Audiodg.exe nebo něco podobného.

Zpráva

mrkew2 · #1 Příspěvek od **mrkew2** » 18 kvě 2011 17:41

Hrál jednu hru vše běželo plynule a úplně normálně. A pak zničeho nic se to začalo sekat. Skoušel jsem přeinstalovat chipset a zvukovku ale dělá to pořád i když je procesor vytěžen na 50% tak se to seká. Proto přikládám log. A ano soubor audiodg.exe se nalézá v system32.

Logfile of random's system information tool 1.08 (written by random/random)
Run by PC at 2011-05-18 18:39:39
Microsoft Windows 7 Ultimate
System drive C: has 10 GB (21%) free of 50 GB
Total RAM: 3068 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:40:27, on 18.5.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Game Booster\gbtray.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Icon7\iConfig for Gamers\Z300\hid300.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\ATnotes\ATnotes.exe
C:\Program Files\Icon7\iConfig for Gamers\Tray.exe
C:\wopt021\WLAN Optimizer.exe
D:\Games\Steam\steam.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Pidgin\pidgin.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\X-Chat 2\xchat.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Opera\opera.exe
D:\stažene soubory\RSIT.exe
C:\Program Files\trend micro\PC.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 62.146.66.181 dl1.avgate.net
O1 - Hosts: 62.146.66.182 dl2.avgate.net
O1 - Hosts: 62.146.66.183 dl3.avgate.net
O1 - Hosts: 62.146.66.184 dl4.avgate.net
O1 - Hosts: 80.190.143.23 dl5.avgate.net
O1 - Hosts: 80.190.143.23 dl6.avgate.net
O1 - Hosts: 62.146.66.178 dl7.avgate.net
O1 - Hosts: 62.146.66.179 dl8.avgate.net
O1 - Hosts: 80.190.143.239 dl9.avgate.net
O1 - Hosts: 80.190.143.230 dl10.avgate.net
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [iConfig-z300] "C:\Program Files\Icon7\iConfig for Gamers\Z300\hid300.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKCU\..\Run: [WLAN Optimizer] C:\wopt021\WLAN Optimizer.exe
O4 - HKCU\..\Run: [EPSON SX420W Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU "C:\Windows\TEMP\E_S934D.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Steam] "D:\Games\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Pidgin] "C:\Program Files\Pidgin\pidgin.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-21-3491727313-2059114097-998879636-1013\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3491727313-2059114097-998879636-1013\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3491727313-2059114097-998879636-1013\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3491727313-2059114097-998879636-1013\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3491727313-2059114097-998879636-1013\..\Run: [WLAN Optimizer] C:\wopt021\WLAN Optimizer.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3491727313-2059114097-998879636-1013\..\Run: [EPSON SX420W Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU "C:\Windows\TEMP\E_S934D.tmp" /EF "HKCU" (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3491727313-2059114097-998879636-1013\..\Run: [Steam] "D:\Games\Steam\steam.exe" -silent (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3491727313-2059114097-998879636-1013\..\Run: [Pidgin] "C:\Program Files\Pidgin\pidgin.exe" (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3491727313-2059114097-998879636-1013\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3491727313-2059114097-998879636-1013\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: xchat – zástupce.lnk = C:\Program Files\X-Chat 2\xchat.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GO36F4~1.DLL
O23 - Service: TP-LINK Configuration Service (ACS) - Atheros - C:\Windows\system32\acs.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files\Common Files\Desura\desura_service.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: CD Guard Drivers Auto Removal (v2) (psrem02) - Protection Technology - C:\Windows\system32\psrem02.exe
O23 - Service: SensorsVService - Unknown owner - C:\Program Files\SensorsViewPro41\svservice.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--
End of file - 11068 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-11-05 599544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-29 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-29 266240]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-11-05 599544]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"iConfig-z300"=C:\Program Files\Icon7\iConfig for Gamers\Z300\hid300.exe [2010-06-13 358912]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-12-13 281768]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-11-16 1043968]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2010-11-05 738808]
"TaskTray"= []
"NPSStartup"= []
""= []
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-02-19 273544]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2010-10-14 487424]
"ATnotes.exe"=C:\Program Files\ATnotes\ATnotes.exe [2005-01-05 1015808]
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2009-05-28 90624]
"WLAN Optimizer"=C:\wopt021\WLAN Optimizer.exe [2009-08-07 109056]
"EPSON SX420W Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE [2009-09-14 200704]
"Steam"=D:\Games\Steam\steam.exe [2010-11-17 1242448]
"Pidgin"=C:\Program Files\Pidgin\pidgin.exe [2011-03-11 48618]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-04-18 17095048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2011-03-25 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-03-28 1910152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-20 7625248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Games\Steam\steam.exe [2010-11-17 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-02-19 273544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TWCU]
C:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe [2010-05-21 561263]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WLAN Optimizer]
C:\wopt021\WLAN Optimizer.exe [2009-08-07 109056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rain.lnk]
C:\Rain\Rain.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
C:\PROGRA~1\Xfire\Xfire.exe [2011-04-08 3510160]

