Nelze mačkat tlačítka po restartu

[max8888]

Dobrý den,
nejdou mačkat tlačítka na panelu po restartu, tedy pokud nevypnu svchost.exe.
Celkově se počítač chová nestabilně.
Děkuji!


Logfile of random's system information tool 1.08 (written by random/random)
Run by oem at 2011-05-02 12:26:58
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 231 GB (48%) free of 477 GB
Total RAM: 4050 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:27:12, on 2.5.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19048)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\Program Files (x86)\TouchFreeze\TouchFreeze.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe
C:\Users\oem\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\oem\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\oem\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\oem.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [TouchFreeze] C:\Program Files (x86)\TouchFreeze\TouchFreeze.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\oem\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Lingea Update Center.lnk = C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{D5EABF05-9698-4945-AC22-9609491BCC2F}: NameServer = 8.8.8.8,8.8.4.4
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ambient Light Sensor (alssvc64) - Dell Inc. - C:\Program Files (x86)\Dell\Ambient Light Sensor\AlsSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Licencování softwaru (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7553 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\diMaster.dll" /prefetch:1
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Dell\Ambient Light Sensor\AlsSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 1884
C:\Windows\SysWOW64\DllHost.exe /Processid:{304CE942-6E39-40D8-943A-B913C40C9CD4}
taskeng.exe {3CC4ADDE-E296-4D84-B8DA-A0FD6752F177}
"C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe" /c /a /s UserSession
"C:\Windows\system32\Dwm.exe"
taskeng.exe {D1B5F93E-5ABB-4AB3-838B-631F42178D5E}
C:\Windows\Explorer.EXE
"C:\Program Files\Windows Defender\MSASCui.exe" -hide
"C:\Program Files\Apoint2K\Apoint.exe"
"C:\Windows\System32\hkcmd.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\WindowsMobile\wmdSync.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\TouchFreeze\TouchFreeze.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe"
"C:\Program Files\Apoint2K\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"Apntex.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
C:\Windows\System32\mobsync.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\oem\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\oem\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_6/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_500ms_queue_prefetch/DnsParallelism/parallel_6/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/ --channel=1948.05274780.551355118 /prefetch:3
C:\Windows\system32\rundll32.exe "C:\Users\oem\AppData\Local\Google\Chrome\APPLIC~1\100648~1.205\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\oem\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\oem\AppData\Local\Google\Chrome\Application\10.0.648.205\gcswf32.dll" --lang=cs --plugin-data-dir="C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default" --channel=1948.05689C00.740658891 /prefetch:4 --flash-broker=1672
"C:\Users\oem\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3254255305-1389485793-2003321422-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3254255305-1389485793-2003321422-1000UA.job
C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job
C:\Windows\tasks\User_Feed_Synchronization-{75AD21A1-C4E0-4698-83F9-DD47D4A1F401}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEPlg.dll [2010-09-04 396144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\IPSBHO.DLL [2010-02-04 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-23 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEPlg.dll [2010-09-04 396144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2009-02-23 283136]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-10-15 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-10-15 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-10-15 415256]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-21 225792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"TouchFreeze"=C:\Program Files (x86)\TouchFreeze\TouchFreeze.exe [2005-04-29 45056]
"Google Update"=C:\Users\oem\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-05 136176]
"WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Lingea Update Center.lnk - C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-10-15 271360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"NoResolveTrack"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-05-02 12:26:58 ----D---- C:\rsit
2011-05-02 12:26:58 ----D---- C:\Program Files\trend micro
2011-05-01 22:30:34 ----D---- C:\Users\oem\AppData\Roaming\PeerNetworking
2011-05-01 21:41:39 ----A---- C:\Windows\RUNAWAY.INI
2011-05-01 21:27:15 ----D---- C:\Program Files (x86)\Pendulo Studios
2011-05-01 15:39:26 ----RA---- C:\Windows\SYSWOW64\GEARAspi.dll
2011-05-01 15:39:26 ----RA---- C:\Windows\system32\GEARAspi64.dll
2011-05-01 15:39:26 ----RA---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2011-05-01 15:39:21 ----A---- C:\Windows\system32\drivers\SYMEVENT64x86.SYS
2011-05-01 15:39:20 ----D---- C:\Program Files\Symantec
2011-05-01 15:39:20 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-05-01 15:38:26 ----D---- C:\Windows\system32\drivers\N360x64
2011-05-01 15:38:24 ----D---- C:\Program Files (x86)\Norton 360
2011-05-01 15:38:23 ----D---- C:\ProgramData\Norton
2011-05-01 15:38:16 ----D---- C:\ProgramData\NortonInstaller
2011-05-01 15:38:16 ----D---- C:\Program Files (x86)\NortonInstaller
2011-05-01 15:32:45 ----D---- C:\Program Files\ESET
2011-05-01 15:32:44 ----D---- C:\ProgramData\ESET
2011-04-29 17:59:11 ----D---- C:\Windows\Minidump
2011-04-29 14:34:28 ----D---- C:\Program Files (x86)\DebugMode
2011-04-28 13:24:24 ----SHD---- C:\Windows\system32\%APPDATA%
2011-04-28 10:50:32 ----D---- C:\ProgramData\Kaspersky Lab
2011-04-28 10:49:02 ----A---- C:\Program Files (x86)\keys.txt
2011-04-28 10:49:02 ----A---- C:\Program Files (x86)\kav9.0.0.463en.exe
2011-04-27 19:24:07 ----A---- C:\Program Files (x86)\spybotsd162.exe
2011-04-27 14:34:12 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-04-27 14:34:12 ----A---- C:\Windows\system32\XpsPrint.dll
2011-04-27 14:34:08 ----A---- C:\Windows\system32\Apphlpdm.dll
2011-04-27 14:34:07 ----A---- C:\Windows\SYSWOW64\GameUXLegacyGDFs.dll
2011-04-27 14:34:07 ----A---- C:\Windows\SYSWOW64\Apphlpdm.dll
2011-04-27 14:34:07 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2011-04-26 22:18:17 ----A---- C:\guide_v19.exe
2011-04-26 11:17:44 ----SHD---- C:\Users\oem\AppData\Roaming\.#
2011-04-26 11:17:37 ----D---- C:\Program Files (x86)\Hero Fighter
2011-04-26 11:15:24 ----D---- C:\Program Files (x86)\LittleFighter2
2011-04-25 15:27:37 ----D---- C:\Users\oem\AppData\Roaming\IrfanView
2011-04-25 15:27:37 ----D---- C:\Program Files (x86)\IrfanView
2011-04-22 09:31:07 ----D---- C:\Program Files (x86)\ProtectDisc Driver Installer
2011-04-22 09:30:54 ----D---- C:\Users\oem\AppData\Roaming\ProtectDISC
2011-04-22 09:00:54 ----D---- C:\Program Files (x86)\Gray Matter
2011-04-21 19:20:08 ----D---- C:\Program Files (x86)\Microids
2011-04-15 10:08:02 ----A---- C:\Windows\dd_vcredistUI2D00.txt
2011-04-15 10:08:02 ----A---- C:\Windows\dd_vcredistMSI2D00.txt
2011-04-15 10:07:25 ----A---- C:\Windows\dd_vcredistUI2C87.txt
2011-04-15 10:07:25 ----A---- C:\Windows\dd_vcredistMSI2C87.txt
2011-04-14 11:03:41 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2011-04-14 11:03:41 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-04-14 11:03:41 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-04-14 11:03:41 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-04-14 11:03:41 ----A---- C:\Windows\system32\dnsapi.dll
2011-04-14 11:03:35 ----A---- C:\Windows\system32\drivers\srv.sys
2011-04-14 11:03:34 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-04-14 11:03:34 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-04-14 11:03:32 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-04-14 11:03:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-04-14 11:03:29 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-04-14 11:03:29 ----A---- C:\Windows\system32\vbscript.dll
2011-04-14 11:03:29 ----A---- C:\Windows\system32\jscript.dll
2011-04-14 11:03:25 ----A---- C:\Windows\system32\winresume.exe
2011-04-14 11:03:25 ----A---- C:\Windows\system32\winload.exe
2011-04-14 11:03:24 ----A---- C:\Windows\system32\kdusb.dll
2011-04-14 11:03:24 ----A---- C:\Windows\system32\kdcom.dll
2011-04-14 11:03:24 ----A---- C:\Windows\system32\kd1394.dll
2011-04-14 11:02:25 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-14 11:02:24 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-14 11:02:24 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-14 11:02:24 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-04-14 11:02:22 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-04-14 11:02:22 ----A---- C:\Windows\system32\inetcomm.dll
2011-04-14 11:02:13 ----A---- C:\Windows\system32\win32k.sys
2011-04-14 11:02:09 ----A---- C:\Windows\system32\mshtml.dll
2011-04-14 11:02:07 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-04-14 11:02:07 ----A---- C:\Windows\system32\ieframe.dll
2011-04-14 11:02:06 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-04-14 11:02:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-04-14 11:02:06 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-04-14 11:02:06 ----A---- C:\Windows\system32\wininet.dll
2011-04-14 11:02:06 ----A---- C:\Windows\system32\urlmon.dll
2011-04-14 11:02:06 ----A---- C:\Windows\system32\msfeeds.dll
2011-04-14 11:02:06 ----A---- C:\Windows\system32\iertutil.dll
2011-04-14 11:02:06 ----A---- C:\Windows\system32\iedkcs32.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\occache.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2011-04-14 11:02:05 ----A---- C:\Windows\system32\occache.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\mstime.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\mshtmled.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\msfeedssync.exe
2011-04-14 11:02:05 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\licmgr10.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\jsproxy.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\ieUnatt.exe
2011-04-14 11:02:05 ----A---- C:\Windows\system32\ieui.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\iesysprep.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\iesetup.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\iernonce.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\iepeers.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\ie4uinit.exe
2011-04-14 11:00:53 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-04-14 11:00:53 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-04-14 11:00:53 ----A---- C:\Windows\system32\atmlib.dll
2011-04-14 11:00:53 ----A---- C:\Windows\system32\atmfd.dll
2011-04-14 11:00:50 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2011-04-14 11:00:50 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2011-04-14 11:00:50 ----A---- C:\Windows\system32\mfc42u.dll
2011-04-14 11:00:50 ----A---- C:\Windows\system32\mfc42.dll
2011-04-09 22:18:15 ----D---- C:\Program Files\Common Files\Nitro PDF
2011-04-09 22:18:15 ----D---- C:\Program Files (x86)\Nitro PDF
2011-04-04 23:41:20 ----D---- C:\Program Files (x86)\The KMPlayer
2011-04-03 21:29:33 ----D---- C:\ProgramData\MumboJumbo
2011-04-03 21:28:34 ----D---- C:\Program Files (x86)\Games

