Prosím o kontrolu logu - vir

[DnBVojtas]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:27:45, on 3.8.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\HsMgr.exe
C:\Program Files\ASUS Xonar DG Audio\Customapp\ASUSAUDIOCENTER.EXE
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\Gaming Mouse\Tray.exe
C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Vojtas\Downloads\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [Gaming Mouse Hid] "C:\Program Files (x86)\Gaming Mouse\hid.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe (file missing)
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files (x86)\RelevantKnowledge\rlservice.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files (x86)\WinPcap\rpcapd.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1x\RpcAgentSrv.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 11894 bytes

[Rudy]

Dejte log z RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 . Je podrobnější, než HijackThis.

[DnBVojtas]

Díky zkusím

[DnBVojtas]

Tady je ten log z RSIT


Logfile of random's system information tool 1.09 (written by random/random)
Run by Vojtas at 2011-08-04 08:17:47
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 39 GB (19%) free of 204 GB
Total RAM: 4094 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:09:45, on 4.8.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\HsMgr.exe
C:\Program Files\ASUS Xonar DG Audio\Customapp\ASUSAUDIOCENTER.EXE
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\Gaming Mouse\Tray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Vojtas\Downloads\Vojtas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [Gaming Mouse Hid] "C:\Program Files (x86)\Gaming Mouse\hid.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe (file missing)
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files (x86)\RelevantKnowledge\rlservice.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files (x86)\WinPcap\rpcapd.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1x\RpcAgentSrv.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 11861 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG10\avgchsva.exe /boot
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe"
atieclxx
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\SysWOW64\ASGT.exe
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe"
"C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe"
"C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe"
"C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe"
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\AVG\AVG10\avgnsa.exe"
"C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe"
"C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe"
WLIDSvcM.exe 2184
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\SysWOW64\HsMgr.exe" Envoke
"C:\Windows\system\HsMgr64.exe" Envoke
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\ASUS Xonar DG Audio\Customapp\ASUSAUDIOCENTER.EXE"
"C:\Program Files (x86)\AVG\AVG10\avgtray.exe"
"C:\Program Files (x86)\Gaming Mouse\hid.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Gaming Mouse\Tray.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=extension --disable-client-side-phishing-detection --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwndDynamic/SpdyImpact/npn_with_spdy/ --channel=4592.0231BA98.2108348099 /prefetch:3 --ignored=" --type=renderer "
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=extension --disable-client-side-phishing-detection --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwndDynamic/SpdyImpact/npn_with_spdy/ --channel=4592.02317B28.1529564290 /prefetch:3 --ignored=" --type=renderer "
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Vojtas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci\1.0_0\npGamePlayLabsPlugin.dll" --lang=cs --channel=4592.07822428.112796827 /prefetch:4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Vojtas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1390_0\plugins/avgnpss.dll" --lang=cs --channel=4592.078488F8.1770260356 /prefetch:4
C:\Windows\system32\rundll32.exe "C:\PROGRA~2\Google\Chrome\APPLIC~1\120742~1.122\gcswf32.dll",BrokerMain browser=chrome
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Google\Chrome\Application\12.0.742.122\gcswf32.dll" --lang=cs --channel=4592.07982F28.846318132 /prefetch:4 --flash-broker=5016
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe /pipeName=e7698019-3eba-4c72-a185-5e1dc73aa966 /coreSdkOptions=30 /logConfFile="C:\ProgramData\AVG10\temp\1199b978-4327-4c20-b262-1f2a8177d974-af0-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG10\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg10" /tempPath="C:\ProgramData\AVG10\temp\"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-client-side-phishing-detection --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_6/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwndDynamic/SpdyImpact/npn_with_spdy/ --channel=4592.07936900.734476181 /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-client-side-phishing-detection --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_6/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwndDynamic/SpdyImpact/npn_with_spdy/ --channel=4592.0781F530.1342325926 /prefetch:3
"taskhost.exe"
"C:\Users\Vojtas\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Vojtas\AppData\Roaming\Mozilla\Firefox\Profiles\dqg9qfcx.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.smartwebsearch.net/index.php?from=3"
prefs.js - "extensions.enabledItems" - "{ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10, m3ffxtbr@mywebsearch.com:1.1, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6, {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178, battlefieldplay4free@ea.com:1.0.26.2, {6E19037A-12E3-4295-8915-ED48BC341614}:1.3.328.4, plugin@gameplaylabs.com:1.0, bkmrksync@nokia.com:1.0.0.736, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.11"
prefs.js - "keyword.URL" - "http://search.babylon.com/?babsrc=toolbar2&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@fileplanet.com/fpdlm]
"Description"=
"Path"=C:\Program Files (x86)\Download Manager\npfpdlm.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=8]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Vojtas\AppData\Roaming\Mozilla\Firefox\Profiles\dqg9qfcx.default\extensions\
battlefieldplay4free@ea.com
piclens@cooliris.com
plugin@gameplaylabs.com

