Prosim o kontrolu - pomalsie PC

Zpráva

valachmar · #1 Příspěvek od **valachmar** » 17 lis 2010 22:36

Prosim o kontrolu.Spomalene PC, trhanie hier, dlhy start a vypinanie PC.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Bluff at 2010-11-17 22:33:40
Microsoft Windows 7 Ultimate
System drive C: has 41 GB (22%) free of 191 GB
Total RAM: 4095 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:33:44, on 17. 11. 2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Fraps\fraps.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Freenet\bin\freenettray.exe
C:\Program Files (x86)\PGP Corporation\PGP Desktop\PGPtray.exe
C:\Windows\SysWOW64\CtHelper.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Bluff.exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing)
O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Bluff\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user')
O4 - Global Startup: Freenet Tray.lnk = C:\Program Files (x86)\Freenet\bin\freenettray.exe
O4 - Global Startup: PGPtray.exe.lnk = ?
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{361DB759-0DD7-41AE-A632-5CCD09B50AEE}: NameServer = 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{361DB759-0DD7-41AE-A632-5CCD09B50AEE}: NameServer = 8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{361DB759-0DD7-41AE-A632-5CCD09B50AEE}: NameServer = 8.8.8.8
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: PGPmapih.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FusionUtility Service - Advanced Micro Devices, Inc. - C:\Program Files (x86)\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files (x86)\AMD\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Freenet background service (freenet) - Tanuki Software, Ltd. - C:\Program Files (x86)\Freenet\bin\wrapper-windows-x86-32.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PGPserv - PGP Corporation - C:\Windows\SysWOW64\PGPserv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10841 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AMD\Reservation Manager\AMD Reservation Manager.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000674
\??\C:\Windows\system32\conhost.exe
C:\Windows\system32\lxczcoms.exe -service
"C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe" -sSONY_MEDIAMGR
"taskhost.exe"
taskeng.exe {D168512B-6C14-4339-8A26-088429EDA9B3}
C:\Fraps\fraps.exe
C:\Windows\SysWOW64\PGPserv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\UI0Detect.exe
"C:\Program Files (x86)\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe" /launchService
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Internet Download Manager\IDMan.exe" /onboot
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
"C:\Program Files (x86)\Freenet\bin\freenettray.exe"
"C:\Program Files (x86)\PGP Corporation\PGP Desktop\PGPtray.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\System32\CtHelper.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Fraps\fraps64.dat"
"C:\Program Files (x86)\PGP Corporation\PGP Desktop\PGPcbt64.exe"
C:\Windows\system32\vssvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{628530DC-6F9F-4F7F-A945-638E55CCBF3F}
{1D2D746D-5977-4DFF-AF22-60464ED32A97}
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=784.949b5c0.1693458120 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 784 plugin \\.\pipe\gecko-crash-server-pipe.784
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt
"D:\Dovn7 new\RSITx64.exe"
"C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe" -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2930892410-2289927952-285763266-10012_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2930892410-2289927952-285763266-10012 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2930892410-2289927952-285763266-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2930892410-2289927952-285763266-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2010-01-20 181680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AsioReg"=REGSVR32.EXE /S CTASIO.DLL []
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 190472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Google Update"=C:\Users\Bluff\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-04 136176]
"IDMan"=C:\Program Files (x86)\Internet Download Manager\IDMan.exe [2010-06-04 3179952]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2010-09-26 328056]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-12-13 306088]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AsioThk32Reg"=REGSVR32.EXE /S CTASIO.DLL []
"CTHelper"=CTHELPER.EXE []
"CTxfiHlp"=CTXFIHLP.EXE []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-04 102400]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-11-02 281768]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-05-26 85160]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]
"NBAgent"=C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Freenet Tray.lnk - C:\Program Files (x86)\Freenet\bin\freenettray.exe
PGPtray.exe.lnk - C:\Windows\Installer\{217C5C5A-37CA-4CB5-BE1D-9694832F9DAA}\Icon6560581611.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
PGPpwflt