======List of files/folders modified in the last 1 months======

2011-05-02 12:27:00 ----D---- C:\Windows\Temp
2011-05-02 12:26:59 ----D---- C:\Windows\Prefetch
2011-05-02 12:26:58 ----RD---- C:\Program Files
2011-05-02 12:25:12 ----D---- C:\Windows\System32
2011-05-02 12:25:12 ----D---- C:\Windows\inf
2011-05-02 12:25:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-02 12:18:43 ----SHD---- C:\System Volume Information
2011-05-02 12:17:08 ----D---- C:\Users\oem\AppData\Roaming\uTorrent
2011-05-02 12:10:33 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-05-02 10:40:44 ----D---- C:\Ostatni
2011-05-01 21:47:33 ----D---- C:\Gry
2011-05-01 21:41:39 ----D---- C:\Windows
2011-05-01 21:27:15 ----RD---- C:\Program Files (x86)
2011-05-01 21:27:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-05-01 15:55:31 ----HD---- C:\ProgramData
2011-05-01 15:55:31 ----HD---- C:\Config.Msi
2011-05-01 15:51:23 ----SHD---- C:\Windows\Installer
2011-05-01 15:51:09 ----DC---- C:\Windows\system32\DRVSTORE
2011-05-01 15:51:09 ----D---- C:\Windows\system32\drivers
2011-05-01 15:51:09 ----D---- C:\ProgramData\Lavasoft
2011-05-01 15:40:12 ----D---- C:\Windows\system32\Tasks
2011-05-01 15:39:26 ----D---- C:\Windows\SysWOW64
2011-05-01 15:39:26 ----D---- C:\Windows\system32\catroot
2011-05-01 15:39:20 ----D---- C:\Program Files\Common Files
2011-05-01 15:31:44 ----D---- C:\ProgramData\AVAST Software
2011-05-01 10:47:55 ----D---- C:\Filmy
2011-04-30 12:47:29 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2011-04-30 12:44:36 ----D---- C:\Windows\system32\catroot2
2011-04-28 11:11:32 ----D---- C:\Windows\system32\WDI
2011-04-28 10:17:25 ----D---- C:\Windows\Tasks
2011-04-28 10:15:20 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-04-28 09:19:58 ----D---- C:\Windows\winsxs
2011-04-28 09:19:45 ----D---- C:\Windows\AppPatch
2011-04-27 19:25:29 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2011-04-26 11:17:47 ----D---- C:\Program Files (x86)\Common Files
2011-04-22 09:24:37 ----RSD---- C:\Windows\assembly
2011-04-22 09:21:32 ----SD---- C:\ProgramData\Microsoft
2011-04-22 09:21:02 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-04-22 08:56:47 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-04-18 19:25:00 ----A---- C:\Windows\system32\aswBoot.exe
2011-04-18 17:38:13 ----D---- C:\Windows\system32\drivers\UMDF
2011-04-18 17:37:58 ----D---- C:\Windows\WindowsMobile
2011-04-18 16:22:44 ----A---- C:\Windows\system32\mrt.exe
2011-04-17 16:04:50 ----D---- C:\Users\oem\AppData\Roaming\Nitro PDF
2011-04-15 11:51:51 ----D---- C:\Windows\Microsoft.NET
2011-04-15 10:35:17 ----D---- C:\Windows\system32\Boot
2011-04-15 10:35:16 ----D---- C:\Windows\SYSWOW64\migration
2011-04-15 10:35:16 ----D---- C:\Program Files\Windows Mail
2011-04-15 10:35:16 ----D---- C:\Program Files\Internet Explorer
2011-04-15 10:35:16 ----D---- C:\Program Files (x86)\Windows Mail
2011-04-15 10:35:16 ----D---- C:\Program Files (x86)\Internet Explorer
2011-04-15 10:35:15 ----D---- C:\Windows\system32\migration
2011-04-15 10:07:27 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-04-12 15:52:36 ----D---- C:\Program Files (x86)\Adobe
2011-04-12 15:52:34 ----D---- C:\ProgramData\Adobe
2011-04-09 22:15:22 ----D---- C:\Users\oem\AppData\Roaming\Downloaded Installations
2011-04-06 23:23:28 ----D---- C:\Users\oem\AppData\Roaming\vlc
2011-04-05 21:56:02 ----A---- C:\Windows\system32\nitrolocalui.dll
2011-04-05 21:56:00 ----A---- C:\Windows\system32\nitrolocalmon.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-01 834544]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360x64\0403000.005\SYMDS64.SYS [2010-02-04 433200]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\0403000.005\SYMEFA64.SYS [2010-04-22 221232]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110419.001\BHDrvx64.sys [2011-04-19 1127032]
R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\N360x64\0403000.005\ccHPx64.sys [2010-02-26 615040]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2011-05-01 475696]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110429.002\IDSvia64.sys [2011-04-26 476792]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\0403000.005\SRTSPX64.SYS [2010-04-22 32304]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360x64\0403000.005\Ironx64.SYS [2010-04-29 150064]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\N360x64\0403000.005\SYMTDIV.SYS [2010-05-06 451120]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2006-11-17 52224]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2009-02-22 228400]
R3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [2007-06-05 215040]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-01 132656]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 275456]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-10-15 10619296]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-03-15 145408]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110501.002\ENG64.SYS [2011-05-01 117880]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110501.002\EX64.SYS [2011-05-01 1828984]
R3 NETw5v64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\NETw5v64.sys [2009-09-15 6816256]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-10 111104]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\N360x64\0403000.005\SRTSP64.SYS [2010-04-22 505392]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2011-05-01 173104]
S3 a9jnkm3t;a9jnkm3t; C:\Windows\system32\drivers\a9jnkm3t.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 26112]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 115712]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-10 694272]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-10 34816]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-12-02 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-12-02 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-12-02 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-12-02 21160]
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 145408]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 42496]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\E:\=-Zaloha GIGA flash 2-=\TESTY\EVEREST Ultimate 5.30.2068\kerneld.amd64 []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117120]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 178176]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 41984]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2009-04-10 36864]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 108544]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 alssvc64;Ambient Light Sensor; C:\Program Files (x86)\Dell\Ambient Light Sensor\AlsSvc.exe [2008-06-03 569112]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe [2010-02-26 126392]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 27648]
R2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool; C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [2011-04-05 341296]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 27648]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-05 136176]
S3 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-08-11 864032]
S3 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]

-----------------EOF-----------------

[motji]

Hezké odpoledne


Stahněte Rkill z jednoho z odkazů, pokud by ho vir blokoval, zkuste stahnout jiný

Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill COM:
http://download.bleepingcomputer.com/grinler/rkill.com



Rkill PIF:
http://download.bleepingcomputer.com/grinler/rkill.pif

-spusťte ho a nechejte pracovat. Sám se ukončí.

- Ted nerestartujte počítač!

- Ted nerestartujte počítač!

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix
-přejmenujte ho na cokoliv.com

[max8888]

Combofix proběhl úspěšně, ale pořád mi během scanu vyskakoval nějaký handle64.exe.
Nevíte, jestli je to nějaký virus?

A teď výpis:


