VIRY.CZ

Dobrý den, mám problém s notebookem, několik minut trvá, než po startu Windows Vista
dojde ke zobrazení jednotlivých účtů, a také vyskakovala nějaká okna při spuštění IE. Stáhnul a spustil jsem ComboFix, ten však nefungoval, tak jsem ho musel spustit v režimu kompatibility WinXP, teď již funguje, ale nevím co logem, pořád se tam objevuje: c:\windows\system32\srsvc.dll . . . je infikován!!. Program RSIT mi nejde stáhnout. Přikládám log z Combofixu a prosím o radu.

ComboFix 10-03-16.01 - Admin 16.03.2010 22:12:28.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.420.1029.18.3066.1991 [GMT 1:00]
Spuštěný z: c:\users\Admin\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\license.rtf

c:\windows\system32\srsvc.dll . . . je infikován!!

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-16 do 2010-03-16 )))))))))))))))))))))))))))))))
.

2010-03-16 20:41 . 2010-03-16 21:27 -------- d-----w- c:\users\Admin\AppData\Local\temp
2010-03-16 20:41 . 2010-03-16 20:41 -------- d-----w- c:\users\Olga\AppData\Local\temp
2010-03-16 19:05 . 2010-03-16 19:05 -------- d-----w- c:\users\Public\AppData
2010-03-11 16:25 . 2010-02-20 23:39 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-03-11 16:24 . 2010-02-20 21:18 411136 ----a-w- c:\windows\system32\drivers\http.sys
2010-03-11 16:24 . 2010-02-20 23:37 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-02-24 17:50 . 2010-01-23 09:44 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-24 17:50 . 2010-01-25 08:35 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-24 17:50 . 2010-01-25 08:34 511488 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-24 17:50 . 2010-01-25 12:48 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-24 17:50 . 2010-01-25 12:48 472064 ----a-w- c:\windows\system32\secproc.dll
2010-02-24 17:50 . 2010-01-25 08:35 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-24 17:50 . 2010-01-25 08:34 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-24 17:50 . 2010-01-25 12:48 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-24 17:50 . 2010-01-25 12:48 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-24 17:50 . 2010-01-25 12:45 329216 ----a-w- c:\windows\system32\msdrm.dll
2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-16 21:08 . 2008-01-21 06:46 598832 ----a-w- c:\windows\system32\perfh005.dat
2010-03-16 21:08 . 2008-01-21 06:46 114992 ----a-w- c:\windows\system32\perfc005.dat
2010-03-15 20:37 . 2009-07-15 16:27 -------- d-----w- c:\program files\Fotolab
2010-03-15 20:29 . 2009-05-23 14:59 -------- d-----w- c:\program files\Webteh
2010-03-15 20:18 . 2009-08-29 18:57 -------- dc-h--w- c:\programdata\{FB94CE54-2703-4BFF-8E94-A0AD14C0FA22}
2010-03-15 20:11 . 2009-04-22 17:59 97456 ----a-w- c:\users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-11 21:28 . 2009-05-06 13:26 -------- d-----w- c:\users\Olga\AppData\Roaming\Skype
2010-03-11 17:19 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-03-11 16:25 . 2009-05-06 13:30 -------- d-----w- c:\users\Olga\AppData\Roaming\skypePM
2010-03-03 18:19 . 2008-07-22 11:06 -------- d-----w- c:\program files\Picasa2
2010-02-25 17:12 . 2009-04-23 18:26 97456 ----a-w- c:\users\Olga\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 08:16 . 2009-10-02 17:17 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-09 17:18 . 2008-07-22 11:06 -------- d-----w- c:\program files\Google
2010-01-29 17:30 . 2010-01-29 17:30 509552 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb891E.tmp.exe
2009-12-28 12:35 . 2010-02-10 16:52 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-28 12:35 . 2010-02-10 16:52 1314816 ----a-w- c:\windows\system32\quartz.dll
2009-12-28 12:32 . 2010-02-10 16:52 22528 ----a-w- c:\windows\system32\msyuv.dll
2009-12-28 12:32 . 2010-02-10 16:52 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-28 12:32 . 2010-02-10 16:52 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-12-28 12:32 . 2010-02-10 16:52 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-28 12:31 . 2010-02-10 16:52 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-28 12:31 . 2010-02-10 16:52 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-28 12:28 . 2010-02-10 16:52 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-12-28 12:28 . 2010-02-10 16:52 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-12-18 13:05 . 2010-01-22 20:59 833024 ----a-w- c:\windows\system32\wininet.dll
2009-12-18 13:01 . 2010-01-22 20:59 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-12-18 11:01 . 2009-12-18 11:01 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-18 10:14 . 2010-01-22 20:59 26624 ----a-w- c:\windows\system32\ieUnatt.exe
.

------- Sigcheck -------

[-] 2008-01-21 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\System32\drivers\asyncmac.sys


[-] 2008-01-21 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\System32\drivers\null.sys

[-] 2008-01-21 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\System32\browser.dll

[-] 2009-06-15 . A911ECAC81F94ADEAFBE8E3F7873EDB0 . 9728 . . [6.0.6000.16386] . . c:\windows\System32\lsass.exe

[-] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\System32\netman.dll

[-] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll
[-] 2008-01-21 . 02ED7B4DBC2A3232A389106DA7515C3D . 758272 . . [7.0.6001.18000] . . c:\windows\System32\qmgr.dll

[-] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6002.18005] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_6bb655083b01c988\rpcss.dll
[-] 2009-03-03 . 301AE00E12408650BADDC04DBC832830 . 551424 . . [6.0.6000.16386] . . c:\windows\System32\rpcss.dll

[-] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[-] 2008-01-21 . 2B336AB6286D6C81FA02CBAB914E3C6C . 279040 . . [6.0.6000.16386] . . c:\windows\System32\services.exe

[-] 2009-04-11 . 524BFBEA40E6E404737CCBC754647A2E . 127488 . . [6.0.6000.16386] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[-] 2008-01-21 . 846CDF9A3CF4DA9B306ADFB7D55EE4C2 . 125952 . . [6.0.6000.16386] . . c:\windows\System32\spoolsv.exe

[-] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[-] 2008-01-21 . C2610B6BDBEFC053BBDAB4F1B965CB24 . 314880 . . [6.0.6001.18000] . . c:\windows\System32\winlogon.exe

[-] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
[-] 2008-01-21 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] . . c:\windows\System32\comctl32.dll

[-] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[-] 2008-01-21 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6000.16386] . . c:\windows\System32\cryptsvc.dll

[-] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_0ed918294edf6b75\es.dll
[-] 2008-04-18 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] . . c:\windows\System32\es.dll

[-] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll
[-] 2008-01-21 . EC17194A193CD8E90D27CFB93DFA9A2E . 114688 . . [6.0.6001.18000] . . c:\windows\System32\imm32.dll

[-] 2009-04-11 . BB8509089E7DF514310814E1B2593FFC . 891392 . . [6.0.6001.18000] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll
[-] 2009-02-13 . DB6E3731E6F5C8AE2843F80B5787F7C6 . 888832 . . [6.0.6001.18000] . . c:\windows\System32\kernel32.dll

[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\System32\linkinfo.dll

[-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\System32\lpk.dll

[-] 2009-12-18 . 804BEB97942AFDD90A0418DDB4EF8342 . 3585024 . . [7.00.6000.16386] . . c:\windows\System32\mshtml.dll
[-] 2009-04-11 . A4D04D404AFC1D30EDA01EE50D27AA51 . 3596288 . . [7.00.6000.16386] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18005_none_152e8ba81f4b4668\mshtml.dll

[-] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
[-] 2008-01-21 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] . . c:\windows\System32\msvcrt.dll

[-] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[-] 2008-01-21 . 89FD0595EEA4E505CABEFCF7008F2612 . 223232 . . [6.0.6000.16386] . . c:\windows\System32\mswsock.dll

[-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[-] 2008-01-21 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] . . c:\windows\System32\netlogon.dll

[-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll
[-] 2008-01-21 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] . . c:\windows\System32\powrprof.dll

[-] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
[-] 2008-01-21 . 28B84EB538F7E8A0FE8B9299D591E0B9 . 177152 . . [6.0.6000.16386] . . c:\windows\System32\scecli.dll

