-21 10:36 -------- d-----w- C:\rsit
2010-02-21 10:09 . 2010-02-20 21:34 356616 ----a-w- c:\programdata\avg9\update\backup\avgtdix.sys
2010-02-21 10:09 . 2010-02-20 21:34 12464 ----a-w- c:\programdata\avg9\update\backup\avgrsstx.dll
2010-02-21 10:09 . 2010-02-20 21:34 161672 ----a-w- c:\programdata\avg9\update\backup\avgrkx86.sys
2010-02-21 10:09 . 2010-02-20 21:34 28424 ----a-w- c:\programdata\avg9\update\backup\avgmfx86.sys
2010-02-20 21:34 . 2010-02-20 21:34 -------- d-----w- c:\program files\AVG
2010-02-20 21:34 . 2010-02-20 21:34 -------- d-----w- c:\programdata\avg9
2010-02-18 17:28 . 2010-02-18 17:52 -------- d-----w- c:\users\miro.Fero-PC\AppData\Roaming\ICQ
2010-02-18 17:28 . 2010-02-18 17:28 -------- d-----w- c:\users\miro.Fero-PC\AppData\Local\AOL
2010-02-14 10:44 . 2010-02-14 10:44 84661 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{76932839-D6E8-5F72-37C1-418E832FF6C7}-uninstall_plugin.exe
2010-02-14 10:34 . 2010-02-14 10:34 3884312 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{94CC093F-CB18-F007-14D3-591500AAB34F}-NPSWF32.dll
2010-02-10 07:28 . 2009-12-08 11:40 3955288 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-10 07:28 . 2009-12-08 11:40 3899464 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-10 07:28 . 2009-12-08 11:32 292864 ----a-w- c:\windows\system32\apphelp.dll
2010-02-10 07:28 . 2010-01-18 23:29 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-10 07:28 . 2010-01-18 23:29 369152 ----a-w- c:\windows\system32\secproc.dll
2010-02-10 07:28 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-10 07:28 . 2010-01-18 23:28 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-10 07:28 . 2010-01-18 23:28 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-10 07:28 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-10 07:28 . 2010-01-18 23:28 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-10 07:28 . 2010-01-18 23:28 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-10 07:27 . 2009-12-08 08:05 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2010-02-10 07:27 . 2009-12-08 08:05 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-02-10 07:27 . 2009-12-19 09:02 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2010-02-10 07:27 . 2009-12-19 09:02 1328640 ----a-w- c:\windows\system32\quartz.dll
2010-02-10 07:27 . 2009-12-19 09:02 22016 ----a-w- c:\windows\system32\msyuv.dll
2010-02-10 07:27 . 2009-12-19 09:02 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-02-10 07:27 . 2009-12-19 09:02 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-02-10 07:27 . 2009-12-19 09:02 84480 ----a-w- c:\windows\system32\mciavi32.dll
2010-02-10 07:27 . 2009-12-19 09:02 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-02-10 07:27 . 2009-12-19 09:02 91648 ----a-w- c:\windows\system32\avifil32.dll
2010-02-10 07:27 . 2010-01-08 03:17 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-10 07:27 . 2010-01-08 03:18 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-07 13:46 . 2010-02-12 07:35 -------- d-----w- c:\users\miro.Fero-PC\AppData\Local\NFS Underground 2
2010-02-06 17:28 . 2010-02-06 17:28 -------- d-----w- c:\users\miro.Fero-PC\AppData\Roaming\Nero
2010-01-30 17:22 . 2010-01-30 17:22 -------- d-----w- c:\users\Fero\AppData\Local\AOL
2010-01-27 11:24 . 2009-10-31 05:45 2614272 ----a-w- c:\windows\explorer.exe
2010-01-27 11:24 . 2009-10-28 06:17 285696 ----a-w- c:\windows\system32\winlogon.exe
2010-01-27 11:23 . 2009-10-24 04:00 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2010-01-27 11:23 . 2009-10-24 03:58 41984 ----a-w- c:\windows\system32\drivers\usbehci.sys
2010-01-26 12:04 . 2010-01-26 12:04 -------- d-----w- c:\users\miro.Fero-PC\AppData\Local\Adobe
2010-01-24 13:50 . 2010-01-24 13:50 -------- d-----w- c:\windows\system32\AGEIA
2010-01-24 13:50 . 2010-01-24 13:50 -------- d-----w- c:\program files\AGEIA Technologies
2010-01-24 12:24 . 2010-01-24 12:24 -------- d-----w- c:\users\Fero\AppData\Local\NokiaAccount
2010-01-23 23:07 . 2010-01-23 23:07 -------- d-----w- c:\program files\Rockstar Games