ComboFix 11-05-01.04 - oem 02.05.2011 18:01:59.1.2 - x64
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.4050.1965 [GMT 2:00]
Spuštěný z: c:\users\oem\Downloads\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
FW: Norton 360 *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
SP: Norton 360 *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\oem\AppData\Roaming\.#
c:\users\oem\AppData\Roaming\.#\MBX@848@D62748.###
c:\users\oem\AppData\Roaming\.#\MBX@848@D62778.###
c:\users\oem\AppData\Roaming\.#\MBX@A18@2992748.###
c:\users\oem\AppData\Roaming\.#\MBX@A18@2992778.###
c:\users\oem\AppData\Roaming\.#\MBX@E38@27E2748.###
c:\users\oem\AppData\Roaming\.#\MBX@E38@27E2778.###
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-02 do 2011-05-02 )))))))))))))))))))))))))))))))
.
.
2011-05-02 16:09 . 2011-05-02 16:09 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2011-05-02 16:09 . 2011-05-02 16:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-02 13:10 . 2011-05-02 13:26 162432 ----a-w- c:\windows\SysWow64\drivers\ithsgt.sys
2011-05-02 13:10 . 2011-05-02 13:26 12032 ----a-w- c:\windows\SysWow64\drivers\lilsgt.sys
2011-05-02 12:19 . 2011-05-02 12:19 8646 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2011-05-02 10:26 . 2011-05-02 10:27 -------- d-----w- C:\rsit
2011-05-02 10:26 . 2011-05-02 10:27 -------- d-----w- c:\program files\trend micro
2011-05-01 20:30 . 2011-05-01 20:30 -------- d-----w- c:\users\oem\AppData\Roaming\PeerNetworking
2011-05-01 19:27 . 2011-05-01 19:27 -------- d-----w- c:\program files (x86)\Pendulo Studios
2011-05-01 13:39 . 2009-05-18 21:17 34152 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-05-01 13:39 . 2008-04-17 20:12 126312 ----a-r- c:\windows\system32\GEARAspi64.dll
2011-05-01 13:39 . 2008-04-17 20:12 107368 ----a-r- c:\windows\SysWow64\GEARAspi.dll
2011-05-01 13:39 . 2011-05-01 13:39 173104 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2011-05-01 13:39 . 2011-05-01 13:39 -------- d-----w- c:\program files\Common Files\Symantec Shared
2011-05-01 13:39 . 2011-05-01 13:39 -------- d-----w- c:\program files\Symantec
2011-05-01 13:38 . 2011-05-01 19:22 -------- d-----w- c:\windows\system32\drivers\N360x64
2011-05-01 13:38 . 2011-05-01 13:38 -------- d-----w- c:\program files (x86)\Norton 360
2011-05-01 13:38 . 2011-05-01 14:00 -------- d-----w- c:\programdata\Norton
2011-05-01 13:38 . 2011-05-01 13:38 -------- d-----w- c:\program files (x86)\NortonInstaller
2011-05-01 13:32 . 2011-05-01 13:32 -------- d-----w- c:\program files\ESET
2011-04-29 12:34 . 2011-04-29 12:38 -------- d-----w- c:\program files (x86)\DebugMode
2011-04-29 12:01 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FE5AFF21-9DE1-4409-8B28-4C07C391B6B6}\mpengine.dll
2011-04-28 11:24 . 2011-04-28 11:24 -------- d-sh--w- c:\windows\system32\%APPDATA%
2011-04-28 08:51 . 2009-07-03 13:48 158224 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
2011-04-28 08:50 . 2011-04-30 16:03 -------- d-----w- c:\programdata\Kaspersky Lab
2011-04-28 08:49 . 2009-07-23 05:28 58139344 ----a-w- c:\program files (x86)\kav9.0.0.463en.exe
2011-04-27 17:24 . 2011-04-27 17:24 16409960 ----a-w- c:\program files (x86)\spybotsd162.exe
2011-04-27 12:34 . 2011-03-12 22:52 1653760 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-27 12:34 . 2011-03-12 21:55 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-04-27 12:34 . 2011-03-03 15:59 32256 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-04-27 12:34 . 2011-03-03 15:40 28672 ----a-w- c:\windows\SysWow64\Apphlpdm.dll
2011-04-27 12:34 . 2011-03-03 14:00 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-04-27 12:34 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\SysWow64\GameUXLegacyGDFs.dll
2011-04-26 20:18 . 2011-04-26 20:18 965632 ----a-w- C:\guide_v19.exe
2011-04-26 09:17 . 2011-04-26 09:17 -------- d-----w- c:\program files (x86)\Common Files\SWF Studio
2011-04-26 09:17 . 2011-04-26 09:17 -------- d-----w- c:\program files (x86)\Hero Fighter
2011-04-26 09:15 . 2011-04-26 09:15 -------- d-----w- c:\program files (x86)\LittleFighter2
2011-04-25 13:27 . 2011-04-25 18:16 -------- d-----w- c:\users\oem\AppData\Roaming\IrfanView
2011-04-25 13:27 . 2011-04-25 13:27 -------- d-----w- c:\program files (x86)\IrfanView
2011-04-22 07:31 . 2011-04-22 07:31 -------- d-----w- c:\program files (x86)\ProtectDisc Driver Installer
2011-04-22 07:30 . 2011-04-22 07:30 -------- d-----w- c:\users\oem\AppData\Roaming\ProtectDISC
2011-04-22 07:00 . 2011-04-22 07:19 -------- d-----w- c:\program files (x86)\Gray Matter
2011-04-21 17:20 . 2011-04-21 17:20 -------- d-----w- c:\program files (x86)\Microids
2011-04-21 17:19 . 2001-09-05 02:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-04-21 17:19 . 2001-09-05 02:18 225280 ------w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-04-21 17:19 . 2001-09-05 02:14 176128 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-04-21 17:19 . 2001-09-05 02:13 32768 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-04-14 09:02 . 2011-02-18 14:16 274432 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-14 09:00 . 2011-02-16 16:37 48128 ----a-w- c:\windows\system32\atmlib.dll
2011-04-14 09:00 . 2011-02-16 16:16 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-04-14 09:00 . 2011-02-16 14:15 367616 ----a-w- c:\windows\system32\atmfd.dll
2011-04-14 09:00 . 2011-02-16 14:02 292864 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-04-14 09:00 . 2011-03-10 17:18 1360384 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-14 09:00 . 2011-03-10 17:18 1398784 ----a-w- c:\windows\system32\mfc42.dll
2011-04-14 09:00 . 2011-03-10 17:03 1162240 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-04-14 09:00 . 2011-03-10 17:03 1136640 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-04-09 20:18 . 2011-04-09 20:18 -------- d-----w- c:\program files\Common Files\Nitro PDF
2011-04-09 20:18 . 2011-04-09 20:18 -------- d-----w- c:\program files (x86)\Nitro PDF
2011-04-09 20:18 . 2011-04-09 20:18 -------- d-----w- c:\program files (x86)\Common Files\Nitro PDF
2011-04-04 21:41 . 2011-04-04 21:41 -------- d-----w- c:\program files (x86)\The KMPlayer