[-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\sfc.dll

[-] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] . . c:\windows\System32\svchost.exe

[-] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6001.18000] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll
[-] 2008-01-21 . 680916BB09EE0F3A6ACA7C274B0D633F . 242688 . . [6.0.6001.18000] . . c:\windows\System32\tapisrv.dll

[-] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6002.18005] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[-] 2008-01-21 . B974D9F06DC7D1908E825DC201681269 . 627200 . . [6.0.6001.18000] . . c:\windows\System32\user32.dll

[-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\System32\userinit.exe

[-] 2009-12-18 . 27DFDEA0533477C8923FC874F6439CF0 . 833024 . . [7.00.6000.16386] . . c:\windows\System32\wininet.dll
[-] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6000.16386] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll

[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\System32\ws2_32.dll

[-] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[-] 2008-10-29 . 4F554999D7D5F05DAAEBBA7B5BA1089D . 2927104 . . [6.0.6000.16386] . . c:\windows\explorer.exe






[-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\System32\ctfmon.exe

[-] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6000.16386] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
[-] 2008-01-21 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll

[-] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_8b517ec580991c4d\regsvc.dll
[-] 2008-01-21 . CC4E32400F3C7253400CF8F3F3A0B676 . 106496 . . [6.0.6000.16386] . . c:\windows\System32\regsvc.dll

[-] 2009-04-11 . 323AE0BDFD2EB15B668DDA50CC597329 . 595456 . . [6.0.6001.18000] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_30ec979d94244404\schedsvc.dll
[-] 2008-01-21 . 1D5E99DB3C10F4FA034010DC49043CA4 . 596992 . . [6.0.6001.18000] . . c:\windows\System32\schedsvc.dll

[-] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\System32\ssdpsrv.dll

[-] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll
[-] 2008-01-21 . D605031E225AACCBCEB5B76A4F1603A6 . 448512 . . [6.0.6001.18000] . . c:\windows\System32\termsrv.dll

[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\System32\ias.dll

[-] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] . . c:\windows\System32\mfc40u.dll

[-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\System32\upnphost.dll

c:\windows\System32\drivers\beep.sys ... chybí !!
c:\windows\System32\srsvc.dll ... chybí !!
c:\windows\System32\wscntfy.exe ... chybí !!
c:\windows\System32\xmlprov.dll ... chybí !!
c:\windows\System32\eventlog.dll ... chybí !!
c:\windows\System32\sfcfiles.dll ... chybí !!
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-04-24 430080]
"SmileyApp"="c:\program files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\stbapp.exe" [2009-08-21 630784]
"Skype"="c:\program files\Skype\\Phone\Skype.exe" [2009-10-09 25623336]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-22 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"NDSTray.exe"="NDSTray.exe" [BU]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-05-28 20480]
"Toshiba TEMPO"="c:\program files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe" [2008-04-24 103824]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-29 1029416]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-04-29 417792]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-03-19 716800]
"HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2008-04-26 716800]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2008-01-11 574864]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Logging]
"LogFileSize"= 4096 (0x1000)
"LogFilePath"= %systemroot%\system32\LogFiles\Firewall\pfirewall.log