C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
xchat – zástupce.lnk - C:\Program Files\X-Chat 2\xchat.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~3\GO36F4~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\xchat\xchat.exe"="C:\Program Files\xchat\xchat.exe:*:Enabled:XChat IRC Client"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-05-18 18:12:40 ----A---- C:\Windows\system32\cohelper.dll
2011-05-18 17:19:12 ----D---- C:\Windows\system32\RTCOM
2011-05-18 17:18:53 ----A---- C:\Windows\system32\WavesLib.dll
2011-05-18 17:18:53 ----A---- C:\Windows\system32\SRSWOW.dll
2011-05-18 17:18:53 ----A---- C:\Windows\system32\SRSTSXT.dll
2011-05-18 17:18:53 ----A---- C:\Windows\system32\SRSTSHD.dll
2011-05-18 17:18:53 ----A---- C:\Windows\system32\SRSHP360.dll
2011-05-18 17:18:52 ----A---- C:\Windows\system32\RtkPgExt.dll
2011-05-18 17:18:52 ----A---- C:\Windows\system32\RtkCoInst.dll
2011-05-18 17:18:52 ----A---- C:\Windows\system32\RtkApoApi.dll
2011-05-18 17:18:52 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys
2011-05-18 17:18:51 ----A---- C:\Windows\system32\RP3DHT32.dll
2011-05-18 17:18:51 ----A---- C:\Windows\system32\RP3DAA32.dll
2011-05-18 17:18:50 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2011-05-18 17:18:50 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2011-05-18 17:18:50 ----A---- C:\Windows\system32\MaxxAudioAPO.dll
2011-05-18 17:18:49 ----D---- C:\Program Files\Realtek
2011-05-18 17:18:49 ----A---- C:\Windows\system32\FMAPO.dll
2011-05-18 17:18:49 ----A---- C:\Windows\system32\AERTARen.dll
2011-05-18 17:18:49 ----A---- C:\Windows\system32\AERTACap.dll
2011-05-14 22:04:50 ----D---- C:\Users\PC\AppData\Roaming\Malwarebytes
2011-05-14 22:04:45 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-05-14 22:04:43 ----D---- C:\ProgramData\Malwarebytes
2011-05-14 22:04:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-05-14 22:04:40 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-05-13 18:17:10 ----A---- C:\Windows\dice.ini
2011-05-13 14:06:15 ----A---- C:\Windows\system32\poqexec.exe
2011-05-12 19:42:08 ----D---- C:\Users\PC\AppData\Roaming\wargaming.net
2011-05-11 15:42:42 ----D---- C:\Program Files\Zachtronics Industries
2011-05-11 13:49:06 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-05-11 13:49:05 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2011-05-11 13:49:05 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-05-11 13:49:05 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-05-11 13:49:05 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-05-11 13:49:05 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-05-11 13:49:05 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-05-11 13:49:02 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-05-11 13:49:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-05-09 18:10:31 ----D---- C:\Program Files\Common Files\Java
2011-05-09 18:10:12 ----A---- C:\Windows\system32\javaws.exe
2011-05-09 18:10:12 ----A---- C:\Windows\system32\javaw.exe
2011-05-09 18:10:12 ----A---- C:\Windows\system32\java.exe
2011-05-09 15:52:19 ----D---- C:\Users\PC\AppData\Roaming\Dwarfs
2011-05-08 16:47:45 ----A---- C:\Windows\system32\OpenCL.dll
2011-05-08 16:47:45 ----A---- C:\Windows\system32\nvhdap32.dll
2011-05-08 16:47:45 ----A---- C:\Windows\system32\nvhdagenco322040.dll
2011-05-08 16:47:45 ----A---- C:\Windows\system32\nvapo32v.dll
2011-05-08 16:47:45 ----A---- C:\Windows\system32\drivers\nvhda32v.sys
2011-05-08 16:47:44 ----A---- C:\Windows\system32\nvoglv32.dll
2011-05-08 16:47:44 ----A---- C:\Windows\system32\nvgenco322060.dll
2011-05-08 16:47:44 ----A---- C:\Windows\system32\nvdispco3220140.dll
2011-05-08 16:47:44 ----A---- C:\Windows\system32\nvd3dum.dll
2011-05-08 16:47:44 ----A---- C:\Windows\system32\nvcuvid.dll
2011-05-08 16:47:44 ----A---- C:\Windows\system32\nvcuvenc.dll
2011-05-08 16:47:44 ----A---- C:\Windows\system32\nvcuda.dll
2011-05-08 16:47:44 ----A---- C:\Windows\system32\nvcompiler.dll
2011-05-08 16:47:44 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2011-05-02 14:03:21 ----D---- C:\Program Files\Redblade 3.5e
2011-04-29 19:03:10 ----D---- C:\Content
2011-04-29 19:00:58 ----D---- C:\Program Files\Microsoft Research
2011-04-27 16:28:10 ----A---- C:\Windows\system32\prevhost.exe
2011-04-27 16:28:03 ----A---- C:\Windows\system32\esent.dll
2011-04-27 16:28:03 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-04-27 16:28:03 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-04-27 16:28:03 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-04-27 16:28:02 ----A---- C:\Windows\system32\fsutil.exe
2011-04-27 16:28:02 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-04-27 16:28:02 ----A---- C:\Windows\system32\drivers\storport.sys
2011-04-27 16:28:02 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-04-27 16:28:02 ----A---- C:\Windows\system32\drivers\amdxata.sys
2011-04-27 16:28:02 ----A---- C:\Windows\system32\drivers\amdsata.sys
2011-04-27 16:27:54 ----A---- C:\Windows\system32\XpsPrint.dll
2011-04-27 16:27:53 ----A---- C:\Windows\explorer.exe
2011-04-22 21:38:53 ----D---- C:\Program Files\CpuIdle
2011-04-22 21:38:53 ----A---- C:\Windows\system32\drivers\cpuidlep.sys
2011-04-22 17:05:39 ----SHD---- C:\found.000
2011-04-21 10:36:52 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2011-04-21 09:51:36 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2011-04-21 09:50:00 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2011-04-21 09:49:54 ----D---- C:\Program Files\Oracle
2011-04-19 15:55:45 ----A---- C:\Windows\system32\HMIPCore.dll