2011-04-03 19:29 . 2011-04-03 19:29 -------- d-----w- c:\programdata\MumboJumbo
2011-04-03 19:28 . 2011-04-03 19:28 -------- d-----w- c:\program files (x86)\Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-18 17:25 . 2011-03-29 14:40 253888 ----a-w- c:\windows\system32\aswBoot.exe
2011-04-05 19:56 . 2010-11-24 20:44 17200 ----a-w- c:\windows\system32\nitrolocalui.dll
2011-04-05 19:56 . 2010-11-24 20:44 28976 ----a-w- c:\windows\system32\nitrolocalmon.dll
2011-03-29 14:37 . 2011-03-29 14:30 62623864 ----a-w- c:\program files (x86)\setup_av_free.exe
2011-03-25 16:08 . 2011-03-25 16:08 49752 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-03-25 15:35 . 2011-03-25 15:30 123540208 ----a-w- c:\program files (x86)\Ad-Aware90Install.exe
2011-03-24 12:14 . 2011-03-24 12:14 7853560 ----a-w- c:\program files (x86)\FoxitReader43_enu_Setup.exe
2011-03-03 15:59 . 2011-04-27 12:34 100352 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2011-03-03 15:59 . 2011-04-27 12:34 331776 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 15:59 . 2011-04-27 12:34 284672 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2011-03-03 15:40 . 2011-04-27 12:34 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-04-27 12:34 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-04-27 12:34 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-04-27 12:34 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-02-22 14:47 . 2011-03-23 07:47 479744 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-22 14:13 . 2011-03-23 07:47 288768 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-22 13:53 . 2011-03-23 07:47 1555968 ----a-w- c:\windows\system32\DWrite.dll
2011-02-22 13:53 . 2011-03-23 07:47 1149440 ----a-w- c:\windows\system32\FntCache.dll
2011-02-22 13:33 . 2011-03-23 07:47 1068544 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-20 18:07 . 2011-02-20 18:07 1582861 ----a-w- c:\windows\WANEUninstaller.exe
2011-02-15 11:52 . 2011-02-19 14:21 17710072 ----a-w- c:\program files (x86)\PDFXVwerTERAGON.exe
2011-02-02 16:11 . 2010-11-23 12:41 270720 ------w- c:\windows\system32\MpSigStub.exe
2010-12-07 10:57 . 2010-12-07 10:57 7204792 ----a-w- c:\program files (x86)\Babylon8_setup.exe
2010-11-28 22:11 . 2010-11-28 22:10 19460862 ----a-w- c:\program files (x86)\K-Lite_Codec_Pack_660_Mega.exe
2010-11-28 13:20 . 2010-11-28 13:20 395128 ----a-w- c:\program files\utorrent.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1555968]
"TouchFreeze"="c:\program files (x86)\TouchFreeze\TouchFreeze.exe" [2005-04-29 45056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-11 1080608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-05 136176]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;e:\=-zaloha giga flash 2-=\TESTY\EVEREST Ultimate 5.30.2068\kerneld.amd64 [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0403000.005\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0403000.005\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110419.001\BHDrvx64.sys [2011-04-19 1127032]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360x64\0403000.005\ccHPx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110429.002\IDSvia64.sys [2011-04-26 476792]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0403000.005\Ironx64.SYS [x]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\N360x64\0403000.005\SYMTDIV.SYS [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
S2 alssvc64;Ambient Light Sensor;c:\program files (x86)\Dell\Ambient Light Sensor\AlsSvc.exe [2008-06-03 569112]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe [2010-02-26 126392]
S2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [2011-04-05 341296]
S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60a.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-01 132656]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
S3 NETw5v64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw5v64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-05 11:22]
.
2011-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-05 11:22]
.
2011-05-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3254255305-1389485793-2003321422-1000Core.job
- c:\users\oem\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-15 11:22]
.
2011-05-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3254255305-1389485793-2003321422-1000UA.job
- c:\users\oem\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-15 11:22]
.
2011-05-02 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files (x86)\Spybot - Search & Destroy\SpybotSD.exe [2011-04-27 13:31]
.
2011-05-02 c:\windows\Tasks\User_Feed_Synchronization-{75AD21A1-C4E0-4698-83F9-DD47D4A1F401}.job
- c:\windows\system32\msfeedssync.exe [2011-04-14 04:43]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [X]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-02-23 283136]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-10-15 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-10-15 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-10-15 415256]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 225792]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: {D5EABF05-9698-4945-AC22-9609491BCC2F} = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\6rypynnl.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-RGSC - c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-thriXXX WebLaunch - c:\program files (x86)\thriXXX\WebLaunch\WebLaunchUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\4.3.0.5\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\e:\=-zaloha giga flash 2-=\TESTY\EVEREST Ultimate 5.30.2068\kerneld.amd64"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3254255305-1389485793-2003321422-1000\Software\SecuROM\License information*]
"datasecu"=hex:a3,09,a4,ef,86,9b,45,1e,4c,24,f5,3f,99,64,39,1c,6f,53,fe,e2,d1,
b1,7e,68,1c,d8,9d,cb,9d,1b,f6,89,b7,ad,23,15,e7,86,e9,8d,79,6f,74,d5,27,c6,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-05-02 18:11:48
ComboFix-quarantined-files.txt 2011-05-02 16:11
.
Před spuštěním: Volných bajtů: 236 811 079 680
Po spuštění: Volných bajtů: 236 725 784 576
.
- - End Of File - - F9E149FBE846B1B682F3FE3CFAE44C96