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-21 11:29 . 2009-10-25 09:53 -------- d-----w- c:\users\Fero\AppData\Roaming\Skype
2010-02-21 10:15 . 2009-10-31 22:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-21 10:08 . 2010-02-20 21:34 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-02-21 10:08 . 2010-02-20 21:34 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-02-21 10:08 . 2010-02-20 21:34 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-02-21 10:07 . 2010-02-20 21:34 161800 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-02-21 09:57 . 2009-10-25 09:55 -------- d-----w- c:\users\Fero\AppData\Roaming\skypePM
2010-02-20 22:16 . 2010-02-20 22:16 -------- d-----w- c:\program files\CCleaner
2010-02-20 21:34 . 2010-02-20 21:34 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-02-20 21:34 . 2010-02-21 10:09 502040 ----a-w- c:\programdata\avg9\update\backup\avgrsx.exe
2010-02-20 21:34 . 2010-02-20 23:02 875288 ----a-w- c:\programdata\avg9\update\backup\avgupd.exe
2010-02-20 21:34 . 2010-02-20 23:02 1656088 ----a-w- c:\programdata\avg9\update\backup\avgupd.dll
2010-02-20 21:34 . 2010-02-20 23:02 798488 ----a-w- c:\programdata\avg9\update\backup\avginet.dll
2010-02-20 21:34 . 2010-02-20 23:02 610072 ----a-w- c:\programdata\avg9\update\backup\avgiproxy.exe
2010-02-20 21:29 . 2009-10-25 10:08 614314 ----a-w- c:\windows\system32\perfh005.dat
2010-02-20 21:29 . 2009-10-25 10:08 118486 ----a-w- c:\windows\system32\perfc005.dat
2010-02-19 17:52 . 2009-11-13 22:05 -------- d-----w- c:\program files\Google
2010-02-07 11:43 . 2009-11-13 21:47 -------- d-----w- c:\program files\JDownloader
2010-02-06 00:09 . 2009-11-15 11:16 -------- d-----w- c:\program files\EA GAMES
2010-02-01 19:31 . 2009-10-28 20:32 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-24 13:56 . 2010-01-24 13:56 -------- d-----w- c:\program files\Electronic Arts
2010-01-24 12:24 . 2009-11-21 12:31 -------- d-----w- c:\program files\Nokia
2010-01-24 12:24 . 2009-11-21 12:31 -------- d-----w- c:\program files\Common Files\Nokia
2010-01-23 23:07 . 2009-11-17 13:38 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-23 22:46 . 2009-11-07 13:06 -------- d-----w- c:\program files\Transformers Revenge of the Fallen - The Game
2010-01-23 14:39 . 2010-01-23 14:39 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-01-17 13:08 . 2009-10-25 10:12 -------- d-----w- c:\programdata\NVIDIA
2010-01-17 12:31 . 2010-01-08 21:43 -------- d-----w- c:\program files\KillWinamp
2010-01-17 12:31 . 2009-11-05 20:07 -------- d-----w- c:\program files\QuickTime
2010-01-17 12:31 . 2009-11-21 12:32 -------- d-----w- c:\programdata\PC Suite
2010-01-17 12:31 . 2010-01-06 11:23 -------- d-----w- c:\users\miro.Fero-PC\AppData\Roaming\DivX
2010-01-14 20:51 . 2010-01-14 20:50 -------- d-----w- c:\program files\Common Files\Nero
2010-01-14 20:50 . 2010-01-14 20:50 -------- d-----w- c:\programdata\Nero
2010-01-14 10:12 . 2009-10-25 10:11 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-13 21:07 . 2010-01-13 21:07 -------- d-----w- c:\users\Fero\AppData\Roaming\Nero
2010-01-13 21:02 . 2010-01-13 21:02 -------- d-----w- c:\program files\Nero
2010-01-06 11:23 . 2010-01-06 11:23 -------- d-----w- c:\users\miro.Fero-PC\AppData\Roaming\Media Player Classic