C:\Users\Vojtas\AppData\Roaming\Mozilla\Firefox\Profiles\dqg9qfcx.default\searchplugins\
ask.uk.xml
mywebsearch.xml
Searchster.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll [2011-07-08 3559264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssie.dll [2011-07-08 2274144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio8788"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Cmaudio8788GX"=C:\Windows\syswow64\HsMgr.exe [2008-07-11 200704]
"Cmaudio8788GX64"=C:\Windows\system\HsMgr64.exe [2008-07-11 282112]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-02-22 500208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 4]
C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe [2011-05-28 412560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Babylon Client]
C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BabylonToolbar]
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.23.10\BabylonToolbarsrv.exe /md I []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BatteryCare]
C:\Program Files (x86)\BatteryCare\BatteryCare.exe [2011-03-08 703488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
C:\Program Files (x86)\BitComet\BitComet.exe [2010-12-08 10811696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CorelDRAW Graphics Suite 11b]
C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe [2004-06-23 729088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-09-16 1164584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Vojtas\AppData\Local\Google\Update\GoogleUpdate.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2011-02-22 3019376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
C:\Program Files (x86)\Download Manager\DLM.exe [2009-10-27 1103216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2010-01-27 57928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor]
C:\PROGRA~2\MYWEBS~1\bar\2.bin\m3SrchMn.exe /m=2 /w /h []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~2\MYWEBS~1\bar\2.bin\mwsoemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-12-21 1483264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2007-09-25 130584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartupDelayer]
C:\Program Files\r2 Studios\Startup Delayer\Startup Delayer.exe /LaunchType=Auto /LaunchApps=Common []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Turbo Key]
C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TurboV EVO]
C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe -b []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Vojtas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
C:\PROGRA~2\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2011-04-18 2334560]
"Gaming Mouse Hid"=C:\Program Files (x86)\Gaming Mouse\hid.exe [2010-01-19 428544]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-07-11 336384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoInstrumentation"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-08-04 08:09:36 ----D---- C:\rsit
2011-08-03 16:37:26 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-08-03 16:37:26 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2011-08-03 16:26:15 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2011-08-03 16:25:12 ----HDC---- C:\ProgramData\{91EC863D-D912-4466-91CC-9489A4A2ADD3}
2011-08-03 16:25:08 ----D---- C:\ProgramData\Lavasoft
2011-08-03 16:25:08 ----D---- C:\Program Files (x86)\Lavasoft
2011-08-03 12:51:40 ----D---- C:\Users\Vojtas\AppData\Roaming\AVG
2011-08-03 09:40:44 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2011-07-30 21:31:47 ----A---- C:\Windows\unvise32.exe
2011-07-30 21:24:20 ----D---- C:\ProgramData\Studio 14
2011-07-30 21:24:20 ----D---- C:\ProgramData\Pinnacle Studio Plus
2011-07-30 20:22:44 ----A---- C:\Windows\system32\drivers\cmudaxp.sys
2011-07-27 20:49:08 ----D---- C:\ProgramData\ATI
2011-07-27 20:49:07 ----D---- C:\Program Files (x86)\AMD APP
2011-07-27 13:47:39 ----D---- C:\Program Files (x86)\1C
2011-07-27 12:58:46 ----D---- C:\Program Files (x86)\Algodoo
2011-07-23 17:49:44 ----A---- C:\Windows\NCUNINST.EXe
2011-07-23 17:49:44 ----A---- C:\Windows\NCLAUNCH.EXe
2011-07-23 13:10:22 ----D---- C:\Program Files (x86)\Nobilis
2011-07-22 17:21:14 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-07-22 17:21:14 ----A---- C:\Windows\SYSWOW64\user.exe
2011-07-22 17:21:14 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-07-22 17:21:14 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-07-22 17:21:14 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-07-22 17:21:14 ----A---- C:\Windows\system32\wow64win.dll
2011-07-22 17:21:14 ----A---- C:\Windows\system32\wow64cpu.dll
2011-07-22 17:21:14 ----A---- C:\Windows\system32\wow64.dll
2011-07-22 17:21:14 ----A---- C:\Windows\system32\winsrv.dll
2011-07-22 17:21:14 ----A---- C:\Windows\system32\ntvdm64.dll