[motji]

Stáhněte SystemLook
http://jpshortstuff.247fixes.com/SystemLook.exe

- uložte ho na plochu a spustte.
- do okénka zkopírujte

Kód: Vybrat vše

:filefind
handle64.exe

:regfind
handle64.exe

- klikněte na Look, proběhne sken, na konci se zobrazí log, jehož obsah zkopírujete sem

[max8888]

nada....

SystemLook 04.09.10 by jpshortstuff
Log created at 21:28 on 02/05/2011 by oem
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== filefind ==========

Searching for "handle64.exe"
No files found.

========== regfind ==========

Searching for "handle64.exe"
No data found.

-= EOF =-

[motji]

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[max8888]

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6493

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19048

2.5.2011 22:14:23
mbam-log-2011-05-02 (22-14-23).txt

Typ kontroly: Rychlý test
Testované objekty: 161018
Uplynulý čas: 2 minut, 53 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[motji]

Teď to vypadá s počítačem jak?

[max8888]

Po restartu bohužel vždy musím zmáčknou ctrl+alt+delete a až potom můžu myší na něco poklikat.

[motji]

Odkdy je tento stav, instaloval jste nějaký program?

[max8888]

Nevím o ničem, ještě si vzpomínám, že Spybot měl potíže s nějakým "Babylonem" (asi slovník)...

[motji]

Obnovu systému jste zkoušel?

[max8888]

Už to funguje, dal jsem opravit registr Nortonem a vymazal všechny soubory s názvem Babylon (těžko
říct, co z toho fungovalo). Každopádně mnohokráte děkuji za Váš čas a odborné rady.

[motji]

tak to redy vůbec nevím, co jste s tím měl .


Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

[max8888]

Vše jsem podle instrukcí udělal, počítač se chová už úplně normálně.