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-11-17 22:32:51 ----D---- C:\rsit
2010-11-17 22:32:51 ----D---- C:\Program Files\trend micro
2010-11-15 17:34:18 ----D---- C:\Windows\SYSWOW64\Wat
2010-11-15 17:34:17 ----D---- C:\Windows\system32\Wat
2010-11-15 17:26:27 ----D---- C:\Program Files (x86)\MSXML 4.0
2010-11-15 13:40:57 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2010-11-15 13:40:57 ----A---- C:\Windows\system32\msv1_0.dll
2010-11-15 13:26:15 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2010-11-15 13:22:42 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2010-11-15 13:22:42 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2010-11-15 13:22:41 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2010-11-15 13:22:41 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2010-11-15 13:22:41 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2010-11-15 13:22:41 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-11-15 13:22:41 ----A---- C:\Windows\system32\PresentationHost.exe
2010-11-15 13:22:41 ----A---- C:\Windows\system32\netfxperf.dll
2010-11-15 13:22:41 ----A---- C:\Windows\system32\mscoree.dll
2010-11-15 13:22:41 ----A---- C:\Windows\system32\dfshim.dll
2010-11-15 13:20:54 ----A---- C:\Windows\system32\browserchoice.exe
2010-11-15 13:10:17 ----A---- C:\Windows\system32\MRT.exe
2010-11-15 13:03:10 ----A---- C:\Windows\system32\drivers\ks.sys
2010-11-15 13:01:59 ----A---- C:\Windows\system32\CPFilters.dll
2010-11-15 13:01:58 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2010-11-15 13:01:57 ----A---- C:\Windows\system32\psisdecd.dll
2010-11-15 13:01:57 ----A---- C:\Windows\system32\msdri.dll
2010-11-15 13:01:56 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2010-11-15 13:01:40 ----A---- C:\Windows\system32\mshtml.dll
2010-11-15 13:01:38 ----A---- C:\Windows\system32\ieframe.dll
2010-11-15 13:01:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-11-15 13:01:32 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-11-15 13:01:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-11-15 13:01:31 ----A---- C:\Windows\system32\iertutil.dll
2010-11-15 13:01:30 ----A---- C:\Windows\system32\urlmon.dll
2010-11-15 13:01:30 ----A---- C:\Windows\system32\mstime.dll
2010-11-15 13:01:30 ----A---- C:\Windows\system32\msfeeds.dll
2010-11-15 13:01:29 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2010-11-15 13:01:28 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-11-15 13:01:28 ----A---- C:\Windows\system32\wininet.dll
2010-11-15 13:01:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-11-15 13:01:27 ----A---- C:\Windows\system32\iedkcs32.dll
2010-11-15 13:01:26 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-11-15 13:01:26 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2010-11-15 13:01:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-11-15 13:01:26 ----A---- C:\Windows\system32\licmgr10.dll
2010-11-15 13:01:26 ----A---- C:\Windows\system32\iepeers.dll
2010-11-15 13:01:25 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-11-15 13:01:25 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-11-15 13:01:25 ----A---- C:\Windows\system32\mshtmled.dll
2010-11-15 13:01:25 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-11-15 13:01:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2010-11-15 13:01:24 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-11-15 13:01:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-11-15 13:01:24 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-11-15 13:01:24 ----A---- C:\Windows\system32\msfeedssync.exe
2010-11-15 13:01:24 ----A---- C:\Windows\system32\jsproxy.dll
2010-11-15 13:01:24 ----A---- C:\Windows\system32\ieui.dll
2010-11-15 13:01:10 ----A---- C:\Windows\system32\shell32.dll
2010-11-15 13:01:06 ----A---- C:\Windows\SYSWOW64\shell32.dll
2010-11-15 13:01:02 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2010-11-15 13:01:02 ----A---- C:\Windows\system32\ntdll.dll
2010-11-15 13:00:59 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-11-15 13:00:59 ----A---- C:\Windows\system32\cdd.dll
2010-11-15 13:00:57 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2010-11-15 13:00:57 ----A---- C:\Windows\system32\rtutils.dll
2010-11-15 13:00:56 ----A---- C:\Windows\system32\t2embed.dll
2010-11-15 13:00:55 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2010-11-15 13:00:52 ----A---- C:\Windows\SYSWOW64\tzres.dll
2010-11-15 13:00:52 ----A---- C:\Windows\system32\tzres.dll
2010-11-15 13:00:38 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2010-11-15 13:00:38 ----A---- C:\Windows\system32\wmpmde.dll
2010-11-15 13:00:37 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2010-11-15 13:00:29 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2010-11-15 13:00:29 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-11-15 13:00:17 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2010-11-15 13:00:17 ----A---- C:\Windows\system32\oleaut32.dll
2010-11-15 13:00:16 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2010-11-15 13:00:16 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2010-11-15 13:00:14 ----A---- C:\Windows\system32\srvsvc.dll
2010-11-15 13:00:14 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-11-15 13:00:14 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-11-15 13:00:14 ----A---- C:\Windows\system32\drivers\srv.sys
2010-11-15 13:00:13 ----A---- C:\Windows\SYSWOW64\sscore.dll
2010-11-15 13:00:13 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2010-11-15 13:00:13 ----A---- C:\Windows\system32\msxml3.dll
2010-11-15 13:00:12 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-11-15 13:00:11 ----A---- C:\Windows\system32\wmp.dll