======List of files/folders modified in the last 1 months======

2011-05-18 18:39:47 ----D---- C:\Windows\Internet Logs
2011-05-18 18:39:46 ----D---- C:\Program Files\trend micro
2011-05-18 18:26:12 ----D---- C:\Users\PC\AppData\Roaming\Skype
2011-05-18 18:24:21 ----D---- C:\Windows\system32\config
2011-05-18 18:22:32 ----D---- C:\Users\PC\AppData\Roaming\.purple
2011-05-18 18:21:28 ----D---- C:\Windows
2011-05-18 18:20:37 ----D---- C:\ProgramData\NVIDIA
2011-05-18 18:20:35 ----D---- C:\Windows\temp
2011-05-18 18:16:58 ----SHD---- C:\Windows\Installer
2011-05-18 18:16:58 ----HD---- C:\Program Files\InstallShield Installation Information
2011-05-18 18:16:54 ----D---- C:\Program Files\NVIDIA Corporation
2011-05-18 18:16:34 ----SHD---- C:\System Volume Information
2011-05-18 18:12:40 ----D---- C:\Windows\system32\drivers
2011-05-18 18:12:40 ----AD---- C:\Windows\System32
2011-05-18 18:12:37 ----D---- C:\Windows\system32\DriverStore
2011-05-18 18:12:37 ----D---- C:\Windows\inf
2011-05-18 18:07:52 ----D---- C:\Windows\system32\catroot
2011-05-18 18:07:23 ----D---- C:\Windows\Prefetch
2011-05-18 17:51:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-18 17:33:48 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2011-05-18 17:33:48 ----D---- C:\Users\PC\AppData\Roaming\TS3Client
2011-05-18 17:22:45 ----HD---- C:\Program Files\Temp
2011-05-18 17:18:49 ----RD---- C:\Program Files
2011-05-18 16:43:49 ----D---- C:\Windows\system32\catroot2
2011-05-18 14:47:54 ----D---- C:\Program Files\Mozilla Firefox
2011-05-17 21:38:43 ----D---- C:\Users\PC\AppData\Roaming\X-Chat 2
2011-05-17 14:05:55 ----D---- C:\Windows\system32\Tasks
2011-05-17 14:05:49 ----RD---- C:\Program Files\Skype
2011-05-17 14:05:43 ----D---- C:\ProgramData\Skype
2011-05-15 18:33:15 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-05-15 10:29:40 ----D---- C:\Users\PC\AppData\Roaming\AIMP
2011-05-14 23:34:35 ----SD---- C:\Users\PC\AppData\Roaming\Microsoft
2011-05-14 22:04:43 ----D---- C:\ProgramData
2011-05-14 22:03:39 ----D---- C:\Windows\pss
2011-05-14 22:00:42 ----D---- C:\Users\PC\AppData\Roaming\Miranda
2011-05-14 22:00:42 ----D---- C:\Users\PC\AppData\Roaming\FileZilla
2011-05-14 22:00:28 ----D---- C:\Windows\debug
2011-05-14 21:58:24 ----D---- C:\Program Files\CCleaner
2011-05-14 17:31:14 ----D---- C:\Users\PC\AppData\Roaming\Xfire
2011-05-13 17:34:32 ----D---- C:\Windows\winsxs
2011-05-13 14:03:49 ----D---- C:\ProgramData\Xfire
2011-05-12 20:11:58 ----D---- C:\Program Files\Common Files
2011-05-12 20:10:58 ----D---- C:\Users\PC\AppData\Roaming\skypePM
2011-05-12 20:02:59 ----RSD---- C:\Windows\assembly
2011-05-11 22:18:57 ----A---- C:\Windows\system32\MRT.exe
2011-05-11 15:47:23 ----D---- C:\Program Files\Common Files\Steam
2011-05-11 13:56:15 ----D---- C:\Program Files\TeamSpeak 3 Client
2011-05-09 18:09:53 ----A---- C:\Windows\system32\deployJava1.dll
2011-05-08 20:42:48 ----D---- C:\Users\PC\AppData\Roaming\Teeworlds
2011-05-08 16:50:31 ----RD---- C:\Users
2011-05-07 10:47:39 ----D---- C:\Program Files\Defcon
2011-05-06 20:57:20 ----D---- C:\Program Files\IntelBurnTest
2011-05-05 22:23:56 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2011-05-03 19:25:15 ----D---- C:\Users\PC\AppData\Roaming\vlc
2011-05-01 22:16:59 ----D---- C:\Program Files\OpenOffice.org 3
2011-05-01 22:15:24 ----RSD---- C:\Windows\Fonts
2011-05-01 11:19:35 ----D---- C:\Windows\rescache
2011-04-29 23:40:59 ----D---- C:\Windows\AppPatch
2011-04-29 23:40:57 ----D---- C:\Windows\system32\ru-RU
2011-04-29 23:40:57 ----D---- C:\Windows\system32\en-US
2011-04-29 23:40:57 ----D---- C:\Windows\system32\cs-CZ
2011-04-24 22:44:47 ----D---- C:\Windows\Logs
2011-04-24 19:25:15 ----D---- C:\Fraps
2011-04-23 22:18:22 ----D---- C:\Users\PC\AppData\Roaming\.minecraft
2011-04-23 21:46:19 ----D---- C:\Program Files\CamStudio
2011-04-23 20:14:27 ----D---- C:\Windows\system32\sk-SK
2011-04-23 19:07:35 ----D---- C:\Users\PC\AppData\Roaming\gtk-2.0
2011-04-22 21:00:22 ----A---- C:\Windows\BlendSettings.ini
2011-04-21 17:21:14 ----D---- C:\Program Files\Microsoft Silverlight
2011-04-21 10:36:52 ----D---- C:\Program Files\DAEMON Tools Lite
2011-04-21 09:51:36 ----DC---- C:\Windows\system32\DRVSTORE
2011-04-20 19:50:28 ----D---- C:\Program Files\uTorrent
2011-04-19 18:38:57 ----D---- C:\Program Files\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nhcDriverDevice;Notebook Hardware Control Driver; C:\Windows\system32\drivers\nhcDriver.sys [2011-03-16 71680]
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2009-08-04 213024]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 psdrv02;CD Guard Environment Driver (v2); C:\Windows\system32\drivers\psdrv02.sys [2006-09-11 67960]
R0 pssync05;CD Guard Synchronization Driver (v5); C:\Windows\system32\drivers\pssync05.sys [2006-11-03 61312]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-03-14 431672]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-03-22 137656]
R1 cpuidlep;CpuIdle Pro System Driver; C:\Windows\system32\drivers\cpuidlep.sys [2011-04-22 4484]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-21 218688]
R1 sensorsview;sensorsview; \??\C:\Program Files\SensorsViewPro41\drv\sensorsview32.sys [2008-07-26 14416]
R1 SSHDRV65;SSHDRV65; \??\C:\Windows\system32\drivers\SSHDRV65.sys [2010-06-21 120320]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 69480]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2011-02-17 160560]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2011-02-17 44784]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2010-05-15 461400]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-07-08 281760]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-12-13 61960]
R2 cpuz133;cpuz133; \??\C:\Windows\system32\drivers\cpuz133_x32.sys [2010-03-30 20968]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2010-11-05 26872]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-07-08 25888]
R3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2010-01-05 1500160]
R3 bbcap;bbcap; C:\Windows\system32\DRIVERS\bbcap.sys [2010-07-30 4096]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-08-03 36608]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 I7Z300Filter;Icon7_Z300; C:\Windows\system32\drivers\I7Z300.sys [2010-01-20 12800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-20 2664032]
R3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28.sys [2010-02-09 722720]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2011-03-03 139368]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2009-07-30 287392]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 17920]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 84992]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-07-14 1068032]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2011-02-17 122032]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 catchme;catchme; \??\C:\Users\PC\AppData\Local\Temp\catchme.sys []
S3 cpuz130;cpuz130; \??\C:\Users\PC\AppData\Local\Temp\cpuz130\cpuz_x32.sys []
S3 CV2K1;CommView Network Monitor; C:\Windows\system32\DRIVERS\cv2k1.sys []
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 59904]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [2005-08-18 7168]
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\PC\AppData\Local\Temp\UDC2BE0.tmp []
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-14 116064]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys []
S3 MSI_DVD_010507;MSI_DVD_010507; \??\C:\PROGRA~1\MSI\MSIWDev\DVDSYS32_100507.sys [2010-05-10 22328]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\PROGRA~1\MSI\MSIWDev\msibios32_100507.sys [2010-05-10 25912]
S3 MSI_VGASYS_010507;MSI_VGASYS_010507; \??\C:\PROGRA~1\MSI\MSIWDev\VGASYS32_100507.sys [2010-05-10 16696]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\Windows\system32\NSNDIS5.SYS []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
S3 RTCore32;RTCore32; \??\C:\Program Files\RMClock\RTCore32.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 169320]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 42472]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 79872]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 61168]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-09-14 49400]
S3 ts_arusb;[CommView] Atheros Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\ts_arusb.sys [2011-01-12 1053288]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-02-17 111152]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;TP-LINK Configuration Service; C:\Windows\system32\acs.exe [2010-05-21 499796]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-03-22 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-01-28 387072]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-08-10 387616]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-08-03 233472]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 1242504]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2010-11-05 488952]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-08-10 178720]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-04-07 612456]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R2 SensorsVService;SensorsVService; C:\Program Files\SensorsViewPro41\svservice.exe [2010-06-17 923648]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2010-11-16 2435592]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 psrem02;CD Guard Drivers Auto Removal (v2); C:\Windows\system32\psrem02.exe [2006-05-11 358008]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Desura Install Service;Desura Install Service; C:\Program Files\Common Files\Desura\desura_service.exe [2011-04-16 129856]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2011-03-29 30192]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-04-26 403240]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-10-21 148848]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 18 kvě 2011 18:13