R0 CLFS;Common Log (CLFS);c:\windows\System32\clfs.sys [21.1.2008 3:23 247352]
R0 Ecache;ReadyBoost Caching Driver;c:\windows\System32\drivers\ecache.sys [21.1.2008 3:23 143416]
R0 FileInfo;File Information FS MiniFilter;c:\windows\System32\drivers\fileinfo.sys [21.1.2008 3:24 58936]
R0 msahci;msahci;c:\windows\System32\drivers\msahci.sys [22.7.2008 10:59 28728]
R0 msisadrv;Ovladač třídy ISA/EISA;c:\windows\System32\drivers\msisadrv.sys [22.7.2008 10:56 16440]
R0 spldr;Security Processor Loader Driver;c:\windows\System32\drivers\spldr.sys [21.1.2008 3:24 21048]
R0 volmgr;Ovladač správce svazků;c:\windows\System32\drivers\volmgr.sys [22.7.2008 10:56 52792]
R0 volmgrx;Dynamic Volume Manager;c:\windows\System32\drivers\volmgrx.sys [21.1.2008 3:24 294456]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [26.4.2009 19:52 114768]
R1 DfsC;DFS Namespace Client Driver;c:\windows\System32\drivers\dfsc.sys [21.1.2008 3:24 75264]
R1 nsiproxy;NSI proxy service;c:\windows\System32\drivers\nsiproxy.sys [21.1.2008 3:24 16384]
R1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\System32\drivers\RDPENCDD.sys [21.1.2008 3:24 6144]
R1 Smb;Protokol TCP/IP a TCP/IPv6 orientovaný na zprávy (relace SMB);c:\windows\System32\drivers\smb.sys [21.1.2008 3:25 66560]
R1 tdx;Ovladač pro podporu zastaralého rozhraní TDI NetIO;c:\windows\System32\drivers\tdx.sys [21.1.2008 3:24 71680]
R1 Wanarpv6;Remote Access IPv6 ARP Driver;c:\windows\System32\drivers\wanarp.sys [21.1.2008 3:24 62464]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [26.4.2009 19:52 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [26.4.2009 19:52 51792]
R2 AudioEndpointBuilder;Koncové vytváření služby Windows Audio;c:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [21.1.2008 3:23 21504]
R2 BFE;Služba BFE;c:\windows\system32\svchost.exe -k LocalServiceNoNetwork [21.1.2008 3:23 21504]
R2 ConfigFree Service;ConfigFree Service;c:\program files\Toshiba\ConfigFree\CFSvcs.exe [16.4.2008 23:19 40960]
R2 DPS;Služba DPS (Diagnostic Policy Service);c:\windows\System32\svchost.exe -k LocalServiceNoNetwork [21.1.2008 3:23 21504]
R2 EMDMgmt;ReadyBoost;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [21.1.2008 3:23 21504]
R2 FDResPub;Publikování prostředků rozpoznávání funkcí;c:\windows\system32\svchost.exe -k LocalService [21.1.2008 3:23 21504]
R2 gpsvc;Klient zásad skupiny;c:\windows\system32\svchost.exe -k netsvcs [21.1.2008 3:23 21504]
R2 IKEEXT;Služba IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe -k netsvcs [21.1.2008 3:23 21504]
R2 iphlpsvc;Pomocník IP;c:\windows\System32\svchost.exe -k NetSvcs [21.1.2008 3:23 21504]
R2 KtmRm;Služba KTMRM pro koordinátor DTC;c:\windows\System32\svchost.exe -k NetworkService [21.1.2008 3:23 21504]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\System32\drivers\lltdio.sys [21.1.2008 3:24 47104]
R2 luafv;UAC File Virtualization;c:\windows\System32\drivers\luafv.sys [21.1.2008 3:24 84480]
R2 MMCSS;Služba Plánovač multimédií;c:\windows\system32\svchost.exe -k netsvcs [21.1.2008 3:23 21504]
R2 MpsSvc;Brána firewall systému Windows;c:\windows\system32\svchost.exe -k LocalServiceNoNetwork [21.1.2008 3:23 21504]
R2 netprofm;Služba seznamu sítí;c:\windows\System32\svchost.exe -k LocalService [21.1.2008 3:23 21504]
R2 NlaSvc;Sledování umístění v síti (NLA);c:\windows\System32\svchost.exe -k NetworkService [21.1.2008 3:23 21504]
R2 nsi;Služba rozhraní síťového úložiště;c:\windows\system32\svchost.exe -k LocalService [21.1.2008 3:23 21504]
R2 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [21.1.2008 3:23 21504]
R2 PEAUTH;PEAUTH;c:\windows\System32\drivers\PEAuth.sys [2.11.2006 10:04 878080]
R2 ProfSvc;Služba Profil uživatele;c:\windows\system32\svchost.exe -k netsvcs [21.1.2008 3:23 21504]
R2 slsvc;Licencování softwaru;c:\windows\System32\SLsvc.exe [21.1.2008 3:25 2623488]
R2 SysMain;Superfetch;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [21.1.2008 3:23 21504]
R2 TabletInputService;Služba Vstupní panel počítače Tablet PC;c:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [21.1.2008 3:23 21504]
R2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\System32\drivers\tcpipreg.sys [21.1.2008 3:23 30208]
R2 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\Toshiba TEMPRO\TempoSVC.exe [24.4.2008 9:21 99720]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\Toshiba\SMARTLogService\TosIPCSrv.exe [3.12.2007 16:03 126976]
R2 UxSms;Správce relací správce oken plochy;c:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [21.1.2008 3:23 21504]
R2 WerSvc;Služba Zasílání zpráv o chybách systému Windows;c:\windows\System32\svchost.exe -k WerSvcGroup [21.1.2008 3:23 21504]
R2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe -k secsvcs [21.1.2008 3:23 21504]
R2 Wlansvc;Automatická konfigurace sítě WLAN;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [21.1.2008 3:23 21504]
R2 WPDBusEnum;Služba Výčet přenosných zařízení;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [21.1.2008 3:23 21504]
R3 Appinfo;Informace o aplikaci;c:\windows\system32\svchost.exe -k netsvcs [21.1.2008 3:23 21504]
R3 bowser;Bowser;c:\windows\System32\drivers\bowser.sys [21.1.2008 3:23 69632]
R3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [26.4.2009 20:17 625152]
R3 iScsiPrt;Ovladač iScsiPort;c:\windows\System32\drivers\msiscsi.sys [21.1.2008 3:23 181304]
R3 KeyIso;Izolace klíče CNG;c:\windows\System32\lsass.exe [16.10.2009 17:21 9728]
R3 monitor;Služba ovladače funkce třídy monitorů Microsoft;c:\windows\System32\drivers\monitor.sys [21.1.2008 3:23 41984]
R3 mpsdrv;Ovladač ověření brány firewall systému Windows;c:\windows\System32\drivers\mpsdrv.sys [21.1.2008 3:24 64000]
R3 mrxsmb10;SMB 1.x MiniRedirector;c:\windows\System32\drivers\mrxsmb10.sys [10.2.2010 17:52 212992]
R3 mrxsmb20;SMB 2.0 MiniRedirector;c:\windows\System32\drivers\mrxsmb20.sys [21.1.2008 3:24 78848]
R3 NativeWifiP;Filtr NativeWiFi;c:\windows\System32\drivers\nwifi.sys [26.4.2009 20:17 148480]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [17.11.2008 14:40 3668480]
R3 O2MDRDR;O2MDRDR;c:\windows\System32\drivers\o2media.sys [15.4.2008 9:13 51160]
R3 QIOMem;Generic IO & Memory Access;c:\windows\System32\drivers\QIOMem.sys [9.4.2007 16:13 8192]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [24.4.2008 17:35 73728]
R3 srv2;srv2;c:\windows\System32\drivers\srv2.sys [16.10.2009 17:18 144896]
R3 srvnet;srvnet;c:\windows\System32\drivers\srvnet.sys [10.2.2010 17:52 98304]
R3 tunnel;Microsoft IPv6 Tunnel Miniport Adapter Driver;c:\windows\System32\drivers\tunnel.sys [21.1.2008 3:24 23040]
R3 umbus;Ovladač sběrnice UMBus Enumerator;c:\windows\System32\drivers\umbus.sys [21.1.2008 3:23 34816]
R3 WdiSystemHost;Hostitel diagnostického systému;c:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [21.1.2008 3:23 21504]
S2 gupdate1c9ce4e45c030a0;Služba Google Update (gupdate1c9ce4e45c030a0);c:\program files\Google\Update\GoogleUpdate.exe [6.5.2009 14:26 133104]
S2 Sukoku Service;Sukoku Service;c:\programdata\Sukoku\sukoku119.exe [28.9.2009 16:36 54760]
S2 TBS;Služba TPM Base Services;c:\windows\System32\svchost.exe -k LocalService [21.1.2008 3:23 21504]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\System32\drivers\BrFiltLo.sys [2.11.2006 10:38 13568]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\System32\drivers\BrFiltUp.sys [2.11.2006 10:37 5248]
S3 CertPropSvc;Šíření certifikátů;c:\windows\system32\svchost.exe -k netsvcs [21.1.2008 3:23 21504]
S3 DFSR;Replikace distribuovaného systému souborů (DFSR);c:\windows\System32\dfsr.exe [21.1.2008 3:23 2091520]
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver;c:\windows\System32\drivers\E1G60I32.sys [21.1.2008 3:23 118784]
S3 fdPHost;Hostitel poskytovatele rozpoznávání funkce;c:\windows\system32\svchost.exe -k LocalService [21.1.2008 3:23 21504]
S3 Filetrace;FileTrace;c:\windows\System32\drivers\filetrace.sys [21.1.2008 3:24 27648]
S3 IPBusEnum;Rozpoznávací modul sběrnice PnP-X IP;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [21.1.2008 3:23 21504]
S3 lltdsvc;Mapovač zjišťování topologie linkové vrstvy;c:\windows\System32\svchost.exe -k LocalService [21.1.2008 3:23 21504]
S3 MSiSCSI;Služba iniciátoru iSCSI společnosti Microsoft;c:\windows\system32\svchost.exe -k netsvcs [21.1.2008 3:23 21504]
S3 MsRPC;MsRPC;c:\windows\System32\drivers\msrpc.sys [21.1.2008 3:24 163384]
S3 pla;Výstrahy a protokolování výkonu;c:\windows\System32\svchost.exe -k LocalServiceNoNetwork [21.1.2008 3:23 21504]
S3 PNRPAutoReg;Služba publikování názvu počítače pomocí protokolu PNRP;c:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted [21.1.2008 3:23 21504]
S3 SCPolicySvc;Zásady odebrání čipové karty;c:\windows\system32\svchost.exe -k netsvcs [21.1.2008 3:23 21504]
S3 SDRSVC;Zálohování systému Windows;c:\windows\system32\svchost.exe -k SDRSVC [21.1.2008 3:23 21504]
S3 SessionEnv;Konfigurace Terminálové služby;c:\windows\System32\svchost.exe -k netsvcs [21.1.2008 3:23 21504]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC;c:\windows\System32\drivers\sffp_mmc.sys [2.11.2006 9:51 12288]
S3 SLUINotify;Služba SL UI Notification Service;c:\windows\system32\svchost.exe -k LocalService [21.1.2008 3:23 21504]
S3 THREADORDER;Server pro řazení podprocesů;c:\windows\system32\svchost.exe -k LocalService [21.1.2008 3:23 21504]
S3 TrustedInstaller;Instalace modulů systému Windows;c:\windows\servicing\TrustedInstaller.exe [21.1.2008 3:24 39424]
S3 tssecsrv;Terminal Services Security Filter Driver;c:\windows\System32\drivers\tssecsrv.sys [21.1.2008 3:24 23552]
S3 UI0Detect;Zjišťování interaktivních služeb;c:\windows\System32\UI0Detect.exe [21.1.2008 3:24 35840]
S3 uliagpkx;Uli AGP Bus Filter;c:\windows\System32\drivers\ULIAGPKX.SYS [2.11.2006 9:35 60984]
S3 wcncsvc;Technologie Windows Connect Now – Registrátor konfigurací;c:\windows\System32\svchost.exe -k LocalService [21.1.2008 3:23 21504]
S3 WcsPlugInService;Windows Color System;c:\windows\system32\svchost.exe -k wcssvc [21.1.2008 3:23 21504]
S3 WdiServiceHost;Hostitel diagnostické služby;c:\windows\System32\svchost.exe -k wdisvc [21.1.2008 3:23 21504]
S3 Wecsvc;Sběr událostí systému Windows;c:\windows\system32\svchost.exe -k NetworkService [21.1.2008 3:23 21504]
S3 wercplsupport;Podpora ovládacího panelu Hlášení a řešení problémů;c:\windows\System32\svchost.exe -k netsvcs [21.1.2008 3:23 21504]
S3 WinRM;Vzdálená správa systému Windows (WS-Management);c:\windows\System32\svchost.exe -k NetworkService [21.1.2008 3:23 21504]
S3 WPCSvc;Rodičovská kontrola;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted [21.1.2008 3:23 21504]
S4 adp94xx;adp94xx;c:\windows\System32\drivers\adp94xx.sys [2.11.2006 8:36 422968]
S4 adpahci;adpahci;c:\windows\System32\drivers\adpahci.sys [2.11.2006 8:36 300600]
S4 arcsas;arcsas;c:\windows\System32\drivers\arcsas.sys [2.11.2006 8:36 79928]
S4 blbdrive;blbdrive;c:\windows\System32\drivers\blbdrive.sys [21.1.2008 4:11 45568]
S4 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\drivers\BrSerId.sys [2.11.2006 10:22 71808]
S4 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\drivers\BrSerWdm.sys [2.11.2006 10:36 62336]
S4 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\drivers\BrUsbMdm.sys [2.11.2006 10:37 12160]
S4 circlass;Consumer IR Devices;c:\windows\System32\drivers\circlass.sys [2.11.2006 9:55 35328]
S4 Crusoe;Transmeta Crusoe Processor Driver;c:\windows\System32\drivers\crusoe.sys [2.11.2006 9:30 40960]
S4 elxstor;elxstor;c:\windows\System32\drivers\elxstor.sys [2.11.2006 8:36 342584]
S4 HpCISSs;HpCISSs;c:\windows\System32\drivers\HpCISSs.sys [2.11.2006 8:36 40504]
S4 iaStorV;Intel RAID Controller Vista;c:\windows\System32\drivers\iaStorV.sys [2.11.2006 8:36 235064]
S4 IPMIDRV;IPMIDRV;c:\windows\System32\drivers\IPMIDrv.sys [2.11.2006 9:42 64512]
S4 iteraid;ITERAID_Service_Install;c:\windows\System32\drivers\iteraid.sys [2.11.2006 8:36 35944]
S4 LSI_FC;LSI_FC;c:\windows\System32\drivers\lsi_fc.sys [2.11.2006 8:36 96312]
S4 LSI_SAS;LSI_SAS;c:\windows\System32\drivers\lsi_sas.sys [2.11.2006 8:36 89656]
S4 LSI_SCSI;LSI_SCSI;c:\windows\System32\drivers\lsi_scsi.sys [21.1.2008 3:23 96312]
S4 Mcx2Svc;Služba zařízení Windows Media Center Extender;c:\windows\system32\svchost.exe -k LocalService [21.1.2008 3:23 21504]
S4 megasas;megasas;c:\windows\System32\drivers\megasas.sys [2.11.2006 8:36 31288]
S4 mpio;Microsoft Multi-Path Bus Driver;c:\windows\System32\drivers\mpio.sys [2.11.2006 9:52 105016]
S4 msdsm;Microsoft Multi-Path Device Specific Module;c:\windows\System32\drivers\msdsm.sys [2.11.2006 9:52 94776]
S4 nfrd960;nfrd960;c:\windows\System32\drivers\nfrd960.sys [2.11.2006 8:36 45160]
S4 ntrigdigi;N-trig HID Tablet Driver;c:\windows\System32\drivers\ntrigdigi.sys [2.11.2006 8:36 20608]
S4 nvstor;nvstor;c:\windows\System32\drivers\nvstor.sys [2.11.2006 8:36 45112]
S4 ql2300;QLogic Fibre Channel Miniport Driver;c:\windows\System32\drivers\ql2300.sys [2.11.2006 8:36 1122360]
S4 ql40xx;QLogic iSCSI Miniport Driver;c:\windows\System32\drivers\ql40xx.sys [2.11.2006 8:36 106088]
S4 SiSRaid4;SiSRaid4;c:\windows\System32\drivers\sisraid4.sys [2.11.2006 8:36 74808]
S4 uliahci;uliahci;c:\windows\System32\drivers\uliahci.sys [2.11.2006 8:36 238648]
S4 ulsata2;ulsata2;c:\windows\System32\drivers\ulsata2.sys [2.11.2006 8:36 115816]
S4 usbcir;eHome Infrared Receiver (USBCIR);c:\windows\System32\drivers\usbcir.sys [2.11.2006 9:55 68608]
S4 ViaC7;VIA C7 Processor Driver;c:\windows\System32\drivers\viac7.sys [2.11.2006 9:30 41472]
S4 vsmraid;vsmraid;c:\windows\System32\drivers\vsmraid.sys [2.11.2006 8:36 130616]
S4 WacomPen;Wacom Serial Pen HID Driver;c:\windows\System32\drivers\wacompen.sys [2.11.2006 9:52 20608]
S4 Wd;Microsoft Watchdog Timer Driver;c:\windows\System32\drivers\wd.sys [2.11.2006 9:54 22072]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
NetworkServiceNetworkRestricted REG_MULTI_SZ PolicyAgent
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc ehstart
WerSvcGroup REG_MULTI_SZ wersvc
swprv REG_MULTI_SZ swprv
regsvc REG_MULTI_SZ RemoteRegistry
wcssvc REG_MULTI_SZ WcsPlugInService
DcomLaunch REG_MULTI_SZ PlugPlay DcomLaunch
wdisvc REG_MULTI_SZ WdiServiceHost
sdrsvc REG_MULTI_SZ sdrsvc
secsvcs REG_MULTI_SZ WinDefend