2010-11-15 13:00:10 ----A---- C:\Windows\SYSWOW64\wmp.dll
2010-11-15 13:00:09 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2010-11-15 13:00:09 ----A---- C:\Windows\system32\wmploc.DLL
2010-11-15 13:00:01 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-11-15 12:59:58 ----A---- C:\Windows\system32\ole32.dll
2010-11-15 12:59:57 ----A---- C:\Windows\SYSWOW64\ole32.dll
2010-11-15 12:59:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-11-15 12:59:55 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2010-11-15 12:59:55 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2010-11-15 12:59:54 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2010-11-15 12:59:54 ----A---- C:\Windows\system32\spoolsv.exe
2010-11-15 12:59:54 ----A---- C:\Windows\system32\asycfilt.dll
2010-11-15 12:59:52 ----A---- C:\Windows\SYSWOW64\explorer.exe
2010-11-15 12:59:52 ----A---- C:\Windows\system32\winlogon.exe
2010-11-15 12:59:52 ----A---- C:\Windows\explorer.exe
2010-11-15 12:59:51 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-11-15 12:59:51 ----A---- C:\Windows\system32\schannel.dll
2010-11-15 12:59:50 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2010-11-15 12:59:50 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2010-11-15 12:59:50 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2010-11-15 12:59:50 ----A---- C:\Windows\system32\fontsub.dll
2010-11-15 12:59:50 ----A---- C:\Windows\system32\atmlib.dll
2010-11-15 12:59:50 ----A---- C:\Windows\system32\atmfd.dll
2010-11-15 12:59:49 ----A---- C:\Windows\system32\comctl32.dll
2010-11-15 12:59:48 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2010-11-15 12:59:26 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2010-11-15 12:59:26 ----A---- C:\Windows\SYSWOW64\quartz.dll
2010-11-15 12:59:26 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2010-11-15 12:59:26 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2010-11-15 12:59:26 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2010-11-15 12:59:26 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2010-11-15 12:59:26 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2010-11-15 12:59:26 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2010-11-15 12:59:26 ----A---- C:\Windows\system32\tsbyuv.dll
2010-11-15 12:59:26 ----A---- C:\Windows\system32\quartz.dll
2010-11-15 12:59:26 ----A---- C:\Windows\system32\msyuv.dll
2010-11-15 12:59:26 ----A---- C:\Windows\system32\msvidc32.dll
2010-11-15 12:59:26 ----A---- C:\Windows\system32\msrle32.dll
2010-11-15 12:59:26 ----A---- C:\Windows\system32\iyuv_32.dll
2010-11-15 12:59:24 ----A---- C:\Windows\system32\jscript.dll
2010-11-15 12:59:23 ----A---- C:\Windows\SYSWOW64\jscript.dll
2010-11-15 12:59:21 ----A---- C:\Windows\SYSWOW64\wow32.dll
2010-11-15 12:59:21 ----A---- C:\Windows\SYSWOW64\user.exe
2010-11-15 12:59:21 ----A---- C:\Windows\SYSWOW64\setup16.exe
2010-11-15 12:59:21 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2010-11-15 12:59:21 ----A---- C:\Windows\SYSWOW64\instnm.exe
2010-11-15 12:59:21 ----A---- C:\Windows\system32\wow64.dll
2010-11-15 12:59:20 ----A---- C:\Windows\system32\drivers\fvevol.sys
2010-11-15 12:53:59 ----A---- C:\Windows\system32\win32k.sys
2010-11-15 12:53:15 ----A---- C:\Windows\system32\msasn1.dll
2010-11-15 12:53:14 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2010-11-14 21:29:23 ----D---- C:\Program Files (x86)\Tunatic
2010-11-02 22:31:15 ----A---- C:\Windows\system32\drivers\amdiox64.sys
2010-11-02 22:31:12 ----D---- C:\ProgramData\AMD
2010-11-02 22:31:12 ----D---- C:\Program Files (x86)\AMD
2010-11-02 22:07:32 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2010-11-02 22:07:31 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2010-11-02 21:52:41 ----RHD---- C:\Users\Bluff\AppData\Roaming\SecuROM
2010-11-02 21:49:33 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2010-11-02 21:49:33 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2010-11-02 21:49:33 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2010-11-02 21:49:33 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2010-11-02 21:49:33 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-11-02 21:49:33 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-11-02 21:49:33 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-11-02 21:49:33 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-11-02 21:49:31 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2010-11-02 21:49:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2010-11-02 21:49:31 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-11-02 21:49:31 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-11-02 21:49:30 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2010-11-02 21:49:30 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-11-02 21:49:29 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2010-11-02 21:49:29 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2010-11-02 21:49:29 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-11-02 21:49:29 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-11-02 21:49:28 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2010-11-02 21:49:28 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-11-02 21:49:27 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2010-11-02 21:49:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2010-11-02 21:49:27 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-11-02 21:49:27 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-11-02 21:49:25 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2010-11-02 21:49:25 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2010-11-02 21:49:25 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-11-02 