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

mrkew2 · #3 Příspěvek od **mrkew2** » 18 kvě 2011 19:13

ComboFix 11-05-17.03 - PC 18.05.2011 19:21:11.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3068.1841 [GMT 2:00]
Spuštěný z: c:\users\PC\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
FW: ZoneAlarm Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - system32: deleted 12 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\PC\Documents\cc_20110503_164909.reg
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-18 do 2011-05-18 )))))))))))))))))))))))))))))))
.
.
2011-05-18 17:44 . 2011-05-18 17:44 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-05-18 17:44 . 2011-05-18 17:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-18 17:16 . 2011-05-18 17:17 -------- d-----w- C:\32788R22FWJFW
2011-05-18 16:12 . 2009-08-05 14:10 6136 ----a-w- c:\windows\system32\drivers\nvphy.bin
2011-05-18 16:12 . 2009-07-30 14:48 705536 ----a-w- c:\windows\system32\cohelper.dll
2011-05-18 15:19 . 2011-05-18 15:19 -------- d-----w- c:\windows\system32\RTCOM
2011-05-14 20:04 . 2011-05-14 20:04 -------- d-----w- c:\users\PC\AppData\Roaming\Malwarebytes
2011-05-14 20:04 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-14 20:04 . 2011-05-14 20:04 -------- d-----w- c:\programdata\Malwarebytes
2011-05-14 20:04 . 2011-05-14 20:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-14 20:04 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-13 12:06 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
2011-05-12 17:42 . 2011-05-12 17:45 -------- d-----w- c:\users\PC\AppData\Roaming\wargaming.net
2011-05-11 13:42 . 2011-05-11 13:42 -------- d-----w- c:\program files\Zachtronics Industries
2011-05-11 11:49 . 2011-03-25 03:06 284160 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 11:49 . 2011-03-25 03:06 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 11:49 . 2011-03-25 03:06 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 11:49 . 2011-03-25 03:06 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 11:49 . 2011-03-25 03:06 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 11:49 . 2011-03-25 03:06 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 11:49 . 2011-03-25 03:06 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-11 11:49 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-05-11 11:49 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-10 19:09 . 2011-05-18 16:29 -------- d-----w- c:\users\PC\AppData\Local\The Witcher
2011-05-10 15:45 . 2011-05-10 15:46 -------- d-----w- c:\users\PC\AppData\Local\GOGDownloader
2011-05-09 16:10 . 2011-05-09 16:10 -------- d-----w- c:\program files\Common Files\Java
2011-05-09 13:52 . 2011-05-09 13:57 -------- d-----w- c:\users\PC\AppData\Roaming\Dwarfs
2011-05-08 14:50 . 2011-05-15 13:20 -------- d-----w- c:\users\UpdatusUser
2011-05-02 12:03 . 2011-05-02 12:03 -------- d-----w- c:\program files\Redblade 3.5e
2011-04-29 17:03 . 2011-04-29 17:03 -------- d-----w- C:\Content
2011-04-29 17:00 . 2011-04-29 17:00 -------- d-----w- c:\program files\Microsoft Research
2011-04-27 14:28 . 2011-02-18 05:33 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-04-27 14:28 . 2011-03-11 05:44 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-04-27 14:28 . 2011-03-11 05:44 1210240 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-04-27 14:28 . 2011-03-11 05:44 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-04-27 14:28 . 2011-03-11 05:39 1686016 ----a-w- c:\windows\system32\esent.dll
2011-04-27 14:28 . 2011-03-11 05:44 146304 ----a-w- c:\windows\system32\drivers\storport.sys
2011-04-27 14:28 . 2011-03-11 05:43 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-04-27 14:28 . 2011-03-11 05:43 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-04-27 14:28 . 2011-03-11 05:43 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-04-27 14:28 . 2011-03-11 05:37 74240 ----a-w- c:\windows\system32\fsutil.exe
2011-04-27 14:27 . 2011-03-12 11:31 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-27 14:27 . 2011-02-26 05:33 2614784 ----a-w- c:\windows\explorer.exe
2011-04-22 19:38 . 2011-04-22 19:38 -------- d-----w- c:\program files\CpuIdle
2011-04-22 19:38 . 2011-04-22 19:38 4484 ----a-w- c:\windows\system32\drivers\cpuidlep.sys
2011-04-22 15:05 . 2011-04-22 15:05 -------- d-----w- C:\found.000
2011-04-21 08:36 . 2011-04-21 08:36 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-04-21 07:54 . 2011-04-21 20:56 -------- d-----w- c:\users\PC\VirtualBox VMs
2011-04-21 07:53 . 2011-04-21 20:56 -------- d-----w- c:\users\PC\.VirtualBox
2011-04-21 07:51 . 2011-02-17 16:06 160560 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-04-21 07:50 . 2011-02-17 16:06 44784 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-04-21 07:49 . 2011-04-21 07:49 -------- d-----w- c:\program files\Oracle
2011-04-19 13:55 . 2010-06-15 16:27 282928 ----a-w- c:\windows\system32\HMIPCore.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-09 16:09 . 2010-06-15 16:36 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\system32\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\system32\xlivefnt.dll
2011-04-08 11:28 . 2011-04-08 11:28 41872 ----a-w- c:\windows\system32\xfcodec.dll
2011-04-08 05:14 . 2011-05-08 14:47 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2011-04-08 05:14 . 2010-06-15 12:01 6299752 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-04-08 05:14 . 2010-06-15 12:01 2034280 ----a-w- c:\windows\system32\nvapi.dll
2011-04-07 20:43 . 2011-04-07 20:43 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-04-07 20:43 . 2011-04-07 20:43 612456 ----a-w- c:\windows\system32\nvvsvc.exe
2011-04-07 20:43 . 2011-04-07 20:43 293992 ----a-w- c:\windows\system32\nvhotkey.dll
2011-04-07 20:43 . 2011-04-07 20:43 2582120 ----a-w- c:\windows\system32\nvsvcr.dll
2011-04-07 20:43 . 2011-04-07 20:43 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-04-07 20:43 . 2011-04-07 20:43 3701352 ----a-w- c:\windows\system32\nvcpl.dll
2011-04-07 20:43 . 2011-04-07 20:43 2565224 ----a-w- c:\windows\system32\nvsvc.dll
2011-03-25 07:03 . 2007-10-25 16:26 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2011-03-22 17:15 . 2011-01-07 18:40 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-03-16 22:06 . 2010-06-18 19:05 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-03-16 21:30 . 2011-03-16 21:30 71680 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2011-03-14 14:46 . 2010-06-17 16:11 431672 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-03-12 14:37 . 2011-01-18 19:49 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-03-12 14:37 . 2011-01-18 19:49 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-03-12 08:10 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-11 05:40 . 2011-04-15 14:10 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 05:40 . 2011-04-15 14:10 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-03-08 05:38 . 2011-04-15 14:10 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 05:29 . 2011-04-15 14:10 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 05:27 . 2011-04-15 14:10 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 03:31 . 2011-04-15 14:10 2331136 ----a-w- c:\windows\system32\win32k.sys
2011-02-25 17:37 . 2011-03-26 15:01 1284712 ----a-w- c:\windows\RtlExUpd.dll
2011-02-24 05:32 . 2011-04-15 14:10 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-24 05:32 . 2011-04-15 14:10 981504 ----a-w- c:\windows\system32\wininet.dll
2011-02-24 05:30 . 2011-04-15 14:10 44544 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-24 04:23 . 2011-04-15 14:10 386048 ----a-w- c:\windows\system32\html.iec