2011-07-22 17:21:14 ----A---- C:\Windows\system32\conhost.exe
2011-07-22 17:20:51 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-07-22 17:20:51 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-07-22 17:20:51 ----A---- C:\Windows\system32\KernelBase.dll
2011-07-22 17:20:51 ----A---- C:\Windows\system32\kernel32.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-22 17:20:50 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-22 17:20:27 ----A---- C:\Windows\system32\win32k.sys
2011-07-22 15:53:17 ----D---- C:\Program Files (x86)\Aspyr
2011-07-21 20:43:46 ----D---- C:\Users\Vojtas\AppData\Roaming\Day 1 Studios
2011-07-21 20:34:00 ----D---- C:\Program Files (x86)\WB Games
2011-07-18 16:20:42 ----D---- C:\Users\Vojtas\AppData\Roaming\7-PDFMaker
2011-07-18 16:20:42 ----D---- C:\Program Files (x86)\7-PDF
2011-07-18 16:07:10 ----A---- C:\Windows\system32\GdiPlus.dll
2011-07-18 16:07:09 ----D---- C:\Program Files\Softland
2011-07-17 10:12:12 ----D---- C:\Program Files (x86)\MSI
2011-07-16 16:18:54 ----D---- C:\Program Files (x86)\stalker-online
2011-07-15 12:20:06 ----D---- C:\Program Files (x86)\City Car Driving
2011-07-14 18:54:34 ----D---- C:\Program Files (x86)\astragon
2011-07-12 17:15:07 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2011-07-12 17:11:30 ----D---- C:\Program Files (x86)\Adobe Media Player
2011-07-12 17:11:11 ----D---- C:\Program Files\Adobe
2011-07-12 17:10:45 ----D---- C:\Program Files\Common Files\Adobe
2011-07-12 08:24:48 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2011-07-12 05:14:04 ----A---- C:\Windows\system32\atio6axx.dll
2011-07-12 04:59:06 ----A---- C:\Windows\system32\atiapfxx.exe
2011-07-12 04:58:56 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2011-07-12 04:54:56 ----A---- C:\Windows\system32\ATIDEMGX.dll
2011-07-12 04:54:52 ----A---- C:\Windows\system32\atieclxx.exe
2011-07-12 04:54:18 ----A---- C:\Windows\system32\atiesrxx.exe
2011-07-12 04:53:08 ----A---- C:\Windows\system32\atitmm64.dll
2011-07-12 04:52:38 ----A---- C:\Windows\system32\atipdl64.dll
2011-07-12 04:52:32 ----A---- C:\Windows\SYSWOW64\atipdlxx.dll
2011-07-12 04:52:22 ----A---- C:\Windows\SYSWOW64\Oemdspif.dll
2011-07-12 04:52:16 ----A---- C:\Windows\system32\atimuixx.dll
2011-07-12 04:52:10 ----A---- C:\Windows\system32\atiedu64.dll
2011-07-12 04:52:06 ----A---- C:\Windows\SYSWOW64\ati2edxx.dll
2011-07-12 04:51:44 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2011-07-12 04:49:02 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2011-07-12 04:30:10 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2011-07-12 04:28:00 ----A---- C:\Windows\system32\atiumd6v.dll
2011-07-12 04:27:38 ----A---- C:\Windows\SYSWOW64\atiumdmv.dll
2011-07-12 04:27:26 ----A---- C:\Windows\system32\atiumd6a.dll
2011-07-12 04:24:08 ----A---- C:\Windows\system32\atiumd64.dll
2011-07-12 04:21:24 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2011-07-12 04:16:58 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2011-07-12 04:16:38 ----A---- C:\Windows\system32\atiadlxx.dll
2011-07-12 04:16:28 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2011-07-12 04:16:12 ----A---- C:\Windows\system32\atig6pxx.dll
2011-07-12 04:16:06 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2011-07-12 04:16:06 ----A---- C:\Windows\system32\atiglpxx.dll
2011-07-12 04:16:02 ----A---- C:\Windows\system32\atig6txx.dll
2011-07-12 04:15:52 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2011-07-12 04:15:44 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2011-07-12 04:14:56 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2011-07-12 04:14:48 ----A---- C:\Windows\system32\atiu9p64.dll
2011-07-12 04:14:40 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2011-07-12 04:02:42 ----A---- C:\Windows\system32\aticalrt64.dll
2011-07-12 04:02:40 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2011-07-12 04:02:32 ----A---- C:\Windows\system32\aticalcl64.dll
2011-07-12 04:02:30 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2011-07-12 04:02:26 ----A---- C:\Windows\system32\atimpc64.dll
2011-07-12 04:02:26 ----A---- C:\Windows\system32\amdpcom64.dll
2011-07-12 04:02:20 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2011-07-12 04:02:20 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2011-07-12 04:02:20 ----A---- C:\Windows\system32\aticaldd64.dll
2011-07-12 03:59:28 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2011-07-11 23:22:26 ----A---- C:\Windows\system32\OVDecode64.dll
2011-07-11 23:22:24 ----A---- C:\Windows\SYSWOW64\OVDecode.dll
2011-07-11 23:21:56 ----A---- C:\Windows\system32\amdocl64.dll
2011-07-11 23:21:42 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2011-07-08 14:58:17 ----D---- C:\Program Files (x86)\1C Publishing EU
2011-07-08 10:35:47 ----D---- C:\Program Files\Core Temp