21:49:25 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-11-02 21:49:23 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2010-11-02 21:49:23 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2010-11-02 21:49:23 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-11-02 21:49:23 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-11-02 21:49:21 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2010-11-02 21:49:21 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-11-02 21:49:20 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2010-11-02 21:49:20 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-11-02 21:49:18 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2010-11-02 21:49:18 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2010-11-02 21:49:18 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-11-02 21:49:18 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-11-02 21:49:16 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2010-11-02 21:49:16 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2010-11-02 21:49:16 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2010-11-02 21:49:16 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-11-02 21:49:16 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-11-02 21:49:16 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-11-02 21:49:13 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2010-11-02 21:49:13 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2010-11-02 21:49:13 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-11-02 21:49:13 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-11-02 21:49:12 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2010-11-02 21:49:12 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-11-02 21:49:11 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2010-11-02 21:49:11 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2010-11-02 21:49:11 ----A---- C:\Windows\system32\xinput1_3.dll
2010-11-02 21:49:11 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-11-02 21:49:09 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2010-11-02 21:49:09 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2010-11-02 21:49:09 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-11-02 21:49:09 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-11-02 21:49:07 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2010-11-02 21:49:07 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2010-11-02 21:49:07 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-11-02 21:49:07 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-11-02 21:49:06 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2010-11-02 21:49:06 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-11-02 21:49:05 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2010-11-02 21:49:05 ----A---- C:\Windows\system32\d3dx10.dll
2010-11-02 21:49:04 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2010-11-02 21:49:04 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-11-02 21:49:03 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2010-11-02 21:49:03 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2010-11-02 21:49:03 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-11-02 21:49:03 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-11-02 21:49:01 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2010-11-02 21:49:01 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-11-02 21:49:00 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2010-11-02 21:49:00 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-11-02 21:48:59 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2010-11-02 21:48:59 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2010-11-02 21:48:59 ----A---- C:\Windows\system32\xinput1_2.dll
2010-11-02 21:48:59 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-11-02 21:48:58 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2010-11-02 21:48:58 ----A---- C:\Windows\system32\xinput1_1.dll
2010-11-02 21:48:57 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2010-11-02 21:48:57 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-11-02 21:48:47 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2010-11-02 21:48:47 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-11-02 21:48:46 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2010-11-02 21:48:46 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2010-11-02 21:48:46 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-11-02 21:48:46 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-11-02 21:48:45 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2010-11-02 21:48:45 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-11-02 21:48:43 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2010-11-02 21:48:43 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-11-02 21:48:42 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2010-11-02 21:48:42 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-11-02 21:48:40 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2010-11-02 21:48:40 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-11-02 21:48:39 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2010-11-02 21:48:39 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-11-02 21:48:37 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2010-11-02 21:48:37 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-11-02 21:17:23 ----D---- C:\Program Files (x86)\Rockstar Games
2010-11-02 21:00:43 ----D---- C:\Windows\system32\appmgmt
2010-10-31 19:51:38 ----D---- C:\Program Files (x86)\WinDjView
2010-10-27 23:49:37 ----D---- C:\Program Files (x86)\Freenet