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
wercplsupport
CertPropSvc
SCPolicySvc
gpsvc
IKEEXT
LogonHours
PCAudit
iphlpsvc
AppInfo
msiscsi
MMCSS
ProfSvc
EapHost
SessionEnv

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
2009-09-10 15:21 310784 ----a-w- c:\windows\System32\unregmp2.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-06 13:26]

2010-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-06 13:26]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?CZ
IE: {{8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-16 22:27
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwEnumerateKey, ZwQueryKey, ZwOpenKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile, ZwQueryDirectoryFile, ZwQuerySystemInformation

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2010-03-16 22:37:11
ComboFix-quarantined-files.txt 2010-03-16 21:37
ComboFix2.txt 2010-03-16 20:41

Před spuštěním: Volných bajtů: 80 203 927 552
Po spuštění: Volných bajtů: 80 187 531 264

- - End Of File - - E41F93F4BC6CECB9A25303BB10190FDC

RSIT již jde stáhnout, bude lepší sem dát log z něho? nebo tento z ComboFixu stačí?

Dobrý večer

Kdyby jeden soubor, ale Vám jich ještě pár chybí

c:\windows\System32\drivers\beep.sys ... chybí !!
c:\windows\System32\srsvc.dll ... chybí !!
c:\windows\System32\wscntfy.exe ... chybí !!
c:\windows\System32\xmlprov.dll ... chybí !!
c:\windows\System32\eventlog.dll ... chybí !!
c:\windows\System32\sfcfiles.dll ... chybí !!

Poprosím o ten log ze Rsitu a jdeme na to

A jinak combofix příště nespouštějte bez dozoru rádce .