2010-01-04 07:31 . 2009-12-07 15:05 110360 ----a-w- c:\users\miro.Fero-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-02 11:31 . 2009-11-21 15:41 -------- d-----w- c:\program files\Opera
2010-01-01 22:10 . 2009-10-24 19:20 110360 ----a-w- c:\users\Fero\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-01 21:09 . 2010-01-01 21:09 253952 ------w- c:\windows\Setup1.exe
2010-01-01 21:09 . 2010-01-01 21:09 74752 ----a-w- c:\windows\ST6UNST.EXE
2010-01-01 11:27 . 2010-01-01 11:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-30 18:12 . 2009-11-15 11:43 16 ----a-w- c:\windows\popcinfo.dat
2009-12-26 21:57 . 2009-12-26 21:57 -------- d-----w- c:\program files\THQ
2009-12-24 18:21 . 2009-12-24 18:21 -------- d-----w- c:\users\miro.Fero-PC\AppData\Roaming\PC Suite
2009-12-19 09:02 . 2010-01-22 10:29 977920 ----a-w- c:\windows\system32\wininet.dll
2009-12-12 22:36 . 2009-12-12 22:36 12212040 ----a-w- c:\programdata\OviInstallerCache\{82E16F2D-804A-4990-BEEF-C9DB44AE844B}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2009-12-12 22:36 . 2009-12-12 22:36 13930312 ----a-w- c:\programdata\OviInstallerCache\{82E16F2D-804A-4990-BEEF-C9DB44AE844B}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2009-12-12 22:36 . 2009-12-12 22:36 77824 ----a-w- c:\programdata\OviInstallerCache\{82E16F2D-804A-4990-BEEF-C9DB44AE844B}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2009-12-12 22:36 . 2009-12-12 22:36 61440 ----a-w- c:\programdata\OviInstallerCache\{82E16F2D-804A-4990-BEEF-C9DB44AE844B}\Installer\CommonCustomActions\WMF11Runx86.exe
2009-12-12 22:36 . 2009-12-12 22:36 58880 ----a-w- c:\programdata\OviInstallerCache\{82E16F2D-804A-4990-BEEF-C9DB44AE844B}\Installer\CommonCustomActions\WMF11Runx64.exe
2009-12-12 22:36 . 2009-12-12 22:36 50000 ----a-w- c:\programdata\OviInstallerCache\{82E16F2D-804A-4990-BEEF-C9DB44AE844B}\Installer\CommonCustomActions\pcswpc.exe
2009-12-12 22:35 . 2009-12-12 22:35 94628904 ----a-w- c:\programdata\OviInstallerCache\{82E16F2D-804A-4990-BEEF-C9DB44AE844B}\Nokia_Ovi_Suite_PCS_Update.exe
2009-12-12 22:18 . 2009-12-12 22:18 95232 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe
2009-12-12 22:18 . 2009-12-12 22:18 8192 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe
2009-12-12 22:18 . 2009-12-12 22:18 61440 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-12-12 22:18 . 2009-12-12 22:18 10240 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe
2009-12-12 22:17 . 2009-12-12 22:18 33863976 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_slk.exe
2009-12-07 20:46 . 2009-12-07 20:46 36864 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2009-12-07 20:46 . 2009-12-07 20:46 3351812 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2009-12-07 20:46 . 2009-12-07 20:46 3203453 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe
2009-12-07 20:45 . 2009-12-07 20:47 24570640 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_sk.exe
2009-12-03 15:14 . 2010-01-01 11:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 15:13 . 2010-01-01 11:27 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-04-21 24264488]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-12-11 14:57 948672 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2009-12-03 15:14 429392 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-26 19:36 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