======List of files/folders modified in the last 1 months======

2010-11-17 22:32:51 ----RD---- C:\Program Files
2010-11-17 22:28:41 ----D---- C:\Users\Bluff\AppData\Roaming\uTorrent
2010-11-17 22:01:41 ----SHD---- C:\Windows\Installer
2010-11-17 21:51:41 ----D---- C:\Windows\Temp
2010-11-17 21:38:56 ----D---- C:\Fraps
2010-11-17 21:38:55 ----D---- C:\Windows\system32\Tasks
2010-11-17 21:38:47 ----D---- C:\Windows\registration
2010-11-17 21:38:37 ----D---- C:\Users\Bluff\AppData\Roaming\DMCache
2010-11-17 13:23:25 ----D---- C:\Windows\system32\catroot2
2010-11-16 12:25:20 ----SHD---- C:\System Volume Information
2010-11-15 19:14:03 ----D---- C:\Windows\Microsoft.NET
2010-11-15 19:13:58 ----RSD---- C:\Windows\assembly
2010-11-15 17:44:41 ----D---- C:\Windows\system32\config
2010-11-15 17:34:31 ----D---- C:\Windows\winsxs
2010-11-15 17:34:18 ----D---- C:\Windows\SysWOW64
2010-11-15 17:34:17 ----D---- C:\Windows\System32
2010-11-15 17:34:15 ----D---- C:\Windows\system32\catroot
2010-11-15 17:26:27 ----RD---- C:\Program Files (x86)
2010-11-15 17:24:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-15 17:24:04 ----D---- C:\Windows\inf
2010-11-15 17:15:23 ----D---- C:\Windows\Prefetch
2010-11-15 17:14:03 ----D---- C:\Windows
2010-11-15 17:13:48 ----D---- C:\Windows\system32\DriverStore
2010-11-15 14:01:01 ----D---- C:\Windows\ehome
2010-11-15 14:01:01 ----D---- C:\Program Files\Windows Mail
2010-11-15 14:01:01 ----D---- C:\Program Files (x86)\Windows Mail
2010-11-15 14:00:58 ----D---- C:\Windows\system32\drivers
2010-11-15 14:00:54 ----D---- C:\Windows\AppPatch
2010-11-15 14:00:50 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-11-15 14:00:50 ----D---- C:\Windows\system32\cs-CZ
2010-11-15 14:00:42 ----D---- C:\Program Files\Internet Explorer
2010-11-15 14:00:42 ----D---- C:\Program Files (x86)\Internet Explorer
2010-11-15 14:00:40 ----D---- C:\Windows\SYSWOW64\migration
2010-11-15 14:00:39 ----D---- C:\Windows\system32\migration
2010-11-15 14:00:39 ----D---- C:\Program Files (x86)\Windows Media Player
2010-11-15 14:00:38 ----D---- C:\Program Files\Windows Media Player
2010-11-15 13:31:32 ----D---- C:\Windows\SYSWOW64\en-US
2010-11-15 13:31:32 ----D---- C:\Windows\system32\en-US
2010-11-15 13:31:30 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-11-15 13:10:19 ----D---- C:\Windows\debug
2010-11-15 12:15:17 ----D---- C:\Users\Bluff\AppData\Roaming\Skype
2010-11-15 11:59:48 ----D---- C:\Users\Bluff\AppData\Roaming\skypePM
2010-11-15 03:19:27 ----A---- C:\Users\Bluff\AppData\Roaming\AutoGK.ini
2010-11-13 08:58:36 ----D---- C:\Windows\system32\NDF
2010-11-03 10:36:34 ----D---- C:\Program Files (x86)\Common Files
2010-11-03 09:53:38 ----D---- C:\Windows\Minidump
2010-11-03 09:51:46 ----D---- C:\Program Files (x86)\CCleaner
2010-11-02 22:34:25 ----SD---- C:\ProgramData\Microsoft
2010-11-02 22:31:12 ----HD---- C:\ProgramData
2010-11-02 22:07:44 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2010-11-02 21:17:23 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-11-02 21:00:43 ----SD---- C:\Users\Bluff\AppData\Roaming\Microsoft
2010-10-29 18:37:58 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-10-29 13:56:29 ----D---- C:\Windows\system32\wdi
2010-10-25 20:55:53 ----D---- C:\Windows\Logs
2010-10-24 22:21:40 ----D---- C:\Program Files (x86)\Java
2010-10-21 22:08:44 ----D---- C:\Program Files (x86)\Internet Download Manager