======List of files/folders modified in the last 1 month======

2011-08-04 08:15:34 ----D---- C:\Windows\Prefetch
2011-08-04 08:03:41 ----D---- C:\Windows\system32\Tasks
2011-08-04 07:30:22 ----D---- C:\Windows\Temp
2011-08-03 21:25:09 ----D---- C:\Program Files (x86)\MSI Afterburner
2011-08-03 20:48:44 ----D---- C:\Windows\SysWOW64
2011-08-03 20:48:44 ----D---- C:\Windows\System32
2011-08-03 20:48:43 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-08-03 20:25:55 ----D---- C:\Windows\Minidump
2011-08-03 20:25:55 ----D---- C:\Windows
2011-08-03 19:23:50 ----SHD---- C:\Windows\Installer
2011-08-03 19:23:43 ----DC---- C:\Windows\system32\DRVSTORE
2011-08-03 19:23:43 ----D---- C:\Windows\system32\drivers
2011-08-03 18:59:54 ----D---- C:\Windows\system32\config
2011-08-03 16:37:26 ----RD---- C:\Program Files (x86)
2011-08-03 16:37:26 ----HD---- C:\ProgramData
2011-08-03 16:26:16 ----D---- C:\Windows\system32\catroot
2011-08-03 16:25:01 ----D---- C:\Windows\winsxs
2011-08-03 15:21:52 ----D---- C:\Downloads
2011-08-03 13:19:56 ----AD---- C:\ProgramData\TEMP
2011-08-03 13:19:21 ----D---- C:\Windows\inf
2011-08-03 13:19:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-03 12:56:26 ----D---- C:\Windows\Downloaded Program Files
2011-08-03 12:51:42 ----D---- C:\Windows\Tasks
2011-08-03 12:48:41 ----D---- C:\Program Files (x86)\AVG
2011-08-03 12:42:29 ----D---- C:\Windows\system32\drivers\AVG
2011-08-03 12:41:46 ----D---- C:\ProgramData\AVG10
2011-08-03 12:38:31 ----D---- C:\ProgramData\MFAData
2011-08-03 12:22:22 ----D---- C:\Program Files (x86)\SpeedFan
2011-08-03 11:52:14 ----D---- C:\Windows\system32\wfp
2011-08-03 11:52:11 ----D---- C:\Windows\system32\wbem
2011-08-03 11:51:18 ----D---- C:\Windows\system32\DriverStore
2011-08-03 11:51:18 ----D---- C:\Windows\system32\catroot2
2011-08-03 11:51:17 ----D---- C:\Windows\system32\CodeIntegrity
2011-08-03 11:51:16 ----D---- C:\Users\Vojtas\AppData\Roaming\Win7codecs
2011-08-03 11:51:15 ----D---- C:\Users\Vojtas\AppData\Roaming\Gaming Mouse
2011-08-03 11:51:07 ----D---- C:\scrds
2011-08-03 11:51:07 ----D---- C:\ProgramData\Win7codecs
2011-08-03 11:51:07 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2011-08-03 11:51:07 ----D---- C:\Program Files (x86)\WinRAR
2011-08-03 11:51:07 ----D---- C:\Program Files (x86)\WebSite X5 v8 - Smart
2011-08-03 11:51:07 ----D---- C:\Program Files (x86)\Vypínač na dobrou noc
2011-08-03 11:51:07 ----D---- C:\Program Files (x86)\Virtual DJ
2011-08-03 11:51:07 ----D---- C:\Program Files (x86)\UltraISO
2011-08-03 11:51:07 ----D---- C:\Program Files (x86)\Tunngle
2011-08-03 11:51:07 ----D---- C:\Program Files (x86)\totalcmd
2011-08-03 11:51:07 ----D---- C:\Program Files (x86)\The Witcher 2
2011-08-03 11:51:07 ----D---- C:\Program Files (x86)\The KMPlayer
2011-08-03 11:51:07 ----D---- C:\Program Files (x86)\Steam
2011-08-03 11:51:07 ----D---- C:\Program Files (x86)\Sapphire TRIXX
2011-08-03 11:51:07 ----D---- C:\Program Files (x86)\Realtek AC97
2011-08-03 11:51:07 ----D---- C:\Program Files (x86)\QuickTime
2011-08-03 11:51:07 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2011-08-03 11:51:07 ----D---- C:\Program Files (x86)\OpenAL
2011-08-03 11:51:06 ----D---- C:\Program Files (x86)\nLite
2011-08-03 11:51:06 ----D---- C:\Program Files (x86)\Natural Mod
2011-08-03 11:51:06 ----D---- C:\Program Files (x86)\MSI Kombustor
2011-08-03 11:51:06 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-08-03 11:51:06 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-08-03 11:51:05 ----D---- C:\Program Files (x86)\iSpeed
2011-08-03 11:51:05 ----D---- C:\Program Files (x86)\HDD Regenerator
2011-08-03 11:51:05 ----D---- C:\Program Files (x86)\HD Tune
2011-08-03 11:51:05 ----D---- C:\Program Files (x86)\Hard Disk Sentinel
2011-08-03 11:51:04 ----D---- C:\Program Files (x86)\Gaming Mouse
2011-08-03 11:51:04 ----D---- C:\Program Files (x86)\GameSpy Arcade
2011-08-03 11:51:04 ----D---- C:\Program Files (x86)\GamePark.cz Klient
2011-08-03 11:51:04 ----D---- C:\Program Files (x86)\Feedback Tool
2011-08-03 11:51:04 ----D---- C:\Program Files (x86)\DVD Shrink
2011-08-03 11:51:04 ----D---- C:\Program Files (x86)\Download Manager
2011-08-03 11:51:04 ----D---- C:\Program Files (x86)\DllPlayer
2011-08-03 11:51:04 ----D---- C:\Program Files (x86)\DesetiPrsty
2011-08-03 11:51:04 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2011-08-03 11:51:04 ----D---- C:\Program Files (x86)\Cyklotrasy
2011-08-03 11:51:04 ----D---- C:\Program Files (x86)\Common Files
2011-08-03 11:51:04 ----D---- C:\Program Files (x86)\CDCheck
2011-08-03 11:51:04 ----D---- C:\Program Files (x86)\Call of Duty 4 - Modern Warfare
2011-08-03 11:51:04 ----D---- C:\Program Files (x86)\BRS
2011-08-03 11:51:04 ----D---- C:\Program Files (x86)\Browser Plugin
2011-08-03 11:51:04 ----D---- C:\Program Files (x86)\BitComet
2011-08-03 11:51:04 ----D---- C:\Program Files (x86)\BatteryCare
2011-08-03 11:51:04 ----D---- C:\Program Files (x86)\Banner Maker Pro 7
2011-08-03 11:51:03 ----D---- C:\Program Files (x86)\A-one DVD Ripper
2011-08-03 11:50:58 ----D---- C:\Fraps
2011-08-03 11:50:35 ----D---- C:\Windows\registration
2011-08-03 11:50:19 ----RSD---- C:\Windows\assembly
2011-08-03 11:47:08 ----SHD---- C:\System Volume Information
2011-08-03 10:06:46 ----D---- C:\Users\Vojtas\AppData\Roaming\BitComet
2011-07-31 10:42:33 ----D---- C:\Program Files (x86)\Java
2011-07-31 10:17:44 ----D---- C:\Program Files (x86)\SureThing Express Labeler
2011-07-31 10:15:57 ----HD---- C:\Program Files (x86)\Temp
2011-07-31 10:15:57 ----D---- C:\Program Files (x86)\Realtek
2011-07-30 21:31:21 ----D---- C:\Program Files (x86)\Pinnacle
2011-07-30 21:24:20 ----D---- C:\ProgramData\Pinnacle
2011-07-30 20:23:28 ----A---- C:\Windows\Cmicnfgp.ini.cfl
2011-07-30 20:23:27 ----A---- C:\Windows\Cmicnfgp.ini.imi
2011-07-30 20:22:49 ----D---- C:\Windows\system
2011-07-28 17:23:38 ----D---- C:\Users\Vojtas\AppData\Roaming\Skype
2011-07-28 17:23:10 ----D---- C:\Users\Vojtas\AppData\Roaming\skypePM