R0 AvgRkx86;avgrkx86.sys;c:\windows\System32\drivers\avgrkx86.sys [20. 2. 2010 22:34 161800]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [20. 2. 2010 22:34 333192]
R1 AvgTdiX;AVG Network Redirector;c:\windows\System32\drivers\avgtdix.sys [20. 2. 2010 22:34 360584]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [20. 2. 2010 22:34 285392]
S3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [1. 1. 2010 12:27 19160]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\System32\drivers\nmwcdnsu.sys [6. 10. 2009 11:56 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\System32\drivers\nmwcdnsuc.sys [6. 10. 2009 11:56 8320]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Fero\AppData\Roaming\Mozilla\Firefox\Profiles\t0agbaw9.default\
FF - prefs.js: browser.startup.homepage - google.sk
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
MSConfigStartUp-RegistryMechanic - c:\program files\Registry Mechanic\RMTray.exe
MSConfigStartUp-SSDMonitor - c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe


.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-02-21 12:32:48
ComboFix-quarantined-files.txt 2010-02-21 11:32

Pre-Run: 61 972 295 680 bytes free
Post-Run: Volných bajtů: 61 773 000 704

- - End Of File - - 5F933246DB2164BF7D3D515DB1EC86E4

[Rudy]

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Collect::
C:\Windows\system32\DRIVERS\blbdrive.sys

Driver::
blbdrive

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[Xero47]

no tu je log

ComboFix 10-02-20.04 - Fero . 02. 2010 12:56:14.2.1 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1033.18.1535.589 [GMT 1:00]
Running from: c:\users\Fero\Desktop\ComboFix.exe
Command switches used :: c:\users\Fero\Desktop\CFScript.txt
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\DRIVERS\blbdrive.sys

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_blbdrive


((((((((((((((((((((((((( Files Created from 2010-01-21 to 2010-02-21 )))))))))))))))))))))))))))))))
.

2010-02-21 12:09 . 2010-02-21 12:12 -------- d-----w- c:\users\Fero\AppData\Local\temp
2010-02-21 12:09 . 2010-02-21 12:09 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-02-21 12:09 . 2010-02-21 12:09 -------- d-----w- c:\users\Miro\AppData\Local\temp
2010-02-21 12:09 . 2010-02-21 12:09 -------- d-----w- c:\users\miro.Fero-PC\AppData\Local\temp
2010-02-21 12:09 . 2010-02-21 12:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-21 11:53 . 2010-02-21 11:54 -------- d-----w- C:\32788R22FWJFW
2010-02-21 10:35 . 2010-02-21 10:49 -------- d-----w- c:\program files\trend micro
2010-02-21 10:35 . 2010-02-21 10:36 -------- d-----w- C:\rsit
2010-02-21 10:09 . 2010-02-20 21:34 356616 ----a-w- c:\programdata\avg9\update\backup\avgtdix.sys
2010-02-21 10:09 . 2010-02-20 21:34 12464 ----a-w- c:\programdata\avg9\update\backup\avgrsstx.dll
2010-02-21 10:09 . 2010-02-20 21:34 161672 ----a-w- c:\programdata\avg9\update\backup\avgrkx86.sys
2010-02-21 10:09 . 2010-02-20 21:34 28424 ----a-w- c:\programdata\avg9\update\backup\avgmfx86.sys
2010-02-20 21:34 . 2010-02-20 21:34 -------- d-----w- c:\program files\AVG
2010-02-20 21:34 . 2010-02-20 21:34 -------- d-----w- c:\programdata\avg9
2010-02-18 17:28 . 2010-02-18 17:52 -------- d-----w- c:\users\miro.Fero-PC\AppData\Roaming\ICQ
2010-02-18 17:28 . 2010-02-18 17:28 -------- d-----w- c:\users\miro.Fero-PC\AppData\Local\AOL
2010-02-14 10:44 . 2010-02-14 10:44 84661 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{76932839-D6E8-5F72-37C1-418E832FF6C7}-uninstall_plugin.exe
2010-02-14 10:34 . 2010-02-14 10:34 3884312 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{94CC093F-CB18-F007-14D3-591500AAB34F}-NPSWF32.dll
2010-02-10 07:28 . 2009-12-08 11:40 3955288 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-10 07:28 . 2009-12-08 11:40 3899464 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-10 07:28 . 2009-12-08 11:32 292864 ----a-w- c:\windows\system32\apphelp.dll
2010-02-10 07:28 . 2010-01-18 23:29 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-10 07:28 . 2010-01-18 23:29 369152 ----a-w- c:\windows\system32\secproc.dll
2010-02-10 07:28 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-10 07:28 . 2010-01-18 23:28 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-10 07:28 . 2010-01-18 23:28 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-10 07:28 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-10 07:28 . 2010-01-18 23:28 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-10 07:28 . 2010-01-18 23:28 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-10 07:27 . 2009-12-08 08:05 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2010-02-10 07:27 . 2009-12-08 08:05 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-02-10 07:27 . 2009-12-19 09:02 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2010-02-10 07:27 . 2009-12-19 09:02 1328640 ----a-w- c:\windows\system32\quartz.dll
2010-02-10 07:27 . 2009-12-19 09:02 22016 ----a-w- c:\windows\system32\msyuv.dll
2010-02-10 07:27 . 2009-12-19 09:02 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-02-10 07:27 . 2009-12-19 09:02 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-02-10 07:27 . 2009-12-19 09:02 84480 ----a-w- c:\windows\system32\mciavi32.dll
2010-02-10 07:27 . 2009-12-19 09:02 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-02-10 07:27 . 2009-12-19 09:02 91648 ----a-w- c:\windows\system32\avifil32.dll
2010-02-10 07:27 . 2010-01-08 03:17 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-10 07:27 . 2010-01-08 03:18 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-07 13:46 . 2010-02-12 07:35 -------- d-----w- c:\users\miro.Fero-PC\AppData\Local\NFS Underground 2
2010-02-06 17:28 . 2010-02-06 17:28 -------- d-----w- c:\users\miro.Fero-PC\AppData\Roaming\Nero
2010-01-30 17:22 . 2010-01-30 17:22 -------- d-----w- c:\users\Fero\AppData\Local\AOL
2010-01-27 11:24 . 2009-10-31 05:45 2614272 ----a-w- c:\windows\explorer.exe
2010-01-27 11:24 . 2009-10-28 06:17 285696 ----a-w- c:\windows\system32\winlogon.exe
2010-01-27 11:23 . 2009-10-24 04:00 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2010-01-27 11:23 . 2009-10-24 03:58 41984 ----a-w- c:\windows\system32\drivers\usbehci.sys
2010-01-26 12:04 . 2010-01-26 12:04 -------- d-----w- c:\users\miro.Fero-PC\AppData\Local\Adobe
2010-01-24 13:50 . 2010-01-24 13:50 -------- d-----w- c:\windows\system32\AGEIA
2010-01-24 13:50 . 2010-01-24 13:50 -------- d-----w- c:\program files\AGEIA Technologies
2010-01-24 12:24 . 2010-01-24 12:24 -------- d-----w- c:\users\Fero\AppData\Local\NokiaAccount
2010-01-23 23:07 . 2010-01-23 23:07 -------- d-----w- c:\program files\Rockstar Games