Dobrý večer, přiznám se dobrovolně a bez mučení, že jsem porušil téměř všechna pravidla, která jsou uvedena konci předchozí odpovědi. Navíc jsem, taktéž ještě pod rouškou nevědomosti, použil program Malwarebytes' Anti-Malware a vše, co našel, jsem nechal vyhubit. Nicméně se pokusím napravit, pokud to ještě půjde, co jsem pokazil a zasílám log programu RSIT. Děkuji za trpělivost.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Admin at 2010-03-19 22:13:28
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 76 GB (63%) free of 120 GB
Total RAM: 3066 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:13:43, on 19.3.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Admin\Desktop\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?CZ (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CiSvc - Unknown owner - C:\Windows\system32\cisvc.exe (file missing)
O23 - Service: ClipSrv - Unknown owner - C:\Windows\system32\clipsrv.exe (file missing)
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Služba Google Update (gupdate1c9ce4e45c030a0) (gupdate1c9ce4e45c030a0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Sukoku Service - Unknown owner - C:\ProgramData\Sukoku\sukoku119.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: UPS - Unknown owner - C:\Windows\System32\ups.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9665 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-29 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-01-29 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-29 279664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]
"NDSTray.exe"=NDSTray.exe []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Google EULA Launcher"=c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [2008-05-28 20480]
"Toshiba TEMPO"=C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [2008-04-24 103824]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-11-29 1029416]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-04-29 417792]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-03-19 716800]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-04-26 716800]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2008-01-11 574864]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-01-07 1394000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2008-04-24 430080]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2009-10-09 25623336]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-07-22 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-03-19 22:13:28 ----D---- C:\rsit
2010-03-19 22:13:28 ----D---- C:\Program Files\trend micro
2010-03-18 21:25:18 ----D---- C:\Users\Admin\AppData\Roaming\Malwarebytes
2010-03-18 21:25:10 ----D---- C:\ProgramData\Malwarebytes
2010-03-18 21:25:10 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-03-16 22:37:28 ----SHD---- C:\$RECYCLE.BIN
2010-03-16 22:37:21 ----D---- C:\Windows\temp
2010-03-16 22:37:15 ----A---- C:\ComboFix.txt
2010-03-16 22:08:23 ----A---- C:\Windows\SWXCACLS.exe
2010-03-16 20:05:17 ----A---- C:\ComboFix_1st.txt
2010-03-15 21:58:37 ----A---- C:\Windows\PEV.exe
2010-03-15 21:58:37 ----A---- C:\Windows\NIRCMD.exe
2010-03-15 21:58:37 ----A---- C:\Windows\MBR.exe
2010-03-15 21:58:36 ----A---- C:\Windows\zip.exe
2010-03-15 21:58:36 ----A---- C:\Windows\SWSC.exe
2010-03-15 21:58:36 ----A---- C:\Windows\SWREG.exe
2010-03-15 21:58:36 ----A---- C:\Windows\sed.exe
2010-03-15 21:58:36 ----A---- C:\Windows\grep.exe
2010-03-15 21:58:15 ----D---- C:\Windows\ERDNT
2010-03-15 21:57:18 ----D---- C:\Qoobox
2010-03-11 17:25:01 ----A---- C:\Windows\system32\nshhttp.dll
2010-03-11 17:24:56 ----A---- C:\Windows\system32\httpapi.dll
2010-02-24 18:50:45 ----A---- C:\Windows\system32\tzres.dll
2010-02-24 18:50:25 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-24 18:50:25 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-24 18:50:24 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-24 18:50:24 ----A---- C:\Windows\system32\secproc.dll
2010-02-24 18:50:24 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-24 18:50:24 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-24 18:50:23 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-24 18:50:23 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-24 18:50:23 ----A---- C:\Windows\system32\msdrm.dll