2011-02-24 03:50 . 2011-04-15 14:10 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-02-23 05:06 . 2011-04-15 14:10 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-23 05:05 . 2011-04-15 14:10 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-02-23 05:05 . 2011-04-15 14:10 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-02-23 05:05 . 2011-04-15 14:09 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-02-23 05:05 . 2011-04-15 14:09 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-02-23 05:05 . 2011-04-15 14:09 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-23 05:05 . 2011-04-15 14:09 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-02-19 18:59 . 2010-04-29 09:47 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-02-19 18:59 . 2010-04-29 09:47 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-02-19 05:56 . 2011-03-23 08:59 805376 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 05:56 . 2011-03-23 08:59 1076736 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 05:56 . 2011-03-23 08:59 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 05:32 . 2011-04-15 14:10 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-19 03:37 . 2011-04-15 14:10 294912 ----a-w- c:\windows\system32\atmfd.dll
2011-02-18 22:05 . 2010-08-19 15:31 237056 ----a-w- c:\windows\system32\ssleay32.dll
2011-02-18 22:05 . 2010-08-19 15:31 237056 ----a-w- c:\windows\system32\libssl32.dll
2011-02-18 22:05 . 2010-08-19 15:31 1099776 ----a-w- c:\windows\system32\libeay32.dll
2011-02-18 05:36 . 2011-04-15 14:10 428032 ----a-w- c:\windows\system32\vbscript.dll
2011-03-18 17:55 . 2011-04-01 11:05 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 09:06 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 10:47 31232 --sh--r- c:\windows\System32\msfDX.dll
2008-03-16 12:30 216064 --sh--r- c:\windows\System32\nbDX.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2011-03-23 04:56 319488 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2011-03-23 04:56 319488 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2011-03-23 04:56 319488 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2011-03-23 04:56 319488 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2010-10-14 487424]
"ATnotes.exe"="c:\program files\ATnotes\ATnotes.exe" [2005-01-05 1015808]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 90624]
"WLAN Optimizer"="c:\wopt021\WLAN Optimizer.exe" [2009-08-07 109056]
"Steam"="d:\games\Steam\steam.exe" [2010-11-17 1242448]
"Pidgin"="c:\program files\Pidgin\pidgin.exe" [2011-03-11 48618]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-04-18 17095048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iConfig-z300"="c:\program files\Icon7\iConfig for Gamers\Z300\hid300.exe" [2010-06-13 358912]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-11-16 1043968]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2010-11-05 738808]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-02-19 273544]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
.
c:\users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
xchat - z stupce.lnk - c:\program files\X-Chat 2\xchat.exe [2010-8-21 398848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rain.lnk]
path=c:\users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rain.lnk
backup=c:\windows\pss\Rain.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
path=c:\users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
backup=c:\windows\pss\Xfire.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2011-03-25 07:04 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2011-03-28 13:41 1910152 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2009-07-20 17:21 7625248 ------w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-11-17 18:52 1242448 ----a-w- d:\games\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-02-19 18:59 273544 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TWCU]
2010-05-21 12:55 561263 ----a-w- c:\program files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WLAN Optimizer]
2009-08-07 17:38 109056 ----a-w- c:\wopt021\WLAN Optimizer.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R2 psrem02;CD Guard Drivers Auto Removal (v2);c:\windows\system32\psrem02.exe svc [x]
R2 SensorsVService;SensorsVService;c:\program files\SensorsViewPro41\svservice.exe [2010-06-17 923648]
R3 cpuz130;cpuz130;c:\users\PC\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [x]
R3 Desura Install Service;Desura Install Service;c:\program files\Common Files\Desura\desura_service.exe [2011-04-16 129856]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 59904]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt [2005-08-17 7168]
R3 GarenaPEngine;GarenaPEngine;c:\users\PC\AppData\Local\Temp\UDC2BE0.tmp [x]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-03-29 30192]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-14 116064]
R3 MSI_DVD_010507;MSI_DVD_010507;c:\progra~1\MSI\MSIWDev\DVDSYS32_100507.sys [2010-05-10 22328]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\progra~1\MSI\MSIWDev\msibios32_100507.sys [2010-05-10 25912]
R3 MSI_VGASYS_010507;MSI_VGASYS_010507;c:\progra~1\MSI\MSIWDev\VGASYS32_100507.sys [2010-05-10 16696]
R3 RTCore32;RTCore32;c:\program files\RMClock\RTCore32.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
R3 ts_arusb;[CommView] Atheros Wireless Network Adapter Service;c:\windows\system32\DRIVERS\ts_arusb.sys [2011-01-12 15:54 1053288]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-02-17 111152]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
R3 Z300Fltr;Icon7 Z300 Gaming Laser Mouse;c:\windows\system32\drivers\I7Z300.sys [2010-01-20 12800]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 psdrv02;CD Guard Environment Driver (v2);c:\windows\system32\drivers\psdrv02.sys [2006-09-11 67960]
S0 pssync05;CD Guard Synchronization Driver (v5);c:\windows\system32\drivers\pssync05.sys [2006-11-03 61312]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-21 218688]
S1 sensorsview;sensorsview;c:\program files\SensorsViewPro41\drv\sensorsview32.sys [2008-07-26 14416]
S1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [2010-06-21 120320]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-02-17 160560]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-02-17 44784]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2011-01-28 387072]
S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [2010-03-30 20968]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-08-03 233472]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 1242504]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2010-11-05 26872]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2010-11-05 488952]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athur.sys [2010-01-05 1500160]
S3 bbcap;bbcap;c:\windows\system32\DRIVERS\bbcap.sys [2010-07-30 4096]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-08-03 36608]
S3 I7Z300Filter;Icon7_Z300;c:\windows\system32\drivers\I7Z300.sys [2010-01-20 12800]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2010-02-09 722720]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-03-03 139368]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-02-17 122032]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - FSUSBEXDISK
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
Trusted Zone: com\www.msi
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
FF - ProfilePath - c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\kyoa53qf.default\
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=827316&p=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-TaskTray - (no file)
HKLM-Run-NPSStartup - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GarenaPEngine]