Logfile of random's system information tool 1.08 (written by random/random)
Run by oem at 2011-05-03 14:18:34
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 221 GB (46%) free of 477 GB
Total RAM: 4050 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:18:43, on 3.5.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19048)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
C:\Program Files (x86)\TouchFreeze\TouchFreeze.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\oem.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coIEPlg.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [TouchFreeze] C:\Program Files (x86)\TouchFreeze\TouchFreeze.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{D5EABF05-9698-4945-AC22-9609491BCC2F}: NameServer = 8.8.8.8,8.8.4.4
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ambient Light Sensor (alssvc64) - Dell Inc. - C:\Program Files (x86)\Dell\Ambient Light Sensor\AlsSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Licencování softwaru (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6272 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\diMaster.dll" /prefetch:1
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Dell\Ambient Light Sensor\AlsSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 1956
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {DBCA3495-967E-464E-A952-1F4A4E78B737}
taskeng.exe {AED76897-8FA8-45E1-8090-D0903DFE89FF}
C:\Windows\SysWOW64\DllHost.exe /Processid:{304CE942-6E39-40D8-943A-B913C40C9CD4}
"C:\Program Files\Apoint2K\Apoint.exe"
"C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ccSvcHst.exe" /c /a /s UserSession
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\WindowsMobile\wmdSync.exe"
"C:\Program Files (x86)\TouchFreeze\TouchFreeze.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\Apoint2K\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
C:\Windows\System32\mobsync.exe -Embedding
"Apntex.exe"
C:\Windows\system32\conime.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\oem\Downloads\RSITx64 (1).exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3254255305-1389485793-2003321422-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3254255305-1389485793-2003321422-1000UA.job
C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job
C:\Windows\tasks\User_Feed_Synchronization-{75AD21A1-C4E0-4698-83F9-DD47D4A1F401}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coIEPlg.dll [2010-05-13 394608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\IPSBHO.DLL [2010-02-04 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-04-14 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coIEPlg.dll [2010-05-13 394608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2009-02-23 283136]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-10-15 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-10-15 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-10-15 415256]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-21 225792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TouchFreeze"=C:\Program Files (x86)\TouchFreeze\TouchFreeze.exe [2005-04-29 45056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-01-07 253672]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-10-15 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"NoResolveTrack"=1
"NoDrives"=0
"NoBandCustomize"=0
"NoMovingBands"=0
"NoCloseDragDropBands"=0
"NoActiveDesktop"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-05-03 14:18:34 ----D---- C:\rsit
2011-05-03 14:04:12 ----D---- C:\Program Files (x86)\CCleaner
2011-05-03 14:00:08 ----RD---- C:\32788R22FWJFW
2011-05-03 12:25:41 ----D---- C:\Users\oem\AppData\Roaming\GlarySoft
2011-05-03 12:25:40 ----D---- C:\Program Files (x86)\Glary Registry Repair
2011-05-03 11:54:25 ----RA---- C:\Windows\SYSWOW64\GEARAspi.dll
2011-05-03 11:54:25 ----RA---- C:\Windows\system32\GEARAspi64.dll
2011-05-03 11:54:25 ----RA---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2011-05-03 11:54:18 ----D---- C:\Program Files\Symantec
2011-05-03 11:54:18 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-05-03 11:54:18 ----A---- C:\Windows\system32\drivers\SYMEVENT64x86.SYS
2011-05-03 11:53:12 ----D---- C:\Windows\system32\drivers\N360x64
2011-05-03 11:53:10 ----D---- C:\Program Files (x86)\Norton 360
2011-05-03 11:52:51 ----D---- C:\Program Files (x86)\NortonInstaller
2011-05-03 11:27:32 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-05-03 11:27:31 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-05-03 11:27:31 ----A---- C:\Windows\SYSWOW64\java.exe
2011-05-02 22:10:55 ----D---- C:\Users\oem\AppData\Roaming\Malwarebytes
2011-05-02 22:10:37 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-05-02 22:10:36 ----D---- C:\ProgramData\Malwarebytes
2011-05-02 22:10:33 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-05-02 22:10:33 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-05-02 22:01:01 ----SHD---- C:\Users\oem\AppData\Roaming\.#
2011-05-02 20:36:01 ----D---- C:\Program Files (x86)\Strategy First
2011-05-02 18:55:59 ----D---- C:\Program Files (x86)\Amnesia - The Dark Descent
2011-05-02 18:25:12 ----SHD---- C:\$RECYCLE.BIN
2011-05-02 18:21:36 ----D---- C:\Program Files (x86)\House of Tales
2011-05-02 18:11:50 ----D---- C:\Windows\temp
2011-05-02 15:10:07 ----A---- C:\Windows\SYSWOW64\drivers\ithsgt.sys
2011-05-02 15:10:05 ----A---- C:\Windows\SYSWOW64\drivers\lilsgt.sys
2011-05-02 12:26:58 ----D---- C:\Program Files\trend micro
2011-05-01 22:30:34 ----D---- C:\Users\oem\AppData\Roaming\PeerNetworking
2011-05-01 15:38:23 ----D---- C:\ProgramData\Norton
2011-05-01 15:38:16 ----D---- C:\ProgramData\NortonInstaller
2011-05-01 15:32:45 ----D---- C:\Program Files\ESET