2011-07-27 20:48:45 ----D---- C:\Program Files\ATI Technologies
2011-07-27 20:43:17 ----D---- C:\AMD
2011-07-25 16:17:22 ----A---- C:\Windows\capture.ini
2011-07-22 22:32:38 ----D---- C:\Windows\AppPatch
2011-07-20 12:13:26 ----RSD---- C:\Windows\Fonts
2011-07-19 09:30:41 ----D---- C:\ProgramData\r2 Studios
2011-07-19 09:28:48 ----D---- C:\Program Files (x86)\1C Company
2011-07-18 21:32:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-07-18 21:32:48 ----D---- C:\Windows\SYSWOW64\drivers
2011-07-18 21:32:33 ----D---- C:\Program Files (x86)\ASUS
2011-07-18 21:32:09 ----A---- C:\Windows\Language_trs.ini
2011-07-18 16:07:09 ----RD---- C:\Program Files
2011-07-18 12:37:08 ----D---- C:\Program Files (x86)\Codemasters
2011-07-14 09:23:29 ----D---- C:\ProgramData\Adobe
2011-07-13 16:45:20 ----D---- C:\Users\Vojtas\AppData\Roaming\Adobe
2011-07-12 17:12:38 ----D---- C:\Program Files (x86)\Adobe
2011-07-12 17:10:45 ----D---- C:\Program Files\Common Files
2011-07-12 05:03:48 ----A---- C:\Windows\system32\coinst.dll
2011-07-12 04:57:38 ----A---- C:\Windows\system32\aticfx64.dll
2011-07-12 04:40:14 ----A---- C:\Windows\system32\atidxx64.dll
2011-07-12 04:15:02 ----A---- C:\Windows\system32\atiuxp64.dll
2011-07-05 17:26:13 ----SD---- C:\Users\Vojtas\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-24 16440]
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-03-16 37456]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2010-11-10 276576]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-11 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-08-24 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2011-01-07 304720]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-03-01 41552]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-04-05 377936]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2009-02-10 115600]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-03-11 314016]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-03-11 43680]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2010-01-27 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2010-01-27 72216]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-12 9978880]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-07-12 309248]
R3 AsusgmsFltr;Gaming Mouse; C:\Windows\system32\drivers\Asusgms.sys [2010-01-11 11520]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-04-14 118864]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 29264]
R3 cmudaxp;ASUS Xonar DG Audio Interface; C:\Windows\system32\drivers\cmudaxp.sys [2011-03-10 2725376]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2010-01-27 11552]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-11-23 300648]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-21 452200]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-12-16 47232]
S2 ASInsHelp;ASInsHelp; \??\C:\Windows\SysWow64\drivers\AsInsHelp64.sys []
S2 spd3ssl;Spy*ware Pro*cess Detec*tor v3.21; \??\C:\Program Files (x86)\Spyware Process Detector\spd321.sys []
S3 ALSysIO;ALSysIO; \??\C:\Users\Vojtas\AppData\Local\Temp\ALSysIO64.sys []
S3 AODDriver4.0;AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-08-23 120336]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-12 9978880]
S3 atillk64;atillk64; \??\C:\Users\Vojtas\Downloads\ati_winflash_2.0.1.14\atillk64.sys []
S3 cmuda3;C-Media PCI Audio Interface; C:\Windows\system32\drivers\cmudax3.sys []
S3 cpuz130;cpuz130; \??\C:\Users\Vojtas\AppData\Local\Temp\cpuz130\cpuz_x64.sys []
S3 cpuz132;cpuz132; \??\C:\Users\Vojtas\AppData\Local\Temp\cpuz132\cpuz132_x64.sys []
S3 cpuz134;cpuz134; \??\C:\Users\Vojtas\AppData\Local\Temp\cpuz134\cpuz134_x64.sys []
S3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2011-06-10 24072]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-03-10 29720]
S3 nhcNT_driver;Notebook Hardware Control NT Driver; \??\C:\Windows\system32\drivers\nhcNT.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-07-30 19456]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-07-30 26624]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2010-12-02 171008]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2007-11-06 40464]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1x\WNt500x64\Sandra.sys [2009-08-07 23112]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-07-30 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2010-07-30 9216]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-02-18 2153072]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-07-12 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-11 361984]
R2 ASGT;ASGT; C:\Windows\SysWOW64\ASGT.exe [2011-04-20 55296]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-04-18 7398752]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2010-09-23 373640]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2010-09-29 120712]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2010-09-17 42773336]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-03-18 75136]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-07-07 2156952]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-09-17 154968]
R2 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-09-14 1956136]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-02-18 27760]
S2 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2011-05-25 136616]
S2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-21 136176]
S2 RelevantKnowledge;RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe /service []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-10-28 72704]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-21 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1x\RpcAgentSrv.exe [2009-08-10 93848]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2010-01-27 57920]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2008-07-29 4737024]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-09-17 370008]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------