"ImagePath"="\??\c:\users\PC\AppData\Local\Temp\UDC2BE0.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{73A8E30A-0E46-75B8-1FD6-34BE9C5E8706}*]
"iafkiallalgogkfeab"=hex:6a,61,6a,66,62,6b,62,63,6d,62,61,61,70,63,64,63,63,67,
65,6c,00,00
"haldchadcfdjiloh"=hex:6a,61,6f,66,67,69,6f,66,6c,6f,6f,66,68,69,64,6d,6b,61,
6c,6d,00,00
"iakloabgikopokobbf"=hex:6a,61,6a,66,62,6b,62,63,6d,62,61,61,70,63,64,63,63,67,
65,6c,00,00
"hammjpnbaoljfnij"=hex:6a,61,6a,66,62,6b,62,63,6d,62,61,61,70,63,64,63,63,67,
65,6c,00,00
.
[HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:a7,ed,9a,e1,de,93,96,5b,3c,d5,6d,ec,a4,a8,5e,ce,25,74,4a,25,d3,92,25,
3c,1b,ee,af,e5,00,2a,ad,e0,cf,cb,ea,a7,67,33,de,8e,c7,e6,9d,5a,c7,9f,38,f1,\
"??"=hex:e2,06,90,c3,a9,ab,f7,ca,1c,f7,63,d7,3e,f2,89,5d
.
[HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000\Software\SecuROM\License information*]
"datasecu"=hex:ed,9b,c9,68,6f,b7,5a,f6,9d,a2,c1,61,aa,cb,10,ee,b7,03,be,c5,c8,
82,e9,2e,fd,89,3e,21,c8,12,f7,73,df,6d,70,74,08,e1,17,8c,11,f7,c2,82,af,cd,\
"rkeysecu"=hex:7e,8c,e0,5d,ab,dc,aa,0f,a1,1b,cb,4e,3b,88,1a,e6
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\MountedDevices]
@Denied: (Read) (Administrators)
"\\DosDevices\\C:"=hex:87,1f,b2,ba,00,00,50,06,00,00,00,00
"\\??\\Volume{922cbca3-78a3-11df-bd3f-806e6f6e6963}"=hex:87,1f,b2,ba,00,00,10,
00,00,00,00,00
"\\??\\Volume{922cbca4-78a3-11df-bd3f-806e6f6e6963}"=hex:87,1f,b2,ba,00,00,50,
06,00,00,00,00
"\\??\\Volume{922cbca7-78a3-11df-bd3f-806e6f6e6963}"=hex:5c,00,3f,00,3f,00,5c,
00,49,00,44,00,45,00,23,00,43,00,64,00,52,00,6f,00,6d,00,4f,00,70,00,74,00,\
"\\??\\Volume{e293987e-7873-11df-b662-406186172faa}"=hex:5f,00,3f,00,3f,00,5f,
00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\DosDevices\\E:"=hex:5c,00,3f,00,3f,00,5c,00,53,00,43,00,53,00,49,00,23,00,
43,00,64,00,52,00,6f,00,6d,00,26,00,56,00,65,00,6e,00,5f,00,51,00,46,00,4b,\
"\\??\\Volume{e2939890-7873-11df-b662-406186172faa}"=hex:5f,00,3f,00,3f,00,5f,
00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\??\\Volume{12085c0a-7876-11df-a5df-806e6f6e6963}"=hex:5c,00,3f,00,3f,00,5c,
00,53,00,43,00,53,00,49,00,23,00,43,00,64,00,52,00,6f,00,6d,00,26,00,56,00,\
"\\??\\Volume{3d83c022-787a-11df-94a1-406186172faa}"=hex:87,1f,b2,ba,00,00,10,
35,0c,00,00,00
"\\DosDevices\\D:"=hex:87,1f,b2,ba,00,00,10,35,0c,00,00,00
"\\DosDevices\\F:"=hex:5c,00,3f,00,3f,00,5c,00,44,00,54,00,53,00,4f,00,46,00,
54,00,42,00,55,00,53,00,26,00,52,00,65,00,76,00,31,00,23,00,44,00,54,00,43,\
"\\??\\Volume{5647c9c3-787b-11df-846c-406186172faa}"=hex:5f,00,3f,00,3f,00,5f,
00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\??\\Volume{84a1b733-7a16-11df-b1ac-f1ba49e920ae}"=hex:5c,00,3f,00,3f,00,5c,
00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,43,00,64,00,52,00,6f,00,\
"\\??\\Volume{4225bcdb-7a2b-11df-b44e-aab93e765bac}"=hex:5c,00,3f,00,3f,00,5c,
00,53,00,43,00,53,00,49,00,23,00,43,00,64,00,52,00,6f,00,6d,00,26,00,56,00,\
"\\??\\Volume{4225bd99-7a2b-11df-b44e-aab93e765bac}"=hex:5f,00,3f,00,3f,00,5f,
00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\DosDevices\\H:"=hex:5f,00,3f,00,3f,00,5f,00,55,00,53,00,42,00,53,00,54,00,
4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,26,00,56,00,65,00,6e,00,5f,00,26,\
"\\??\\Volume{4225bd9f-7a2b-11df-b44e-aab93e765bac}"=hex:5f,00,3f,00,3f,00,5f,
00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\DosDevices\\I:"=hex:5f,00,3f,00,3f,00,5f,00,55,00,53,00,42,00,53,00,54,00,
4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,26,00,56,00,65,00,6e,00,5f,00,53,\
"\\??\\Volume{8ff96f57-7d62-11df-8b3e-b093a2adbeab}"=hex:5f,00,3f,00,3f,00,5f,
00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\??\\Volume{5329f98d-80e2-11df-bf43-b603b6a8ebaf}"=hex:5f,00,3f,00,3f,00,5f,
00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\??\\Volume{9ac238f3-88c9-11df-9189-e8d431c729a9}"=hex:5f,00,3f,00,3f,00,5f,
00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\??\\Volume{a27d903f-88dd-11df-8d75-928742036ca9}"=hex:5f,00,3f,00,3f,00,5f,
00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\??\\Volume{c7065031-89f6-11df-a87e-406186172faa}"=hex:5f,00,3f,00,3f,00,5f,
00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\??\\Volume{8802b7fc-8db6-11df-85c3-406186172faa}"=hex:5c,00,3f,00,3f,00,5c,
00,53,00,43,00,53,00,49,00,23,00,43,00,64,00,52,00,6f,00,6d,00,26,00,56,00,\
"\\??\\Volume{15f61894-97fa-11df-b5d3-ef9e493ba5a9}"=hex:5c,00,3f,00,3f,00,5c,
00,53,00,43,00,53,00,49,00,23,00,43,00,64,00,52,00,6f,00,6d,00,26,00,56,00,\
"\\DosDevices\\G:"=hex:5c,00,3f,00,3f,00,5c,00,53,00,43,00,53,00,49,00,23,00,
43,00,64,00,52,00,6f,00,6d,00,26,00,56,00,65,00,6e,00,5f,00,4f,00,70,00,74,\
"\\??\\Volume{ab649771-bc09-11df-ae32-83e16c26cca7}"=hex:5f,00,3f,00,3f,00,5f,
00,53,00,43,00,53,00,49,00,23,00,44,00,69,00,73,00,6b,00,26,00,56,00,65,00,\
"\\??\\Volume{ab64977b-bc09-11df-ae32-83e16c26cca7}"=hex:5f,00,3f,00,3f,00,5f,
00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\??\\Volume{b56fd32d-c60c-11df-9ed4-406186172faa}"=hex:5f,00,3f,00,3f,00,5f,
00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\??\\Volume{d7eb8687-d2e6-11df-85b3-ba4f9ac258aa}"=hex:5f,00,3f,00,3f,00,5f,
00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\??\\Volume{dfc07712-efc0-11df-a008-cbf0edc9d8b4}"=hex:5f,00,3f,00,3f,00,5f,
00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\??\\Volume{98901fb0-0e74-11e0-ad21-c0828ec68ca7}"=hex:5f,00,3f,00,3f,00,5f,
00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\??\\Volume{16dc7e9b-4240-11e0-95d6-9b43d3ff07c6}"=hex:5c,00,3f,00,3f,00,5c,
00,44,00,54,00,53,00,4f,00,46,00,54,00,42,00,55,00,53,00,26,00,52,00,65,00,\
"\\??\\Volume{78d257ac-44f2-11e0-a04a-8cdb280676ba}"=hex:5c,00,3f,00,3f,00,5c,
00,44,00,54,00,53,00,4f,00,46,00,54,00,42,00,55,00,53,00,26,00,52,00,65,00,\
"\\??\\Volume{13a80cb3-467c-11e0-b0b7-ca0746c6d8a8}"=hex:5f,00,3f,00,3f,00,5f,
00,53,00,44,00,23,00,56,00,49,00,44,00,5f,00,30,00,34,00,26,00,4f,00,49,00,\
"\\??\\Volume{e284d870-469f-11e0-9c42-be5c276679ba}"=hex:5c,00,3f,00,3f,00,5c,
00,53,00,43,00,53,00,49,00,23,00,43,00,64,00,52,00,6f,00,6d,00,26,00,56,00,\
"\\??\\Volume{f937bad4-46a2-11e0-9e57-97a8f3deacdb}"=hex:5c,00,3f,00,3f,00,5c,
00,44,00,54,00,53,00,4f,00,46,00,54,00,42,00,55,00,53,00,26,00,52,00,65,00,\
"\\??\\Volume{fc62642d-4e49-11e0-84b9-a4cebd16efc6}"=hex:5c,00,3f,00,3f,00,5c,
00,44,00,54,00,53,00,4f,00,46,00,54,00,42,00,55,00,53,00,26,00,52,00,65,00,\
"\\??\\Volume{1f744bee-4fe3-11e0-a279-efc6e7d4ccac}"=hex:5c,00,3f,00,3f,00,5c,
00,53,00,43,00,53,00,49,00,23,00,43,00,64,00,52,00,6f,00,6d,00,26,00,56,00,\
"\\??\\Volume{d801b5cf-500a-11e0-ad0c-806e6f6e6963}"=hex:5c,00,3f,00,3f,00,5c,
00,49,00,44,00,45,00,23,00,43,00,64,00,52,00,6f,00,6d,00,4f,00,70,00,74,00,\
"\\??\\Volume{0a9168c6-6be8-11e0-9f18-890ed7eea4d3}"=hex:5c,00,3f,00,3f,00,5c,
00,53,00,43,00,53,00,49,00,23,00,43,00,64,00,52,00,6f,00,6d,00,26,00,56,00,\
"\\??\\Volume{0a9168c9-6be8-11e0-9f18-890ed7eea4d3}"=hex:5c,00,3f,00,3f,00,5c,
00,53,00,43,00,53,00,49,00,23,00,43,00,64,00,52,00,6f,00,6d,00,26,00,56,00,\
"\\??\\Volume{0a9168cf-6be8-11e0-9f18-890ed7eea4d3}"=hex:5c,00,3f,00,3f,00,5c,
00,44,00,54,00,53,00,4f,00,46,00,54,00,42,00,55,00,53,00,26,00,52,00,65,00,\
"\\??\\Volume{0a9168d1-6be8-11e0-9f18-890ed7eea4d3}"=hex:5c,00,3f,00,3f,00,5c,
00,44,00,54,00,53,00,4f,00,46,00,54,00,42,00,55,00,53,00,26,00,52,00,65,00,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(572)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
Celkový čas: 2011-05-18 20:10:56
ComboFix-quarantined-files.txt 2011-05-18 18:10
ComboFix2.txt 2011-02-12 20:17
.
Před spuštěním: Volných bajtů: 10 792 062 976
Po spuštění: Volných bajtů: 11 401 351 168
.
- - End Of File - - 65593EF7399DFBAF7F9DDED0DB4D0DA7