======List of files/folders modified in the last 1 months======

2010-03-19 22:13:42 ----D---- C:\Windows\Prefetch
2010-03-19 22:13:28 ----RD---- C:\Program Files
2010-03-19 22:09:23 ----D---- C:\Windows\system32\drivers
2010-03-19 22:08:28 ----D---- C:\Windows\tracing
2010-03-19 20:57:21 ----D---- C:\Windows\inf
2010-03-19 20:57:21 ----AD---- C:\Windows\System32
2010-03-19 20:57:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-18 22:45:18 ----D---- C:\Windows\Debug
2010-03-18 22:45:18 ----D---- C:\Windows
2010-03-18 22:24:23 ----D---- C:\ProgramData
2010-03-18 19:37:30 ----SHD---- C:\System Volume Information
2010-03-18 19:11:01 ----SD---- C:\Users\Admin\AppData\Roaming\Microsoft
2010-03-18 19:11:01 ----SD---- C:\ProgramData\Microsoft
2010-03-16 22:27:19 ----A---- C:\Windows\system.ini
2010-03-16 22:19:19 ----D---- C:\Windows\AppPatch
2010-03-16 22:19:17 ----D---- C:\Program Files\Common Files
2010-03-15 21:37:42 ----D---- C:\Program Files\Fotolab
2010-03-15 21:29:45 ----D---- C:\Program Files\Webteh
2010-03-15 21:19:42 ----D---- C:\Windows\system32\catroot2
2010-03-15 21:18:22 ----HDC---- C:\ProgramData\{FB94CE54-2703-4BFF-8E94-A0AD14C0FA22}
2010-03-11 18:34:38 ----D---- C:\Windows\winsxs
2010-03-11 18:24:20 ----D---- C:\Windows\system32\catroot
2010-03-11 18:19:55 ----D---- C:\Program Files\Windows Mail
2010-03-11 18:19:55 ----D---- C:\Program Files\Movie Maker
2010-03-03 19:19:45 ----D---- C:\Program Files\Picasa2
2010-03-02 06:30:12 ----A---- C:\Windows\system32\mrt.exe
2010-02-27 19:08:59 ----SHD---- C:\Windows\Installer
2010-02-25 18:26:57 ----D---- C:\Windows\rescache
2010-02-25 18:06:55 ----RSD---- C:\Windows\Fonts
2010-02-25 18:06:55 ----D---- C:\Windows\system32\cs-CZ
2010-02-24 09:16:06 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\Windows\System32\Drivers\dfsc.sys [2008-01-21 75264]
R1 nsiproxy;NSI proxy service; C:\Windows\system32\drivers\nsiproxy.sys [2008-01-21 16384]
R1 RDPENCDD;RDP Encoder Mirror Driver; C:\Windows\system32\drivers\rdpencdd.sys [2008-01-21 6144]
R1 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\Windows\system32\DRIVERS\smb.sys [2008-01-21 66560]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2008-01-21 71680]
R1 Wanarpv6;Remote Access IPv6 ARP Driver; C:\Windows\system32\DRIVERS\wanarp.sys [2008-01-21 62464]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:\Windows\system32\DRIVERS\lltdio.sys [2008-01-21 47104]
R2 luafv;UAC File Virtualization; C:\Windows\system32\drivers\luafv.sys [2008-01-21 84480]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2006-11-02 878080]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\Windows\system32\DRIVERS\rspndr.sys [2008-01-21 60416]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2008-01-21 30208]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-17 8704]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-04-08 3548672]
R3 bowser;Bowser; C:\Windows\system32\DRIVERS\bowser.sys [2008-01-21 69632]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2008-08-02 625152]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 HDAudBus;Ovladač sběrnice Microsoft UAA pro zvuk High Definition Audio; C:\Windows\system32\DRIVERS\HDAudBus.sys [2008-01-21 53760]
R3 HidUsb;Ovladač třídy standardu HID Microsoft; C:\Windows\system32\DRIVERS\hidusb.sys [2008-01-21 12288]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-03-25 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-03-25 207872]
R3 intelppm;Ovladač procesoru Intel; C:\Windows\system32\DRIVERS\intelppm.sys [2008-01-21 41472]
R3 iScsiPrt;Ovladač iScsiPort; C:\Windows\system32\DRIVERS\msiscsi.sys [2008-01-21 181304]
R3 monitor;Služba ovladače funkce třídy monitorů Microsoft; C:\Windows\system32\DRIVERS\monitor.sys [2008-01-21 41984]
R3 mouhid;Ovladač HID myši; C:\Windows\system32\DRIVERS\mouhid.sys [2008-01-21 15872]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2008-01-21 64000]
R3 mrxsmb10;SMB 1.x MiniRedirector; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2009-12-04 212992]
R3 mrxsmb20;SMB 2.0 MiniRedirector; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2008-01-21 78848]
R3 NativeWifiP;Filtr NativeWiFi; C:\Windows\system32\DRIVERS\nwifi.sys [2008-05-20 148480]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-04-15 51160]
R3 ohci1394;Hostitelský řadič IEEE 1394 standardu OHCI; C:\Windows\system32\DRIVERS\ohci1394.sys [2008-01-21 61952]
R3 QIOMem;Generic IO & Memory Access; C:\Windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2008-01-21 69120]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
R3 srv2;srv2; C:\Windows\System32\DRIVERS\srv2.sys [2009-09-14 144896]
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2009-12-11 98304]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-11-29 196144]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\Windows\system32\DRIVERS\tunmp.sys [2008-01-21 15360]
R3 tunnel;Microsoft IPv6 Tunnel Miniport Adapter Driver; C:\Windows\system32\DRIVERS\tunnel.sys [2008-01-21 23040]
R3 umbus;Ovladač sběrnice UMBus Enumerator; C:\Windows\system32\DRIVERS\umbus.sys [2008-01-21 34816]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\Windows\system32\DRIVERS\usbccgp.sys [2008-01-21 73216]
R3 usbehci;Ovladač Miniport vylepšeného hostitelského řadiče Microsoft USB 2.0; C:\Windows\system32\DRIVERS\usbehci.sys [2008-01-21 39424]
R3 usbhub;Rozbočovač umožňující USB2; C:\Windows\system32\DRIVERS\usbhub.sys [2008-01-21 194560]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\Windows\system32\DRIVERS\usbuhci.sys [2008-01-21 23552]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-03-25 661504]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-04-04 310272]
S3 agp440;Intel AGP Bus Filter; C:\Windows\system32\drivers\agp440.sys [2008-01-21 56376]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2008-01-21 57400]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\Windows\system32\drivers\brfiltlo.sys [2006-11-02 13568]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\Windows\system32\drivers\brfiltup.sys [2006-11-02 5248]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\Windows\system32\drivers\brusbser.sys [2006-11-02 11904]
S3 catchme;catchme; \??\C:\Users\Admin\AppData\Local\Temp\catchme.sys []
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; C:\Windows\system32\DRIVERS\E1G60I32.sys [2008-01-21 118784]
S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2008-01-21 136192]
S3 Filetrace;FileTrace; C:\Windows\system32\drivers\filetrace.sys [2008-01-21 27648]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\system32\drivers\gagp30kx.sys [2008-01-21 61496]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys []
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys []
S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2008-01-21 163384]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\Windows\system32\drivers\nv_agp.sys [2008-01-21 109112]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2008-01-21 31232]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\Windows\system32\DRIVERS\sffdisk.sys [2008-01-21 13312]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:\Windows\system32\drivers\sffp_mmc.sys [2008-01-21 12288]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\Windows\system32\DRIVERS\sffp_sd.sys [2008-01-21 11776]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2008-01-21 55864]
S3 Tcpip6;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2009-12-08 897624]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 tssecsrv;Terminal Services Security Filter Driver; C:\Windows\System32\DRIVERS\tssecsrv.sys [2008-01-21 23552]
S3 uagp35;Microsoft AGPv3.5 Filter; C:\Windows\system32\drivers\uagp35.sys [2008-01-21 59448]
S3 uliagpkx;Uli AGP Bus Filter; C:\Windows\system32\drivers\uliagpkx.sys [2008-01-21 60984]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\Windows\system32\DRIVERS\USBSTOR.SYS [2008-01-21 55296]
S3 vga;vga; C:\Windows\system32\DRIVERS\vgapnp.sys [2008-01-21 26112]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2008-01-21 56888]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 adp94xx;adp94xx; C:\Windows\system32\drivers\adp94xx.sys [2008-01-21 422968]
S4 adpahci;adpahci; C:\Windows\system32\drivers\adpahci.sys [2008-01-21 300600]
S4 adpu320;adpu320; C:\Windows\system32\drivers\adpu320.sys [2008-01-21 149560]
S4 amdide;amdide; C:\Windows\system32\drivers\amdide.sys [2008-01-21 17976]
S4 AmdK7;AMD K7 Processor Driver; C:\Windows\system32\drivers\amdk7.sys [2008-01-21 41472]
S4 AmdK8;AMD K8 Processor Driver; C:\Windows\system32\drivers\amdk8.sys [2008-01-21 44032]
S4 arc;arc; C:\Windows\system32\drivers\arc.sys [2008-01-21 79416]
S4 arcsas;arcsas; C:\Windows\system32\drivers\arcsas.sys [2008-01-21 79928]
S4 blbdrive;blbdrive; C:\Windows\system32\drivers\blbdrive.sys [2008-01-21 45568]
S4 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\Windows\system32\drivers\brserid.sys [2006-11-02 71808]
S4 BrSerWdm;Brother WDM Serial driver; C:\Windows\system32\drivers\brserwdm.sys [2006-11-02 62336]
S4 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\Windows\system32\drivers\brusbmdm.sys [2006-11-02 12160]
S4 BTHMODEM;Bluetooth Serial Communications Driver; C:\Windows\system32\drivers\bthmodem.sys [2006-11-02 39936]
S4 circlass;Consumer IR Devices; C:\Windows\system32\drivers\circlass.sys [2008-01-21 35328]
S4 Crusoe;Transmeta Crusoe Processor Driver; C:\Windows\system32\drivers\crusoe.sys [2008-01-21 40960]
S4 elxstor;elxstor; C:\Windows\system32\drivers\elxstor.sys [2008-01-21 342584]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 HidBth;Microsoft Bluetooth HID Miniport; C:\Windows\system32\drivers\hidbth.sys [2006-11-02 29184]
S4 HidIr;Microsoft Infrared HID Driver; C:\Windows\system32\drivers\hidir.sys [2006-11-02 21504]
S4 HpCISSs;HpCISSs; C:\Windows\system32\drivers\hpcisss.sys [2008-01-21 40504]
S4 iaStorV;Intel RAID Controller Vista; C:\Windows\system32\drivers\iastorv.sys [2008-01-21 235064]
S4 iirsp;iirsp; C:\Windows\system32\drivers\iirsp.sys [2006-11-02 41576]
S4 intelide;intelide; C:\Windows\system32\drivers\intelide.sys [2008-01-21 17976]
S4 IPMIDRV;IPMIDRV; C:\Windows\system32\drivers\ipmidrv.sys [2008-01-21 64512]
S4 isapnp;PnP ISA/EISA Bus Driver; C:\Windows\system32\drivers\isapnp.sys [2008-01-21 49720]
S4 iteatapi;ITEATAPI_Service_Install; C:\Windows\system32\drivers\iteatapi.sys [2006-11-02 35944]
S4 iteraid;ITERAID_Service_Install; C:\Windows\system32\drivers\iteraid.sys [2006-11-02 35944]
S4 kbdhid;Keyboard HID Driver; C:\Windows\system32\drivers\kbdhid.sys [2008-01-21 15872]
S4 LSI_FC;LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [2008-01-21 96312]
S4 LSI_SAS;LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [2008-01-21 89656]
S4 LSI_SCSI;LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [2008-01-21 96312]
S4 megasas;megasas; C:\Windows\system32\drivers\megasas.sys [2008-01-21 31288]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 mpio;Microsoft Multi-Path Bus Driver; C:\Windows\system32\drivers\mpio.sys [2008-01-21 105016]
S4 msdsm;Microsoft Multi-Path Device Specific Module; C:\Windows\system32\drivers\msdsm.sys [2008-01-21 94776]
S4 nfrd960;nfrd960; C:\Windows\system32\drivers\nfrd960.sys [2006-11-02 45160]
S4 ntrigdigi;N-trig HID Tablet Driver; C:\Windows\system32\drivers\ntrigdigi.sys [2006-11-02 20608]
S4 nvraid;NVIDIA nForce RAID Driver ; C:\Windows\system32\drivers\nvraid.sys [2008-01-21 102968]
S4 nvstor;nvstor; C:\Windows\system32\drivers\nvstor.sys [2008-01-21 45112]
S4 ql2300;QLogic Fibre Channel Miniport Driver; C:\Windows\system32\drivers\ql2300.sys [2008-01-21 1122360]
S4 ql40xx;QLogic iSCSI Miniport Driver; C:\Windows\system32\drivers\ql40xx.sys [2006-11-02 106088]
S4 sbp2port;SBP-2 Transport/Protocol Bus Driver; C:\Windows\system32\drivers\sbp2port.sys [2006-11-02 76392]
S4 sermouse;Serial Mouse Driver; C:\Windows\system32\drivers\sermouse.sys [2008-01-21 19968]
S4 SiSRaid2;SiSRaid2; C:\Windows\system32\drivers\sisraid2.sys [2008-01-21 41016]
S4 SiSRaid4;SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [2008-01-21 74808]
S4 uliahci;uliahci; C:\Windows\system32\drivers\uliahci.sys [2008-01-21 238648]
S4 UlSata;UlSata; C:\Windows\system32\drivers\ulsata.sys [2006-11-02 98408]
S4 ulsata2;ulsata2; C:\Windows\system32\drivers\ulsata2.sys [2008-01-21 115816]
S4 usbcir;eHome Infrared Receiver (USBCIR); C:\Windows\system32\drivers\usbcir.sys [2006-11-02 68608]
S4 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\Windows\system32\drivers\usbohci.sys [2006-11-02 19456]
S4 usbprint;Microsoft USB PRINTER Class; C:\Windows\system32\drivers\usbprint.sys [2006-11-02 18944]
S4 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2008-01-21 41472]
S4 vsmraid;vsmraid; C:\Windows\system32\drivers\vsmraid.sys [2008-01-21 130616]
S4 WacomPen;Wacom Serial Pen HID Driver; C:\Windows\system32\drivers\wacompen.sys [2006-11-02 20608]
S4 Wd;Microsoft Watchdog Timer Driver; C:\Windows\system32\drivers\wd.sys [2008-01-21 22072]
S4 ws2ifsl;Winsock IFS driver; C:\Windows\system32\drivers\ws2ifsl.sys [2008-01-21 15872]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-04-07 667648]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-16 40960]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 EMDMgmt;@%SystemRoot%\system32\emdmgmt.dll,-1000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2008-06-20 46104]
R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 netprofm;@%SystemRoot%\system32\netprof.dll,-246; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-12 65536]
R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 slsvc;@%SystemRoot%\system32\SLsvc.exe,-101; C:\Windows\system32\SLsvc.exe [2008-01-21 2623488]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 TempoMonitoringService;Notebook Performance Tuning Service ; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [2008-04-24 99720]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-07-18 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2008-04-11 124264]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 WinDefend;@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; C:\Windows\system32\SearchIndexer.exe [2008-05-27 439808]
R2 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-17 386560]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2009-06-15 9728]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [2008-04-24 73728]
R3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 ehstart;@%SystemRoot%\ehome\ehstart.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 gupdate1c9ce4e45c030a0;Služba Google Update (gupdate1c9ce4e45c030a0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-06 133104]
S2 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 Sukoku Service;Sukoku Service; C:\ProgramData\Sukoku\sukoku119.exe C:\Program Files\Sukoku\sukoku.dll Service []
S2 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-27 69632]
S3 DFSR;@dfsrres.dll,-101; C:\Windows\system32\DFSR.exe [2008-01-21 2091520]
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\Windows\ehome\ehRecvr.exe [2008-01-21 292352]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\Windows\ehome\ehsched.exe [2006-11-02 131072]
S3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-26 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-06-20 881664]
S3 IPBusEnum;@%systemroot%\system32\IPBusEnum.dll,-102; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 p2pimsvc;@%SystemRoot%\system32\p2psvc.dll,-8004; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 PNRPAutoReg;@%SystemRoot%\system32\p2psvc.dll,-8002; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 PNRPsvc;@%SystemRoot%\system32\p2psvc.dll,-8000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 SLUINotify;@%SystemRoot%\system32\SLUINotify.dll,-103; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2006-11-02 12800]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2008-01-21 39424]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2008-01-21 35840]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2008-01-21 382976]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 WMPNetworkSvc;@%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files\Windows Media Player\wmpnetwk.exe [2008-01-21 896512]
S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-06-20 132096]