[Rudy]

Log RSIT vypadá rovněž čistý. Podle čeho soudíte, že máte v PC vir?

[DnBVojtas]

Včera se mi v pc objevil vir, nemohl jsem spouštět nic tím myslím opravdu nic. Vytvořil si tam profil a myslím že ten vir byl ve falešném avg a km playeru ani jedno jsem nestahoval. Nic nepomáhalo chtěl jsem přeinstalovat pc ale nemohl jsem si zálohovat data protože mi zamezil přístup.Účet jsem mu smazal a hned jsem pc odpojil od netu. Jen tak z poslední naděje mě napadl bod obnovy ve win 7 a ono to fungovalo. Ale radši se na vás obracím s tím logem kdyby náhodou ještě někde byl nějakej červ. Pc jsem projel testy avg a spyboot nic nenašly. Díky za pomoc.

[Rudy]

Raději dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[DnBVojtas]

Tady je log z Combofix

ComboFix 11-08-04.01 - Vojtas 04.08.2011 21:06:27.1.3 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4094.2269 [GMT 2:00]
Spuštěný z: c:\users\Vojtas\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SaveTubeVideo.com
c:\program files (x86)\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\chrome.manifest
c:\program files (x86)\SaveTubeVideo.com\SaveTubeVideo\FF\chrome\install.rdf
c:\program files (x86)\SaveTubeVideo.com\SaveTubeVideo\Updater.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk
c:\windows\iun6002.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\system
c:\windows\SysWow64\wpcap.dll
E:\install.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
-------\Service_RelevantKnowledge
-------\Service_spd3ssl
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-04 do 2011-08-04 )))))))))))))))))))))))))))))))
.
.
2011-08-04 19:11 . 2011-08-04 19:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-04 19:11 . 2011-08-04 19:11 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-08-04 17:40 . 2011-08-04 17:40 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2011-08-04 17:40 . 2011-08-04 17:40 -------- d-----w- c:\users\Vojtas\AppData\Local\eSupport.com
2011-08-04 17:39 . 2011-08-04 17:40 -------- d-----w- c:\programdata\SystemExplorer
2011-08-04 17:39 . 2011-08-04 17:39 -------- d-----w- c:\program files (x86)\System Explorer
2011-08-04 10:11 . 2011-08-04 10:33 -------- d-----w- c:\users\Vojtas\Unigine Tropics
2011-08-04 09:44 . 2011-08-04 09:44 -------- d-----w- c:\program files (x86)\Unigine
2011-08-04 06:09 . 2011-08-04 06:09 -------- d-----w- C:\rsit
2011-08-03 14:37 . 2011-08-03 15:37 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-08-03 14:37 . 2011-08-03 14:37 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-08-03 14:26 . 2011-08-03 14:26 55384 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-08-03 14:25 . 2011-08-03 14:25 -------- d-----w- c:\users\Vojtas\AppData\Local\Sunbelt Software
2011-08-03 14:25 . 2011-08-03 17:23 -------- dc-h--w- c:\programdata\{91EC863D-D912-4466-91CC-9489A4A2ADD3}
2011-08-03 14:25 . 2011-08-03 17:23 -------- d-----w- c:\programdata\Lavasoft
2011-08-03 14:25 . 2011-08-03 14:25 -------- d-----w- c:\program files (x86)\Lavasoft
2011-08-03 10:51 . 2011-08-03 11:17 -------- d-----w- c:\users\Vojtas\AppData\Roaming\AVG
2011-08-03 07:40 . 2011-08-03 09:50 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2011-07-30 19:31 . 2004-03-29 15:23 90112 ----a-w- c:\windows\unvise32.exe
2011-07-30 19:24 . 2011-07-30 19:24 -------- d-----w- c:\program files (x86)\Common Files\Pegasus Imaging
2011-07-30 19:24 . 2011-07-30 19:24 -------- d-----w- c:\programdata\Studio 14
2011-07-30 19:24 . 2011-07-30 19:24 -------- d-----w- c:\programdata\Pinnacle Studio Plus
2011-07-30 19:24 . 2011-07-30 19:24 -------- d-----w- c:\program files (x86)\Common Files\Yahoo!
2011-07-30 18:22 . 2011-03-10 13:44 2725376 ----a-w- c:\windows\system32\drivers\cmudaxp.sys
2011-07-27 18:49 . 2011-07-27 18:49 -------- d-----w- c:\programdata\ATI
2011-07-27 18:49 . 2011-07-27 18:49 -------- d-----w- c:\program files (x86)\AMD APP
2011-07-27 11:47 . 2011-07-27 11:47 -------- d-----w- c:\program files (x86)\1C
2011-07-27 10:58 . 2011-07-27 11:00 -------- d-----w- c:\program files (x86)\Algodoo
2011-07-23 15:49 . 2011-07-23 15:49 65536 ----a-w- c:\windows\NCLAUNCH.EXe
2011-07-23 15:49 . 2011-07-23 15:49 45056 ----a-w- c:\windows\NCUNINST.EXe
2011-07-23 11:10 . 2011-07-23 11:10 -------- d-----w- c:\program files (x86)\Nobilis
2011-07-22 15:21 . 2011-07-22 15:21 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2011-07-22 15:21 . 2011-07-22 15:21 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2011-07-22 15:21 . 2011-07-22 15:21 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-07-22 15:21 . 2011-07-22 15:21 338944 ----a-w- c:\windows\system32\conhost.exe
2011-07-22 15:21 . 2011-07-22 15:21 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2011-07-22 15:21 . 2011-07-22 15:21 243200 ----a-w- c:\windows\system32\wow64.dll
2011-07-22 15:21 . 2011-07-22 15:21 214528 ----a-w- c:\windows\system32\winsrv.dll
2011-07-22 15:21 . 2011-07-22 15:21 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-07-22 15:21 . 2011-07-22 15:21 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2011-07-22 15:21 . 2011-07-22 15:21 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2011-07-22 15:21 . 2011-07-22 15:21 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2011-07-22 13:53 . 2011-07-22 13:53 -------- d-----w- c:\program files (x86)\Aspyr
2011-07-22 13:46 . 2011-07-22 13:46 -------- d-----w- c:\users\Vojtas\AppData\Local\Cooliris
2011-07-21 18:43 . 2011-07-21 18:43 -------- d-----w- c:\users\Vojtas\AppData\Roaming\Day 1 Studios
2011-07-21 18:34 . 2011-07-21 18:34 -------- d-----w- c:\program files (x86)\WB Games
2011-07-18 14:20 . 2011-07-18 14:20 -------- d-----w- c:\users\Vojtas\AppData\Roaming\7-PDFMaker
2011-07-18 14:20 . 2011-07-18 14:20 -------- d-----w- c:\program files (x86)\7-PDF
2011-07-18 14:07 . 2010-02-05 13:00 1700352 ----a-w- c:\windows\system32\GdiPlus.dll
2011-07-18 14:07 . 2011-07-18 14:07 -------- d-----w- c:\program files\Softland
2011-07-17 08:12 . 2011-07-17 08:12 -------- d-----w- c:\program files (x86)\MSI
2011-07-16 14:18 . 2011-07-20 10:13 -------- d-----w- c:\program files (x86)\stalker-online
2011-07-15 10:20 . 2011-08-03 09:51 -------- d-----w- c:\program files (x86)\City Car Driving
2011-07-14 17:12 . 2011-07-14 17:12 -------- d-----w- c:\users\Vojtas\AppData\Local\BusCableCarSimulator
2011-07-14 16:54 . 2011-07-14 16:54 -------- d-----w- c:\program files (x86)\astragon
2011-07-14 10:17 . 2011-07-14 10:17 -------- d-----w- c:\users\Vojtas\AppData\Local\RadonLabs
2011-07-13 10:39 . 2011-07-13 10:39 -------- d-----w- c:\users\Vojtas\AppData\Local\OCCT
2011-07-12 15:15 . 2011-07-12 15:15 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-07-12 15:11 . 2011-08-03 09:51 -------- d-----w- c:\program files (x86)\Adobe Media Player