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 pgpfs;PGP File Sharing; C:\Windows\System32\Drivers\PGPfsfd.sys [2010-04-01 169592]
R0 PGPwded;PGPwded Storage Filter Service; C:\Windows\system32\drivers\PGPwded.sys [2010-04-01 332920]
R0 Pgpwdefs;Pgpwdefs; C:\Windows\system32\DRIVERS\Pgpwdefs.sys [2010-04-01 14456]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-04-06 13368]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-02 116568]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 31400]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-11-02 81584]
R2 PGPdisk;PGPdisk; C:\Windows\system32\drivers\PGPdisk.sys [2010-04-01 274552]
R2 PGPsdkDriver;PGPsdkDriver; C:\Windows\System32\Drivers\PGPsdk.sys [2010-04-01 50296]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-05 6789632]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-05-05 221184]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-03-09 123408]
R3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL [2007-04-12 151296]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2007-04-10 863016]
R3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL [2007-04-10 700200]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2007-04-10 17192]
R3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL [2007-04-10 681256]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2007-04-10 290600]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2007-04-10 147752]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2007-04-10 1359144]
R3 hap16v2k;Creative P16V HAL Driver; C:\Windows\system32\drivers\hap16v2k.sys [2007-04-10 259880]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-14 15416]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2007-04-10 218408]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-05-23 36352]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2009-09-11 26248]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2009-09-11 15880]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2009-09-11 76552]
S3 cpuz130;cpuz130; \??\C:\Users\Bluff\AppData\Local\Temp\cpuz130\cpuz_x64.sys []
S3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-04-10 252712]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2007-04-10 580904]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-04-10 219432]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-04-10 321832]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-04-10 190248]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-04-10 363304]
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL [2007-04-10 142120]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-04-10 1571112]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-04-10 123688]
S3 hap17v2k;Creative P17V HAL Driver; C:\Windows\system32\drivers\hap17v2k.sys [2007-04-10 295208]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-02-26 19456]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-02-26 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2010-02-26 9216]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2009-09-11 41096]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2009-09-11 36872]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-05-05 202752]
R2 AMD FusionUtility Service;AMD FusionUtility Service; C:\Program Files (x86)\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe [2010-04-14 275832]
R2 AMD Reservation Manager;AMD Reservation Manager; C:\Program Files (x86)\AMD\Reservation Manager\AMD Reservation Manager.exe [2010-04-14 140160]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-11-02 267944]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-11-02 135336]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 lxcz_device;lxcz_device; C:\Windows\system32\lxczcoms.exe [2007-04-19 566192]
R2 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
R2 PGPserv;PGPserv; C:\Windows\SysWOW64\PGPserv.exe [2010-04-01 135288]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-05-25 613888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 freenet;Freenet background service; C:\Program Files (x86)\Freenet\bin\wrapper-windows-x86-32.exe [2010-10-25 241664]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-06-04 654848]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-15 1255736]