-----------------EOF-----------------

našel by jste ještě log zmbam? Hlavní strana - záložka protokoly.

Mějte ted chvilku trpělivost, chybí Vám pár systémových souborů a hromada neprošla ověřením přes combofix, ted Vás trochu potrápím


Stáhněte SystemLook
http://jpshortstuff.247fixes.com/SystemLook.exe

- uložte ho na plochu a spustte.
- do okénka zkopírujte - klikněte na Look, proběhne sken, na konci se zobrazí log, jehož obsah zkopírujete sem

zde první je log zmbam, který jsem spustil bez připojení k internetu, takže nedošlo k aktualiazci programu:

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3510
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

18.3.2010 22:24:23
mbam-log-2010-03-18 (22-24-23).txt

Typ kontroly: Kompletní kontrola (C:\|E:\|)
Zkontrolované objekty: 267646
Uplynulý čas: 54 minute(s), 35 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 34
Infikované hodnoty registru: 4
Infikované datové položky registru: 0
Infikované adresáře: 12
Infikované soubory: 98

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
HKEY_CLASSES_ROOT\aimactivexdll.aimhelper (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\aimactivexdll.aimhelper.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oeactivexdll.desktopbuttonhandler (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0514c9b0-e4c6-4d6b-a3a6-b38bc280b115} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3fb17508-0bf4-4fde-845a-323a1052957c} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{803e73fe-cb73-4d49-8aff-653fd6f44171} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3fb17508-0bf4-4fde-845a-323a1052957c} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{51b67a88-02d0-43cb-8d12-5ca3e2d4cf49} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d44cc2fb-77b8-48a5-a5dc-f961f2d258fb} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oeactivexdll.desktopbuttonhandler.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oeactivexdll.desktopoeaddin1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oeactivexdll.desktopoeaddin1.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{42c23154-00fa-4a93-9de9-3eb523cffff6} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{5297e905-1dfb-4a9c-9871-a4f95fd58945} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{95b92d92-8b7d-4a19-a3f1-43113b4dbcaf} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{57aba38e-6535-48f3-99fd-efdc62137c78} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2e8e2100-98cb-4aac-9480-63a281acaff5} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d335d84d-61d8-4b5f-9c4e-067dc8b27ed5} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sukoku (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{22c12739-c111-44c6-9bb7-f335c2a9be2a} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{edb1a56e-2224-4c79-a4bd-42a39c6e4608} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{27ff1ee8-8ccc-49e1-b801-f212e3744e80} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\AIMActiveXDLL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Addins\OEActiveXDLL.DesktopOEAddin1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> Quarantined and deleted successfully.

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> Quarantined and deleted successfully.

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
C:\Program Files\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.0.970 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.0.970\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\ProgramData\Sukoku (Adware.Zwangi) -> Quarantined and deleted successfully.
C:\Program Files\Sukoku (Adware.Zwangi) -> Quarantined and deleted successfully.

Infikované soubory:
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\OEActiveXDLL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\stb0.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Sukoku\sukoku.exe (Adware.Ziniky) -> Quarantined and deleted successfully.
C:\Program Files\Sukoku\uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\ProgramData\Sukoku\sukoku119.exe (Adware.Ziniky) -> Quarantined and deleted successfully.
C:\ProgramData\{FB94CE54-2703-4BFF-8E94-A0AD14C0FA22}\OFFLINE\mFileBagIDE.dll\bag\stbrunwlm.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\AxGifAnimator.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\gdiplus.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\mfc80.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Microsoft.VC80.MFC.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\MyDll.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\ProductInfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Riched20Smiley.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\SkinCrafterDll.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Cache\248d6576afce4ee94af42d7350131106.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Cache\24a70fb875fab686b6b3c217612bc07c.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Cache\default1.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Cache\loading.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Cache\loading.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Cursor.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_DailyVideo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Game.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Glitter.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Recipe.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Ringtone.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Screensaver.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Smiley.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Wallpaper.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Web.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Cursor.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Cursor.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Game.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Glitter.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Glitter.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Recipe.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Ringtone.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Screensaver.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Smiley.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Smiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Web.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnDefault.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnDisplay.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnGlitters.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnOption.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnSmiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnTellFd.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnWink.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnWink.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Skins\myskin4.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Skins\TellafriendSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Skins\ToastSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.0.970\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.0.970\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.0.970\Data\eacore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.0.970\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.0.970\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

---------------------

zde je pak log zmbam, který jsem spustil už s připojením k internetu a proběhlou aktualizací programu:

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3886
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

19.3.2010 22:07:33
mbam-log-2010-03-19 (22-07-33).txt

Typ kontroly: Kompletní kontrola (C:\|E:\|)
Zkontrolované objekty: 278019
Uplynulý čas: 42 minute(s), 31 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
C:\ProgramData\{FB94CE54-2703-4BFF-8E94-A0AD14C0FA22}\OFFLINE\mFileBagIDE.dll\bag\stbterm.exe (Adware.ColorSoft) -> Quarantined and deleted successfully.

----------------------------------

zde je log z programu SystemLook:

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 15:57 on 20/03/2010 by Admin (Administrator - Elevation successful)

========== filefind ==========

Searching for "beep.sys"
C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys --a--- 6144 bytes [02:23 21/01/2008] [02:23 21/01/2008] 67E506B75BD5326A3EC7B70BD014DFB6

Searching for "srsvc.dll"
No files found.

Searching for "wscntfy.exe "
No files found.

Searching for "xmlprov.dll"
No files found.

Searching for "eventlog.dll"
No files found.

Searching for "sfcfiles.dll"
No files found.

-=End Of File=-

---------------

Díky za Váš čas.