2011-07-12 15:10 . 2011-07-12 15:12 -------- d-----w- c:\program files\Common Files\Adobe
2011-07-12 06:24 . 2011-07-12 06:24 9978880 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-07-12 05:52 . 2011-07-12 05:52 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-12 03:14 . 2011-07-12 03:14 23886848 ----a-w- c:\windows\system32\atio6axx.dll
2011-07-12 02:59 . 2011-07-12 02:59 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-07-12 02:58 . 2011-07-12 02:58 726528 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-07-12 02:54 . 2011-07-12 02:54 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-07-12 02:54 . 2011-07-12 02:54 485376 ----a-w- c:\windows\system32\atieclxx.exe
2011-07-12 02:54 . 2011-07-12 02:54 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-07-12 02:53 . 2011-07-12 02:53 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-07-12 02:52 . 2011-07-12 02:52 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-07-12 02:52 . 2011-07-12 02:52 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-07-12 02:52 . 2011-07-12 02:52 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-07-12 02:52 . 2011-07-12 02:52 21504 ----a-w- c:\windows\system32\atimuixx.dll
2011-07-12 02:52 . 2011-07-12 02:52 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-07-12 02:52 . 2011-07-12 02:52 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-07-12 02:51 . 2011-07-12 02:51 18371072 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-07-12 02:49 . 2011-07-12 02:49 4198912 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-07-12 02:30 . 2011-07-12 02:30 4257792 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-07-12 02:28 . 2011-07-12 02:28 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-07-12 02:27 . 2011-07-12 02:27 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-07-12 02:27 . 2011-07-12 02:27 3871744 ----a-w- c:\windows\system32\atiumd6a.dll
2011-07-12 02:24 . 2011-07-12 02:24 5396480 ----a-w- c:\windows\system32\atiumd64.dll
2011-07-12 02:21 . 2011-07-12 02:21 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-07-12 02:16 . 2011-07-12 02:16 4056064 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-07-12 02:16 . 2011-07-12 02:16 378368 ----a-w- c:\windows\system32\atiadlxx.dll
2011-07-12 02:16 . 2011-07-12 02:16 266240 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-07-12 02:16 . 2011-07-12 02:16 15360 ----a-w- c:\windows\system32\atig6pxx.dll
2011-07-12 02:16 . 2011-07-12 02:16 13312 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-07-12 02:16 . 2011-07-12 02:16 13312 ----a-w- c:\windows\system32\atiglpxx.dll
2011-07-12 02:16 . 2011-07-12 02:16 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-07-12 02:15 . 2011-07-12 02:15 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-07-12 02:15 . 2011-07-12 02:15 309248 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-07-12 02:14 . 2011-07-12 02:14 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-07-12 02:14 . 2011-07-12 02:14 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-07-12 02:14 . 2011-07-12 02:14 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-07-12 02:02 . 2011-07-12 02:02 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-07-12 02:02 . 2011-07-12 02:02 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-07-12 02:02 . 2011-07-12 02:02 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-07-12 02:02 . 2011-07-12 02:02 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-07-12 02:02 . 2011-07-12 02:02 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-07-12 02:02 . 2011-07-12 02:02 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-07-12 02:02 . 2011-07-12 02:02 8724480 ----a-w- c:\windows\system32\aticaldd64.dll
2011-07-12 02:02 . 2011-07-12 02:02 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-07-12 02:02 . 2011-07-12 02:02 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-07-12 01:59 . 2011-07-12 01:59 7327232 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-07-11 21:22 . 2011-07-11 21:22 60416 ----a-w- c:\windows\system32\OVDecode64.dll
2011-07-11 21:22 . 2011-07-11 21:22 53760 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-07-11 21:21 . 2011-07-11 21:21 16552960 ----a-w- c:\windows\system32\amdocl64.dll
2011-07-11 21:21 . 2011-07-11 21:21 13555712 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-07-08 12:58 . 2011-07-08 12:58 -------- d-----w- c:\program files (x86)\1C Publishing EU
2011-07-08 08:35 . 2011-07-08 08:35 -------- d-----w- c:\program files\Core Temp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-04 17:44 . 2010-10-02 09:25 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-08-04 17:44 . 2010-09-18 16:11 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-08-04 17:44 . 2010-09-18 16:11 281472 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-07-24 10:50 . 2010-09-18 16:11 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex1
2011-07-22 15:21 . 2011-07-22 15:21 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-12 03:03 . 2010-08-26 01:27 58880 ----a-w- c:\windows\system32\coinst.dll
2011-07-12 02:57 . 2010-08-26 02:00 852992 ----a-w- c:\windows\system32\aticfx64.dll
2011-07-12 02:40 . 2009-09-19 02:04 4943360 ----a-w- c:\windows\system32\atidxx64.dll
2011-07-12 02:15 . 2011-02-27 03:59 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-07-04 13:12 . 2011-07-04 13:12 16896 ----a-w- c:\windows\AsTaskSched.dll
2011-07-02 19:27 . 2011-07-02 19:27 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-07-02 19:27 . 2011-07-02 19:27 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-07-02 19:27 . 2011-07-02 19:27 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-07-02 19:27 . 2011-07-02 19:27 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2011-07-02 19:27 . 2011-07-02 19:27 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-07-02 19:27 . 2011-07-02 19:27 86528 ----a-w- c:\windows\SysWow64\SearchFilterHost.exe
2011-07-02 19:27 . 2011-07-02 19:27 59392 ----a-w- c:\windows\SysWow64\msscntrs.dll
2011-07-02 19:27 . 2011-07-02 19:27 427520 ----a-w- c:\windows\SysWow64\SearchIndexer.exe
2011-07-02 19:27 . 2011-07-02 19:27 337408 ----a-w- c:\windows\SysWow64\mssph.dll
2011-07-02 19:27 . 2011-07-02 19:27 1549312 ----a-w- c:\windows\SysWow64\tquery.dll
2011-07-02 19:27 . 2011-07-02 19:27 1401344 ----a-w- c:\windows\SysWow64\mssrch.dll
2011-07-02 19:27 . 2011-07-02 19:27 778752 ----a-w- c:\windows\system32\mssvp.dll
2011-07-02 19:27 . 2011-07-02 19:27 75264 ----a-w- c:\windows\system32\msscntrs.dll
2011-07-02 19:27 . 2011-07-02 19:27 666624 ----a-w- c:\windows\SysWow64\mssvp.dll