2011-05-01 15:32:44 ----D---- C:\ProgramData\ESET
2011-04-29 17:59:11 ----D---- C:\Windows\Minidump
2011-04-29 14:34:28 ----D---- C:\Program Files (x86)\DebugMode
2011-04-28 13:24:24 ----SHD---- C:\Windows\system32\%APPDATA%
2011-04-28 10:50:32 ----D---- C:\ProgramData\Kaspersky Lab
2011-04-28 10:49:02 ----A---- C:\Program Files (x86)\keys.txt
2011-04-28 10:49:02 ----A---- C:\Program Files (x86)\kav9.0.0.463en.exe
2011-04-27 19:24:07 ----A---- C:\Program Files (x86)\spybotsd162.exe
2011-04-27 14:34:12 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-04-27 14:34:12 ----A---- C:\Windows\system32\XpsPrint.dll
2011-04-27 14:34:08 ----A---- C:\Windows\system32\Apphlpdm.dll
2011-04-27 14:34:07 ----A---- C:\Windows\SYSWOW64\GameUXLegacyGDFs.dll
2011-04-27 14:34:07 ----A---- C:\Windows\SYSWOW64\Apphlpdm.dll
2011-04-27 14:34:07 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2011-04-26 22:18:17 ----A---- C:\guide_v19.exe
2011-04-26 11:17:37 ----D---- C:\Program Files (x86)\Hero Fighter
2011-04-26 11:15:24 ----D---- C:\Program Files (x86)\LittleFighter2
2011-04-25 15:27:37 ----D---- C:\Users\oem\AppData\Roaming\IrfanView
2011-04-25 15:27:37 ----D---- C:\Program Files (x86)\IrfanView
2011-04-22 09:31:07 ----D---- C:\Program Files (x86)\ProtectDisc Driver Installer
2011-04-22 09:30:54 ----D---- C:\Users\oem\AppData\Roaming\ProtectDISC
2011-04-21 19:20:08 ----D---- C:\Program Files (x86)\Microids
2011-04-15 10:08:02 ----A---- C:\Windows\dd_vcredistUI2D00.txt
2011-04-15 10:08:02 ----A---- C:\Windows\dd_vcredistMSI2D00.txt
2011-04-15 10:07:25 ----A---- C:\Windows\dd_vcredistUI2C87.txt
2011-04-15 10:07:25 ----A---- C:\Windows\dd_vcredistMSI2C87.txt
2011-04-14 11:03:41 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2011-04-14 11:03:41 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-04-14 11:03:41 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-04-14 11:03:41 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-04-14 11:03:41 ----A---- C:\Windows\system32\dnsapi.dll
2011-04-14 11:03:35 ----A---- C:\Windows\system32\drivers\srv.sys
2011-04-14 11:03:34 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-04-14 11:03:34 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-04-14 11:03:32 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-04-14 11:03:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-04-14 11:03:29 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-04-14 11:03:29 ----A---- C:\Windows\system32\vbscript.dll
2011-04-14 11:03:29 ----A---- C:\Windows\system32\jscript.dll
2011-04-14 11:03:25 ----A---- C:\Windows\system32\winresume.exe
2011-04-14 11:03:25 ----A---- C:\Windows\system32\winload.exe
2011-04-14 11:03:24 ----A---- C:\Windows\system32\kdusb.dll
2011-04-14 11:03:24 ----A---- C:\Windows\system32\kdcom.dll
2011-04-14 11:03:24 ----A---- C:\Windows\system32\kd1394.dll
2011-04-14 11:02:25 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-14 11:02:24 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-14 11:02:24 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-14 11:02:24 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-04-14 11:02:22 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-04-14 11:02:22 ----A---- C:\Windows\system32\inetcomm.dll
2011-04-14 11:02:13 ----A---- C:\Windows\system32\win32k.sys
2011-04-14 11:02:09 ----A---- C:\Windows\system32\mshtml.dll
2011-04-14 11:02:07 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-04-14 11:02:07 ----A---- C:\Windows\system32\ieframe.dll
2011-04-14 11:02:06 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-04-14 11:02:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-04-14 11:02:06 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-04-14 11:02:06 ----A---- C:\Windows\system32\wininet.dll
2011-04-14 11:02:06 ----A---- C:\Windows\system32\urlmon.dll
2011-04-14 11:02:06 ----A---- C:\Windows\system32\msfeeds.dll
2011-04-14 11:02:06 ----A---- C:\Windows\system32\iertutil.dll
2011-04-14 11:02:06 ----A---- C:\Windows\system32\iedkcs32.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\occache.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-04-14 11:02:05 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2011-04-14 11:02:05 ----A---- C:\Windows\system32\occache.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\mstime.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\mshtmled.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\msfeedssync.exe
2011-04-14 11:02:05 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\licmgr10.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\jsproxy.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\ieUnatt.exe
2011-04-14 11:02:05 ----A---- C:\Windows\system32\ieui.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\iesysprep.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\iesetup.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\iernonce.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\iepeers.dll
2011-04-14 11:02:05 ----A---- C:\Windows\system32\ie4uinit.exe
2011-04-14 11:00:53 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-04-14 11:00:53 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-04-14 11:00:53 ----A---- C:\Windows\system32\atmlib.dll
2011-04-14 11:00:53 ----A---- C:\Windows\system32\atmfd.dll
2011-04-14 11:00:50 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2011-04-14 11:00:50 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2011-04-14 11:00:50 ----A---- C:\Windows\system32\mfc42u.dll
2011-04-14 11:00:50 ----A---- C:\Windows\system32\mfc42.dll
2011-04-09 22:18:15 ----D---- C:\Program Files\Common Files\Nitro PDF
2011-04-09 22:18:15 ----D---- C:\Program Files (x86)\Nitro PDF
2011-04-04 23:41:20 ----D---- C:\Program Files (x86)\The KMPlayer