Vydržte, zkusím s ehnat ty soubory. Náhodou někde kolem sebe nemáte počítač s Windows Vista™ Home Premium Service Pack 2?

Mám, hnedle vedle na stole mi jeden takovej počítač stojí.

Výborně, protože já je nemůžu sehnat .

Prosím Vás, založte si složku A, a do ní zkopírujte tyto soubory
c:\windows\System32\drivers\beep.sys
c:\windows\System32\srsvc.dll
c:\windows\System32\wscntfy.exe
c:\windows\System32\xmlprov.dll
c:\windows\System32\eventlog.dll
c:\windows\System32\sfcfiles.dll

Soubory následně ještě otestujte na www.virustotal.com, pokud by měl některý jiný nález než 0/40, napište.
Následně složku uložte na tom infikovaném počítači přímo na disk C a napište

Znovu jsem si ověřil OS Vista Home Premium SP2 - je tomu tak, nicméně
s těmi soubory mám následující potíže:


c:\windows\System32\drivers\beep.sys - našel jsem
c:\windows\System32\srsvc.dll - našel jsem pouze nejpodobnější soubor: srvsvc.dll
c:\windows\System32\wscntfy.exe - našel jsem pouze: wscntfy.dll
c:\windows\System32\xmlprov.dll - našel jsem nejpodobnější soubor: xmlprovi.dll
c:\windows\System32\eventlog.dll - nenašl jsem ani nic podobného
c:\windows\System32\sfcfiles.dll - nenašl jsem ani nic podobného

Zkusím ten zbytek sehnat, ale nejsou to zas tak zásadní soubory pro systém.

Jak to vypadá s počítačem?

Chytám na něj pouze dle Vašich instrukcí, ale jinak žádná změna, startuje pořád stejně dlouho - po náběhu OS (kdy se tam objeví ten známý grafický symbol Windows) se objeví Prosím čekejte..... a to trvá asi 2 minuty, než naběhnou uživatelé.
Dále pak po spuštění vyskočí hláška, že "Systém Windows zablokoval některé programy Po spuštění" a
"Služba centrum zabezpečení je vypnutá" - pokud se ji pokusím zapnout, vyhodí hlášku "Tuto službu Centra zabezpečení nelze spustit", což mě trošku děsí.

Od té služby Centra zabezpečení Vám chybí soubor , proto nejde spustit.
Bohužel ty soubory asi budu shánět trochu déle , ale seženu, nebojte

Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky

Posílám ten log z AVPTool:

Autoscan: completed 7 minutes ago (events: 28, objects: 289761, time: 02:22:15)
22.3.2010 18:44:17 Task started
22.3.2010 18:52:59 Detected: not-a-virus:AdWare.Win32.Zwangi.mj C:\Documents and Settings\All Users\{FB94CE54-2703-4BFF-8E94-A0AD14C0FA22}\OFFLINE\mFileBagIDE.dll\bag\SukokuSetup.exe/data0000.res/data0006
22.3.2010 18:54:33 Deleted: not-a-virus:AdWare.Win32.Zwangi.mj C:\Documents and Settings\All Users\{FB94CE54-2703-4BFF-8E94-A0AD14C0FA22}\OFFLINE\mFileBagIDE.dll\bag\SukokuSetup.exe
22.3.2010 20:09:56 Detected: not-a-virus:AdWare.Win32.Zwangi.cd C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TQ2X1A00\upgrade[1].cab/upgrade.exe/data0002
22.3.2010 20:09:56 Untreated: not-a-virus:AdWare.Win32.Zwangi.cd C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TQ2X1A00\upgrade[1].cab/upgrade.exe/data0002 Write not supported
22.3.2010 20:09:57 Detected: not-a-virus:AdWare.Win32.Zwangi.bp C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XRS65NB3\upgrade[1].cab/upgrade.exe/data0002
22.3.2010 20:09:57 Untreated: not-a-virus:AdWare.Win32.Zwangi.bp C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XRS65NB3\upgrade[1].cab/upgrade.exe/data0002 Write not supported
22.3.2010 20:09:57 Detected: not-a-virus:AdWare.Win32.Zwangi.bq C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XRS65NB3\upgrade[1].cab/upgrade.exe/data0004
22.3.2010 20:09:57 Untreated: not-a-virus:AdWare.Win32.Zwangi.bq C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XRS65NB3\upgrade[1].cab/upgrade.exe/data0004 Write not supported
22.3.2010 20:09:59 Detected: not-a-virus:AdWare.Win32.Zwangi.cd C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\TQ2X1A00\upgrade[1].cab/upgrade.exe/data0002
22.3.2010 20:09:59 Untreated: not-a-virus:AdWare.Win32.Zwangi.cd C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\TQ2X1A00\upgrade[1].cab/upgrade.exe/data0002 Write not supported
22.3.2010 20:10:00 Detected: not-a-virus:AdWare.Win32.Zwangi.bp C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\XRS65NB3\upgrade[1].cab/upgrade.exe/data0002
22.3.2010 20:10:00 Untreated: not-a-virus:AdWare.Win32.Zwangi.bp C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\XRS65NB3\upgrade[1].cab/upgrade.exe/data0002 Write not supported
22.3.2010 20:10:00 Detected: not-a-virus:AdWare.Win32.Zwangi.bq C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\XRS65NB3\upgrade[1].cab/upgrade.exe/data0004
22.3.2010 20:10:00 Untreated: not-a-virus:AdWare.Win32.Zwangi.bq C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\XRS65NB3\upgrade[1].cab/upgrade.exe/data0004 Write not supported
22.3.2010 20:10:21 Detected: not-a-virus:AdWare.Win32.Zwangi.cd C:\Windows\System32\config\systemprofile\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\TQ2X1A00\upgrade[1].cab/upgrade.exe/data0002
22.3.2010 20:10:21 Untreated: not-a-virus:AdWare.Win32.Zwangi.cd C:\Windows\System32\config\systemprofile\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\TQ2X1A00\upgrade[1].cab/upgrade.exe/data0002 Write not supported
22.3.2010 20:10:22 Detected: not-a-virus:AdWare.Win32.Zwangi.bp C:\Windows\System32\config\systemprofile\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\XRS65NB3\upgrade[1].cab/upgrade.exe/data0002
22.3.2010 20:10:22 Untreated: not-a-virus:AdWare.Win32.Zwangi.bp C:\Windows\System32\config\systemprofile\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\XRS65NB3\upgrade[1].cab/upgrade.exe/data0002 Write not supported
22.3.2010 20:10:22 Detected: not-a-virus:AdWare.Win32.Zwangi.bq C:\Windows\System32\config\systemprofile\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\XRS65NB3\upgrade[1].cab/upgrade.exe/data0004
22.3.2010 20:10:22 Untreated: not-a-virus:AdWare.Win32.Zwangi.bq C:\Windows\System32\config\systemprofile\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\XRS65NB3\upgrade[1].cab/upgrade.exe/data0004 Write not supported
22.3.2010 20:10:24 Detected: not-a-virus:AdWare.Win32.Zwangi.cd C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\TQ2X1A00\upgrade[1].cab/upgrade.exe/data0002
22.3.2010 20:10:24 Untreated: not-a-virus:AdWare.Win32.Zwangi.cd C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\TQ2X1A00\upgrade[1].cab/upgrade.exe/data0002 Write not supported
22.3.2010 20:10:25 Detected: not-a-virus:AdWare.Win32.Zwangi.bp C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\XRS65NB3\upgrade[1].cab/upgrade.exe/data0002
22.3.2010 20:10:25 Untreated: not-a-virus:AdWare.Win32.Zwangi.bp C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\XRS65NB3\upgrade[1].cab/upgrade.exe/data0002 Write not supported
22.3.2010 20:10:25 Detected: not-a-virus:AdWare.Win32.Zwangi.bq C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\XRS65NB3\upgrade[1].cab/upgrade.exe/data0004
22.3.2010 20:10:25 Untreated: not-a-virus:AdWare.Win32.Zwangi.bq C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\XRS65NB3\upgrade[1].cab/upgrade.exe/data0004 Write not supported
22.3.2010 21:06:33 Task completed

Fajn, co počítač? Soubory sháním, jen jsem dnes nebyla moc u počítače, vydržte se mnou ještě chvilku