2011-07-02 19:27 . 2011-07-02 19:27 591872 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-07-02 19:27 . 2011-07-02 19:27 491520 ----a-w- c:\windows\system32\mssph.dll
2011-07-02 19:27 . 2011-07-02 19:27 288256 ----a-w- c:\windows\system32\mssphtb.dll
2011-07-02 19:27 . 2011-07-02 19:27 249856 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-07-02 19:27 . 2011-07-02 19:27 2315776 ----a-w- c:\windows\system32\tquery.dll
2011-07-02 19:27 . 2011-07-02 19:27 2223616 ----a-w- c:\windows\system32\mssrch.dll
2011-07-02 19:27 . 2011-07-02 19:27 197120 ----a-w- c:\windows\SysWow64\mssphtb.dll
2011-07-02 19:27 . 2011-07-02 19:27 164352 ----a-w- c:\windows\SysWow64\SearchProtocolHost.exe
2011-07-02 19:27 . 2011-07-02 19:27 113664 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-23 15:29 . 2010-09-18 16:11 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex2
2011-06-20 05:10 . 2011-06-20 05:10 3888128 ----a-w- c:\windows\SysWow64\x264vfw.dll
2011-06-17 07:34 . 2011-06-17 07:34 73728 ----a-w- c:\windows\SysWow64\xvid.ax
2011-06-17 07:26 . 2011-06-17 07:26 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2011-06-17 07:17 . 2011-06-17 07:17 650752 ----a-w- c:\windows\SysWow64\xvidcore.dll
2011-06-16 01:34 . 2011-06-16 01:34 79872 ----a-w- c:\windows\SysWow64\SlotMaximizerAg.dll
2011-06-16 01:34 . 2011-06-16 01:34 2971648 ----a-w- c:\windows\system32\SlotMaximizerBe.dll
2011-06-16 01:34 . 2011-06-16 01:34 2117632 ----a-w- c:\windows\SysWow64\SlotMaximizerBe.dll
2011-06-16 01:34 . 2011-06-16 01:34 105984 ----a-w- c:\windows\system32\SlotMaximizerAg.dll
2011-06-15 11:36 . 2010-12-04 18:58 188128 ----a-w- c:\programdata\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2011-06-15 11:34 . 2011-04-17 10:41 205984 ----a-w- c:\programdata\Microsoft\VBExpress\10.0\1033\ResourceCache.dll
2011-06-14 22:08 . 2011-06-14 22:08 1264128 ----a-w- c:\windows\SysWow64\VSFilter.dll
2011-06-10 14:48 . 2011-06-10 14:48 24072 ----a-w- c:\windows\gdrv.sys
2011-05-28 12:26 . 2011-05-28 12:26 71680 ----a-w- c:\windows\system32\frapsv64.dll
2011-05-28 12:26 . 2011-05-28 12:26 65536 ----a-w- c:\windows\SysWow64\frapsvid.dll
2011-05-25 11:32 . 2010-09-25 04:42 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-25 11:32 . 2010-09-25 04:42 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-05-14 05:16 . 2010-09-18 16:11 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex3
2011-05-12 15:05 . 2011-04-12 14:42 8769536 ------w- c:\windows\SysWow64\CmiCnfgp.dll
2011-05-12 10:53 . 2011-05-12 10:53 147456 ----a-w- c:\windows\SysWow64\lagarith.dll
2010-07-14 08:56 . 2010-09-12 16:42 417944 ----a-w- c:\program files (x86)\Common Files\ZugoInstaller.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG10\avgtray.exe" [2011-04-18 2334560]
"Gaming Mouse Hid"="c:\program files (x86)\Gaming Mouse\hid.exe" [2010-01-19 428544]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-11 336384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG10\avgchsva.exe /sync\0c:\progra~2\AVG\AVG10\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2011-05-25 136616]
R2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-21 136176]
R3 ALSysIO;ALSysIO;c:\users\Vojtas\AppData\Local\Temp\ALSysIO64.sys [x]
R3 AODDriver4.0;AODDriver4.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
R3 atillk64;atillk64;c:\users\Vojtas\Downloads\ati_winflash_2.0.1.14\atillk64.sys [x]
R3 cpuz130;cpuz130;c:\users\Vojtas\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 cpuz134;cpuz134;c:\users\Vojtas\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2011-08-04 21712]
R3 DualCoreCenter;DualCoreCenter;c:\program files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-21 136176]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 nhcNT_driver;Notebook Hardware Control NT Driver;c:\windows\system32\drivers\nhcNT.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2011.SP1x\RpcAgentSrv.exe [2009-08-10 93848]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-09-17 370008]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-11 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 ASGT;ASGT;c:\windows\SysWOW64\ASGT.exe [2011-04-20 55296]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-04-18 7398752]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2010-09-23 373640]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2010-01-27 15928]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-09-14 1956136]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AsusgmsFltr;Gaming Mouse;c:\windows\system32\drivers\Asusgms.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 cmudaxp;ASUS Xonar DG Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-21 20:18]
.
2011-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-21 20:18]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF991.cfxxe" [X]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2011-05-12 8769536]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-02-22 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Vojtas\AppData\Roaming\Mozilla\Firefox\Profiles\dqg9qfcx.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
FF - prefs.js: browser.search.selectedEngine - Searchster.Net
FF - prefs.js: browser.startup.homepage - hxxp://www.smartwebsearch.net/index.php?from=3
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=toolbar2&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Incomedia WebSite X5 v8 - Smart - c:\windows\system32\iwpsetup.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
.
.
Binary file temp00 matches
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-25663106-1942451020-3723218648-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:53,3f,40,f7,9f,91,68,f5,fd,61,d5,60,8f,b6,7d,6f,69,ba,57,31,d4,93,9c,
98,30,b0,05,2d,6a,04,6e,02,c4,88,10,c1,aa,82,55,47,31,bf,c7,49,15,f1,28,b0,\
"??"=hex:e7,c3,84,b1,8d,c0,fe,30,84,bd,a5,a3,36,ca,58,3c
.
[HKEY_USERS\S-1-5-21-25663106-1942451020-3723218648-1000\Software\SecuROM\License information*]
"datasecu"=hex:10,20,e8,0b,34,38,3c,1f,16,7a,22,6a,a7,72,9c,a4,28,47,b4,f0,96,
11,03,26,05,7d,c7,91,86,7f,b4,0a,99,5b,35,99,ee,2e,15,94,a4,30,eb,d8,35,81,\
"rkeysecu"=hex:8d,d4,0b,b1,8b,8b,0c,77,1d,6b,f0,7e,32,f0,53,c1
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
c:\program files\ASUS Xonar DG Audio\Customapp\ASUSAUDIOCENTER.EXE
c:\program files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
c:\program files (x86)\Gaming Mouse\Tray.exe
.
**************************************************************************
.
Celkový čas: 2011-08-04 21:21:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-04 19:21
.

[Rudy]

Pár věcí CF smazal, zbytek logu vypadá čistý.

[DnBVojtas]

Díky moc za pomoc

[Rudy]

Nemáte zač a zamykám.