-----------------EOF-----------------

#2 Příspěvek od **Diallix** » 19 lis 2010 00:21

Zdravim.

Ak das ctrl+alt+delete, aky proces najviac zatazuje system? Napis mi ho sem.

Troska udrzby:
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
*Nejaky download manager, ktory sa spusta pri kazdom starte. Je nutne, aby sa spustal pri kazdom starte systemu? Ak ho budes chciet pouzit, spustis ho odkliknutim ikonky programu

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
*Taktiez sa spusta pri kazdom starte systemu. Je to pre teba nutne?

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
*Ikonka editora - programu pre nokiu, ktora sa spusti pri kazdom starte. Je to nutne?

O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKCU\..\Run: [Google Update] "C:\Users\Bluff\AppData\Local\Google\Update\GoogleUpdate.exe" /c
*Cast z nera - zbytocnost, zbytocne zatazuje pc pri starte a gogle updater, ktory bezi a sleduje aktualizacie, ktore by cim skor mohol stiahnut do systemu. Taktiez podla mna zbytocnost.

Ak tie veci nepotrebujes mat spustene pri starte os, ale mozes si ich spustit dodatocne prekliknutim ikonky, tak ich odstran. Odstranis ich nasledovne :

Start >> spustit >> napis C:\Program Files\trend micro\Bluff.exe >> klik na Do a system scan only >> v okne sa zobrazia objekty a vedla nich chlieviky. Objekty, kore som hore vypisal v pripade tvojho zaujmu oznac a potom klik na FIX

Doporucujem pc precistit s programom ccleaner : http://www.viry.cz/forum/viewtopic.php?t=7478

Pred cistenim povypinaj vsetky prehiadace !

valachmar · #3 Příspěvek od **valachmar** » 19 lis 2010 02:07

Najviac zatazuje ccc.exe(catalist control center) a dwm.exe(spravce oken plochy)...startovacie programy upravim podla tvojej rady.
Dakujem.

#4 Příspěvek od **Diallix** » 20 lis 2010 12:02

Este mozte fixnut aj toto :
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

Zbytocnost od quicku

Po mojich radach, rychlil sa pocitac?

valachmar · #5 Příspěvek od **valachmar** » 21 pro 2010 12:44

Diki zrychlil sa, ale ten Quck Time ked fixnem, tak sa pri opatovnom scane objavi zasa, uz som ho fixol 3x a je tam stale.

#6 Příspěvek od **Diallix** » 22 pro 2010 18:36

fixujes to pod uctom admina?

VIRY.CZ

Prosim o kontrolu - pomalsie PC

Prosim o kontrolu - pomalsie PC

Re: Prosim o kontrolu - pomalsie PC

Re: Prosim o kontrolu - pomalsie PC

Re: Prosim o kontrolu - pomalsie PC

Re: Prosim o kontrolu - pomalsie PC

Re: Prosim o kontrolu - pomalsie PC