#4 Příspěvek od **Rudy** » 18 kvě 2011 19:22

Audiodg.exe je součást ovladače zv. karty. Umístění v system32 je správné, tudíž soubor je legitimní. Zkuste zv. ovladač reinstalovat.

mrkew2 · #5 Příspěvek od **mrkew2** » 18 kvě 2011 19:46

Takže reinstalnul jsem ovladače a nic. Pořád stejné.
Pro test jsem použil hru infiniminer. Hra se sekala už jenom pohybem myší.

Tady je obrázek.

Takže zatím nevím co dál.

mrkew2 · #6 Příspěvek od **mrkew2** » 18 kvě 2011 20:04

Tak teď jsem ještě zjistil že se to seká když využívám zvuk tak třeba když pustím nějaké video. I třeba videa z youtube.

#7 Příspěvek od **Rudy** » 18 kvě 2011 20:28

Audiodg.exe vám zatěžuje systém pouze 5%. 44% zabírá infinminer.exe, což je asi samotná hra. Jinak CF něco infikovaného smazal. Máte všechny systémové záplaty?

mrkew2 · #8 Příspěvek od **mrkew2** » 18 kvě 2011 20:40

Všechny updaty mám kromě SP 1 nebo ten mi nešel stáhnout ale ted to zkouším znova. Ale nevím jestli můj problém je audiodg.exe jen jsem to tak odvodil nebo byl 2 nebo 3 který nejvíc zatěžoval CPU.

#9 Příspěvek od **Rudy** » 18 kvě 2011 21:44

Podle mého je to problém hry Infiminer. Jinak k audiodg jsem našel tohle (je to v AJ): http://forums.techarena.in/windows-vist ... 742094.htm .

mrkew2 · #10 Příspěvek od **mrkew2** » 20 kvě 2011 20:03

Takže zvukem to není zakázal jsem ho a pořád to dělá. Zkusím nainstalovat ještě ten SP 1, když nepomůže zkusím nouzový režim, když tak přeinstaluji úplně všechny ovladače a nakonec dam pod obnovení. Pak dám vědět. A stým obvovením smažou se mi soubory nebo se smažou jen určité programy programy?

#11 Příspěvek od **Rudy** » 20 kvě 2011 20:45

Pokud nejdřív přeinstalujete ovladača a pak dáte obnovu systému, ovladače se opět odregistují a vrátí se ty původní. Všechno, co jste instaloval ode dne bodu obnovení dodnes se odregistruje. Ten SP1 zkuste a pak dejte vědět.

mrkew2 · #12 Příspěvek od **mrkew2** » 20 kvě 2011 21:02

takze predem pisu z mobilu. Ten sp 1 nesel naistalovat system mam legal. Ted skousim test na linuxu.

mrkew2 · #13 Příspěvek od **mrkew2** » 20 kvě 2011 21:19

No na linuxu se to neseka, mohla se nějak vypálit grafika a teď se to seká? Právě netuším jestli byla yužita grafická karta v linuxe.

#14 Příspěvek od **Rudy** » 20 kvě 2011 22:12

Grafická karta určitě v Linuxu využita byla, jinak byste nic neviděl. Je logické, že se to v Linuxu sekat nebude, když je to jiný systém, v kterém není hromada her, jako máte ve Win. Řekl bych, že problém je v sw konfliktu některých softů, které v PC máte. Hledat ale, které to jsou, je hledání jehly v kupce sena. Pokud můžete, vzpomeňte si, po instalaci čeho se tento problém objevil. Jinak s tím asi těžko hneme.

mrkew2 · #15 Příspěvek od **mrkew2** » 21 kvě 2011 09:42

Takže obnovil jsem PC do datu 1. 9. 2010 a pořád to samé, prostě jednou jsem si po dlouhé době něco zahrál (byl to zaklínač 1 a byl legalní).

Přikládám log z obnoveného pc.

Logfile of random's system information tool 1.08 (written by random/random)
Run by PC at 2011-05-21 10:38:31
Microsoft Windows 7 Ultimate
System drive C: has 16 GB (31%) free of 50 GB
Total RAM: 3068 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:40:31, on 21.5.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Icon7\iConfig for Gamers\Z300\hid300.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Icon7\iConfig for Gamers\Tray.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Opera\opera.exe
C:\Users\PC\Desktop\RSIT.exe
C:\Program Files\trend micro\PC.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskmgr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [iConfigg300] "C:\Program Files\Icon7\iConfig for Gamers\z300\hid300.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: CD Guard Drivers Auto Removal (v2) (psrem02) - Protection Technology - C:\Windows\system32\psrem02.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 5310 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-27 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2009-07-22 83336]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-20 7625248]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-04-07 2145000]
"iConfigg300"=C:\Program Files\Icon7\iConfig for Gamers\z300\hid300.exe [2010-02-23 359936]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet 3]
C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe -minimize []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iConfig-z300]
C:\Program Files\Icon7\iConfig for Gamers\Z300\hid300.exe [2010-02-23 359936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
d:\games\steam\steam.exe [2010-11-17 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FreeRapid 0.83u1.lnk]
D:\FREERA~1.83U\FREERA~1.83U\frd.exe [2009-10-29 35840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\xchat\xchat.exe"="C:\Program Files\xchat\xchat.exe:*:Enabled:XChat IRC Client"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-05-21 09:45:01 ----D---- C:\Windows\Internet Logs
2011-05-21 08:23:41 ----D---- C:\ProgramData\NVIDIA
2011-05-21 08:04:44 ----D---- C:\Program Files\AMD
2011-05-20 23:16:10 ----D---- C:\Program Files\Geeks3D
2011-05-20 20:48:25 ----D---- C:\ProgramData\Windows Genuine Advantage
2011-05-20 20:38:04 ----D---- C:\ProgramData\NVIDIA Corporation
2011-05-20 14:23:54 ----D---- C:\Program Files\Hot CPU Tester Pro 4
2011-05-20 14:23:01 ----D---- C:\ProgramData\eSellerate
2011-05-18 22:11:55 ----D---- C:\Program Files\vypinac
2011-05-18 20:11:09 ----A---- C:\ComboFix.txt
2011-05-14 22:04:50 ----D---- C:\Users\PC\AppData\Roaming\Malwarebytes
2011-05-14 22:04:43 ----D---- C:\ProgramData\Malwarebytes
2011-05-14 22:04:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-05-12 19:42:08 ----D---- C:\Users\PC\AppData\Roaming\wargaming.net
2011-05-09 15:52:19 ----D---- C:\Users\PC\AppData\Roaming\Dwarfs
2011-05-02 14:03:21 ----D---- C:\Program Files\Redblade 3.5e
2011-04-29 19:03:10 ----D---- C:\Content
2011-04-29 19:00:58 ----D---- C:\Program Files\Microsoft Research
2011-04-22 21:38:53 ----D---- C:\Program Files\CpuIdle
2011-04-22 17:05:39 ----D---- C:\found.000