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-21 12:12 . 2009-10-25 09:53 -------- d-----w- c:\users\Fero\AppData\Roaming\Skype
2010-02-21 10:15 . 2009-10-31 22:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-21 10:08 . 2010-02-20 21:34 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-02-21 10:08 . 2010-02-20 21:34 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-02-21 10:08 . 2010-02-20 21:34 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-02-21 10:07 . 2010-02-20 21:34 161800 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-02-21 09:57 . 2009-10-25 09:55 -------- d-----w- c:\users\Fero\AppData\Roaming\skypePM
2010-02-20 22:16 . 2010-02-20 22:16 -------- d-----w- c:\program files\CCleaner
2010-02-20 21:34 . 2010-02-20 21:34 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-02-20 21:34 . 2010-02-21 10:09 502040 ----a-w- c:\programdata\avg9\update\backup\avgrsx.exe
2010-02-20 21:34 . 2010-02-20 23:02 875288 ----a-w- c:\programdata\avg9\update\backup\avgupd.exe
2010-02-20 21:34 . 2010-02-20 23:02 1656088 ----a-w- c:\programdata\avg9\update\backup\avgupd.dll
2010-02-20 21:34 . 2010-02-20 23:02 798488 ----a-w- c:\programdata\avg9\update\backup\avginet.dll
2010-02-20 21:34 . 2010-02-20 23:02 610072 ----a-w- c:\programdata\avg9\update\backup\avgiproxy.exe
2010-02-20 21:29 . 2009-10-25 10:08 614314 ----a-w- c:\windows\system32\perfh005.dat
2010-02-20 21:29 . 2009-10-25 10:08 118486 ----a-w- c:\windows\system32\perfc005.dat
2010-02-19 17:52 . 2009-11-13 22:05 -------- d-----w- c:\program files\Google
2010-02-07 11:43 . 2009-11-13 21:47 -------- d-----w- c:\program files\JDownloader
2010-02-06 00:09 . 2009-11-15 11:16 -------- d-----w- c:\program files\EA GAMES
2010-02-01 19:31 . 2009-10-28 20:32 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-24 13:56 . 2010-01-24 13:56 -------- d-----w- c:\program files\Electronic Arts
2010-01-24 12:24 . 2009-11-21 12:31 -------- d-----w- c:\program files\Nokia
2010-01-24 12:24 . 2009-11-21 12:31 -------- d-----w- c:\program files\Common Files\Nokia
2010-01-23 23:07 . 2009-11-17 13:38 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-23 22:46 . 2009-11-07 13:06 -------- d-----w- c:\program files\Transformers Revenge of the Fallen - The Game
2010-01-23 14:39 . 2010-01-23 14:39 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-01-17 13:08 . 2009-10-25 10:12 -------- d-----w- c:\programdata\NVIDIA
2010-01-17 12:31 . 2010-01-08 21:43 -------- d-----w- c:\program files\KillWinamp
2010-01-17 12:31 . 2009-11-05 20:07 -------- d-----w- c:\program files\QuickTime
2010-01-17 12:31 . 2009-11-21 12:32 -------- d-----w- c:\programdata\PC Suite
2010-01-17 12:31 . 2010-01-06 11:23 -------- d-----w- c:\users\miro.Fero-PC\AppData\Roaming\DivX
2010-01-14 20:51 . 2010-01-14 20:50 -------- d-----w- c:\program files\Common Files\Nero
2010-01-14 20:50 . 2010-01-14 20:50 -------- d-----w- c:\programdata\Nero
2010-01-14 10:12 . 2009-10-25 10:11 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-13 21:07 . 2010-01-13 21:07 -------- d-----w- c:\users\Fero\AppData\Roaming\Nero
2010-01-13 21:02 . 2010-01-13 21:02 -------- d-----w- c:\program files\Nero
2010-01-06 11:23 . 2010-01-06 11:23 -------- d-----w- c:\users\miro.Fero-PC\AppData\Roaming\Media Player Classic
2010-01-04 07:31 . 2009-12-07 15:05 110360 ----a-w- c:\users\miro.Fero-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-02 11:31 . 2009-11-21 15:41 -------- d-----w- c:\program files\Opera
2010-01-01 22:10 . 2009-10-24 19:20 110360 ----a-w- c:\users\Fero\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-01 21:09 . 2010-01-01 21:09 253952 ------w- c:\windows\Setup1.exe
2010-01-01 21:09 . 2010-01-01 21:09 74752 ----a-w- c:\windows\ST6UNST.EXE
2010-01-01 11:27 . 2010-01-01 11:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-30 18:12 . 2009-11-15 11:43 16 ----a-w- c:\windows\popcinfo.dat
2009-12-26 21:57 . 2009-12-26 21:57 -------- d-----w- c:\program files\THQ
2009-12-24 18:21 . 2009-12-24 18:21 -------- d-----w- c:\users\miro.Fero-PC\AppData\Roaming\PC Suite
2009-12-19 09:02 . 2010-01-22 10:29 977920 ----a-w- c:\windows\system32\wininet.dll