======List of files/folders modified in the last 1 months======

2011-05-03 14:18:43 ----D---- C:\Windows\Prefetch
2011-05-03 14:17:27 ----D---- C:\Windows\System32
2011-05-03 14:17:27 ----D---- C:\Windows\inf
2011-05-03 14:17:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-03 14:12:58 ----SHD---- C:\System Volume Information
2011-05-03 14:08:39 ----SHD---- C:\Windows\Installer
2011-05-03 14:04:43 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-05-03 14:04:36 ----D---- C:\Windows\Debug
2011-05-03 14:04:36 ----D---- C:\Windows
2011-05-03 14:04:12 ----RD---- C:\Program Files (x86)
2011-05-03 14:00:31 ----D---- C:\Windows\system32\drivers
2011-05-03 12:19:06 ----D---- C:\Windows\Logs
2011-05-03 11:55:08 ----D---- C:\Windows\system32\Tasks
2011-05-03 11:54:27 ----D---- C:\Windows\system32\catroot
2011-05-03 11:54:25 ----D---- C:\Windows\SysWOW64
2011-05-03 11:54:20 ----DC---- C:\Windows\system32\DRVSTORE
2011-05-03 11:54:18 ----RD---- C:\Program Files
2011-05-03 11:54:18 ----D---- C:\Program Files\Common Files
2011-05-03 11:52:29 ----D---- C:\Ostatni
2011-05-03 11:30:06 ----D---- C:\Users\oem\AppData\Roaming\uTorrent
2011-05-03 11:28:30 ----D---- C:\Config.Msi
2011-05-03 11:28:29 ----D---- C:\Program Files (x86)\Common Files
2011-05-03 11:27:27 ----D---- C:\Program Files (x86)\Java
2011-05-03 10:16:04 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-05-02 22:10:37 ----D---- C:\Windows\SYSWOW64\drivers
2011-05-02 22:10:36 ----D---- C:\ProgramData
2011-05-02 21:48:00 ----D---- C:\Gry
2011-05-02 18:09:49 ----A---- C:\Windows\system.ini
2011-05-02 18:09:43 ----D---- C:\Windows\system32\drivers\etc
2011-05-02 18:05:35 ----D---- C:\Windows\AppPatch
2011-05-02 12:10:33 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-05-01 15:51:09 ----D---- C:\ProgramData\Lavasoft
2011-05-01 15:31:44 ----D---- C:\ProgramData\AVAST Software
2011-05-01 10:47:55 ----D---- C:\Filmy
2011-04-30 12:47:29 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2011-04-30 12:44:36 ----D---- C:\Windows\system32\catroot2
2011-04-28 11:11:32 ----D---- C:\Windows\system32\WDI
2011-04-28 10:17:25 ----D---- C:\Windows\Tasks
2011-04-28 09:19:58 ----D---- C:\Windows\winsxs
2011-04-27 19:25:29 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2011-04-22 09:24:37 ----RSD---- C:\Windows\assembly
2011-04-22 09:21:32 ----SD---- C:\ProgramData\Microsoft
2011-04-22 09:21:02 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-04-22 08:56:47 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-04-18 19:25:00 ----A---- C:\Windows\system32\aswBoot.exe
2011-04-18 17:38:13 ----D---- C:\Windows\system32\drivers\UMDF
2011-04-18 17:37:58 ----D---- C:\Windows\WindowsMobile
2011-04-18 16:22:44 ----A---- C:\Windows\system32\mrt.exe
2011-04-17 16:04:50 ----D---- C:\Users\oem\AppData\Roaming\Nitro PDF
2011-04-15 11:51:51 ----D---- C:\Windows\Microsoft.NET
2011-04-15 10:35:17 ----D---- C:\Windows\system32\Boot
2011-04-15 10:35:16 ----D---- C:\Windows\SYSWOW64\migration
2011-04-15 10:35:16 ----D---- C:\Program Files\Windows Mail
2011-04-15 10:35:16 ----D---- C:\Program Files\Internet Explorer
2011-04-15 10:35:16 ----D---- C:\Program Files (x86)\Windows Mail
2011-04-15 10:35:16 ----D---- C:\Program Files (x86)\Internet Explorer
2011-04-15 10:35:15 ----D---- C:\Windows\system32\migration
2011-04-15 10:07:27 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-04-14 05:07:59 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2011-04-12 15:52:36 ----D---- C:\Program Files (x86)\Adobe
2011-04-12 15:52:34 ----D---- C:\ProgramData\Adobe
2011-04-09 22:15:22 ----D---- C:\Users\oem\AppData\Roaming\Downloaded Installations
2011-04-06 23:23:28 ----D---- C:\Users\oem\AppData\Roaming\vlc
2011-04-05 21:56:02 ----A---- C:\Windows\system32\nitrolocalui.dll
2011-04-05 21:56:00 ----A---- C:\Windows\system32\nitrolocalmon.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-01 834544]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360x64\0402000.00C\SYMDS64.SYS [2010-02-04 433200]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\0402000.00C\SYMEFA64.SYS [2010-04-22 221232]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110430.001\BHDrvx64.sys [2011-04-30 1127032]
R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\N360x64\0402000.00C\ccHPx64.sys [2010-02-26 615040]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2011-05-03 475696]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110429.002\IDSvia64.sys [2011-04-26 476792]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\0402000.00C\SRTSPX64.SYS [2010-04-22 32304]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360x64\0402000.00C\Ironx64.SYS [2010-04-29 150064]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\N360x64\0402000.00C\SYMTDIV.SYS [2010-05-06 451120]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2006-11-17 52224]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2009-02-22 228400]
R3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [2007-06-05 215040]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-03 132656]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 275456]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-10-15 10619296]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-03-15 145408]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110502.018\ENG64.SYS [2011-05-03 117880]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110502.018\EX64.SYS [2011-05-03 1828984]
R3 NETw5v64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\NETw5v64.sys [2009-09-15 6816256]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-10 111104]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\N360x64\0402000.00C\SRTSP64.SYS [2010-04-22 505392]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2011-05-03 173104]
S2 ithsgt;ithsgt; C:\Windows\system32\DRIVERS\ithsgt.sys []
S2 lilsgt;lilsgt; C:\Windows\system32\DRIVERS\lilsgt.sys []
S3 af39840e;af39840e; C:\Windows\system32\drivers\af39840e.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 26112]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 115712]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-10 694272]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-10 34816]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-12-02 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-12-02 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-12-02 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-12-02 21160]
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 145408]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 42496]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\E:\=-Zaloha GIGA flash 2-=\TESTY\EVEREST Ultimate 5.30.2068\kerneld.amd64 []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117120]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 178176]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 41984]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2009-04-10 36864]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 108544]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 alssvc64;Ambient Light Sensor; C:\Program Files (x86)\Dell\Ambient Light Sensor\AlsSvc.exe [2008-06-03 569112]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ccSvcHst.exe [2010-02-26 126392]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 27648]
R2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool; C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [2011-04-05 341296]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 27648]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-05 136176]
S3 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-08-11 864032]
S3 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]

-----------------EOF-----------------