2009-12-12 22:36 . 2009-12-12 22:36 12212040 ----a-w- c:\programdata\OviInstallerCache\{82E16F2D-804A-4990-BEEF-C9DB44AE844B}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2009-12-12 22:36 . 2009-12-12 22:36 13930312 ----a-w- c:\programdata\OviInstallerCache\{82E16F2D-804A-4990-BEEF-C9DB44AE844B}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2009-12-12 22:36 . 2009-12-12 22:36 77824 ----a-w- c:\programdata\OviInstallerCache\{82E16F2D-804A-4990-BEEF-C9DB44AE844B}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2009-12-12 22:36 . 2009-12-12 22:36 61440 ----a-w- c:\programdata\OviInstallerCache\{82E16F2D-804A-4990-BEEF-C9DB44AE844B}\Installer\CommonCustomActions\WMF11Runx86.exe
2009-12-12 22:36 . 2009-12-12 22:36 58880 ----a-w- c:\programdata\OviInstallerCache\{82E16F2D-804A-4990-BEEF-C9DB44AE844B}\Installer\CommonCustomActions\WMF11Runx64.exe
2009-12-12 22:36 . 2009-12-12 22:36 50000 ----a-w- c:\programdata\OviInstallerCache\{82E16F2D-804A-4990-BEEF-C9DB44AE844B}\Installer\CommonCustomActions\pcswpc.exe
2009-12-12 22:35 . 2009-12-12 22:35 94628904 ----a-w- c:\programdata\OviInstallerCache\{82E16F2D-804A-4990-BEEF-C9DB44AE844B}\Nokia_Ovi_Suite_PCS_Update.exe
2009-12-12 22:18 . 2009-12-12 22:18 95232 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe
2009-12-12 22:18 . 2009-12-12 22:18 8192 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe
2009-12-12 22:18 . 2009-12-12 22:18 61440 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-12-12 22:18 . 2009-12-12 22:18 10240 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe
2009-12-12 22:17 . 2009-12-12 22:18 33863976 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_slk.exe
2009-12-07 20:46 . 2009-12-07 20:46 36864 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2009-12-07 20:46 . 2009-12-07 20:46 3351812 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2009-12-07 20:46 . 2009-12-07 20:46 3203453 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe
2009-12-07 20:45 . 2009-12-07 20:47 24570640 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_sk.exe
2009-12-03 15:14 . 2010-01-01 11:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 15:13 . 2010-01-01 11:27 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((( SnapShot@2010-02-21_11.29.37 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:55 . 2010-02-21 12:13 37262 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-10-24 19:14 . 2010-02-20 21:03 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-10-24 19:14 . 2010-02-21 09:58 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-10-24 19:14 . 2010-02-20 21:03 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-10-24 19:14 . 2010-02-21 09:58 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:41 . 2010-02-21 09:58 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:41 . 2010-02-20 21:03 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-10-25 09:49 . 2010-02-21 12:12 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-10-25 09:49 . 2010-02-21 09:57 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-10-25 09:49 . 2010-02-21 09:57 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-10-25 09:49 . 2010-02-21 12:12 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-10-25 09:49 . 2010-02-21 12:12 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-10-25 09:49 . 2010-02-21 09:57 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-10-25 09:49 . 2010-02-21 09:57 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-10-25 09:49 . 2010-02-21 12:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-10-25 09:49 . 2010-02-21 09:57 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-10-25 09:49 . 2010-02-21 12:12 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-10-25 09:49 . 2010-02-21 09:57 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-10-25 09:49 . 2010-02-21 12:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-02-21 09:55 . 2010-02-21 09:55 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-02-21 09:55 . 2010-02-21 12:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-02-21 09:55 . 2010-02-21 09:55 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-02-21 09:55 . 2010-02-21 12:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 04:33 . 2010-02-21 12:11 412040 c:\windows\System32\FNTCACHE.DAT
- 2009-07-14 04:33 . 2010-02-20 21:01 412040 c:\windows\System32\FNTCACHE.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-04-21 24264488]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-12-11 14:57 948672 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2009-12-03 15:14 429392 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-26 19:36 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

R0 AvgRkx86;avgrkx86.sys;c:\windows\System32\drivers\avgrkx86.sys [20. 2. 2010 22:34 161800]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [20. 2. 2010 22:34 333192]
R1 AvgTdiX;AVG Network Redirector;c:\windows\System32\drivers\avgtdix.sys [20. 2. 2010 22:34 360584]
S3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [1. 1. 2010 12:27 19160]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\System32\drivers\nmwcdnsu.sys [6. 10. 2009 11:56 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\System32\drivers\nmwcdnsuc.sys [6. 10. 2009 11:56 8320]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Fero\AppData\Roaming\Mozilla\Firefox\Profiles\t0agbaw9.default\
FF - prefs.js: browser.startup.homepage - google.sk
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(1200)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_slk.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AVG\AVG9\avgwdsvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\AVG\AVG9\avgam.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Completion time: 2010-02-21 13:17:05 - machine was rebooted
ComboFix-quarantined-files.txt 2010-02-21 12:17
ComboFix2.txt 2010-02-21 11:32

Pre-Run: 61 868 519 424 bytes free
Post-Run: 61 728 366 592 bytes free

- - End Of File - - 0873911B53DD9A9C9B565BAB2D0187D7

[Rudy]

Log již vypadá čistý. Nastala nějaká změna?

[Xero47]

vyplo mi to spustanie AVG pri starte je to v poriadku?

[Rudy]

Nemělo by to být. Zkuste: Start>spustit>(napsat) services.msc>OK. Ve službách zkontrolujte všechny, které patří AVG, zda jsou nastaveny na "Automaticky". Pokud ne, nastavte.