======List of files/folders modified in the last 1 months======

2011-05-21 10:40:30 ----D---- C:\Windows\temp
2011-05-21 10:39:47 ----D---- C:\Program Files\trend micro
2011-05-21 10:38:02 ----SHD---- C:\System Volume Information
2011-05-21 10:28:50 ----D---- C:\Windows\system32\catroot2
2011-05-21 10:28:06 ----D---- C:\Users\PC\AppData\Roaming\Skype
2011-05-21 10:26:43 ----D---- C:\Windows\System32
2011-05-21 10:25:31 ----D---- C:\Windows\Tasks
2011-05-21 10:25:31 ----D---- C:\Windows\system32\wfp
2011-05-21 10:25:30 ----D---- C:\Windows\system32\wbem
2011-05-21 10:25:27 ----D---- C:\Windows\system32\en-US
2011-05-21 10:25:24 ----D---- C:\Windows\system32\cs-CZ
2011-05-21 10:25:23 ----RSD---- C:\Windows\Fonts
2011-05-21 10:25:23 ----D---- C:\Windows\AppPatch
2011-05-21 10:25:22 ----D---- C:\Program Files\Windows Portable Devices
2011-05-21 10:25:22 ----D---- C:\Program Files\Windows Media Player
2011-05-21 10:25:22 ----D---- C:\Program Files\Internet Explorer
2011-05-21 10:25:17 ----D---- C:\Windows\system32\Resource
2011-05-21 10:25:14 ----RD---- C:\Program Files
2011-05-21 10:25:00 ----D---- C:\Windows\winsxs
2011-05-21 10:24:56 ----D---- C:\Windows
2011-05-21 10:23:46 ----D---- C:\Windows\system32\config
2011-05-21 10:21:50 ----D---- C:\Windows\twain_32
2011-05-21 10:21:47 ----RSD---- C:\Windows\Media
2011-05-21 10:21:47 ----D---- C:\Windows\system32\DriverStore
2011-05-21 10:21:47 ----D---- C:\Windows\system32\drivers
2011-05-21 10:21:47 ----D---- C:\Windows\system32\Dism
2011-05-21 10:21:47 ----D---- C:\Windows\ShellNew
2011-05-21 10:21:47 ----D---- C:\Windows\servicing
2011-05-21 10:21:47 ----D---- C:\Windows\inf
2011-05-21 10:21:46 ----D---- C:\Windows\ehome
2011-05-21 10:21:46 ----D---- C:\Windows\Cursors
2011-05-21 10:21:46 ----D---- C:\Windows\addins
2011-05-21 10:21:46 ----D---- C:\Program Files\Windows Sidebar
2011-05-21 10:21:46 ----D---- C:\Program Files\Windows Mail
2011-05-21 10:21:46 ----D---- C:\Program Files\Windows Journal
2011-05-21 10:21:46 ----D---- C:\Program Files\Windows Defender
2011-05-21 10:21:46 ----D---- C:\Program Files\DVD Maker
2011-05-21 10:21:46 ----D---- C:\Program Files\Common Files\System
2011-05-21 10:21:46 ----D---- C:\Program Files\Common Files\Services
2011-05-21 10:21:30 ----D---- C:\Windows\system32\zh-TW
2011-05-21 10:21:30 ----D---- C:\Windows\system32\zh-HK
2011-05-21 10:21:30 ----D---- C:\Windows\system32\zh-CN
2011-05-21 10:21:30 ----D---- C:\Windows\system32\WinBioPlugIns
2011-05-21 10:21:30 ----D---- C:\Windows\system
2011-05-21 10:21:29 ----D---- C:\Windows\system32\uk-UA
2011-05-21 10:21:29 ----D---- C:\Windows\system32\tr-TR
2011-05-21 10:21:29 ----D---- C:\Windows\system32\th-TH
2011-05-21 10:21:29 ----D---- C:\Windows\system32\sysprep
2011-05-21 10:21:29 ----D---- C:\Windows\system32\sv-SE
2011-05-21 10:21:29 ----D---- C:\Windows\system32\sr-Latn-CS
2011-05-21 10:21:29 ----D---- C:\Windows\system32\sppui
2011-05-21 10:21:29 ----D---- C:\Windows\system32\sl-SI
2011-05-21 10:21:29 ----D---- C:\Windows\system32\sk-SK
2011-05-21 10:21:29 ----D---- C:\Windows\system32\Setup
2011-05-21 10:21:29 ----D---- C:\Windows\system32\ru-RU
2011-05-21 10:21:29 ----D---- C:\Windows\system32\ru
2011-05-21 10:21:29 ----D---- C:\Windows\system32\ro-RO
2011-05-21 10:21:29 ----D---- C:\Windows\system32\ras
2011-05-21 10:21:29 ----D---- C:\Windows\system32\pt-PT
2011-05-21 10:21:29 ----D---- C:\Windows\system32\pt-BR
2011-05-21 10:21:29 ----D---- C:\Windows\system32\pl-PL
2011-05-21 10:21:29 ----D---- C:\Windows\system32\oobe
2011-05-21 10:21:29 ----D---- C:\Windows\system32\nl-NL
2011-05-21 10:21:28 ----D---- C:\Windows\system32\nb-NO
2011-05-21 10:21:28 ----D---- C:\Windows\system32\Msdtc
2011-05-21 10:21:28 ----D---- C:\Windows\system32\migwiz
2011-05-21 10:21:28 ----D---- C:\Windows\system32\migration
2011-05-21 10:21:28 ----D---- C:\Windows\system32\lv-LV
2011-05-21 10:21:28 ----D---- C:\Windows\system32\lt-LT
2011-05-21 10:21:28 ----D---- C:\Windows\system32\ko-KR
2011-05-21 10:21:26 ----D---- C:\Windows\system32\ja-JP
2011-05-21 10:21:26 ----D---- C:\Windows\system32\it-IT
2011-05-21 10:21:26 ----D---- C:\Windows\system32\icsxml
2011-05-21 10:21:26 ----D---- C:\Windows\system32\ias
2011-05-21 10:21:26 ----D---- C:\Windows\system32\hu-HU
2011-05-21 10:21:26 ----D---- C:\Windows\system32\hr-HR
2011-05-21 10:21:26 ----D---- C:\Windows\system32\he-IL
2011-05-21 10:21:25 ----D---- C:\Windows\system32\fr-FR
2011-05-21 10:21:25 ----D---- C:\Windows\system32\fi-FI
2011-05-21 10:21:25 ----D---- C:\Windows\system32\et-EE
2011-05-21 10:21:25 ----D---- C:\Windows\system32\es-ES
2011-05-21 10:21:25 ----D---- C:\Windows\system32\en
2011-05-21 10:21:25 ----D---- C:\Windows\system32\el-GR
2011-05-21 10:21:20 ----D---- C:\Windows\system32\drivers\UMDF
2011-05-21 10:21:20 ----D---- C:\Windows\system32\drivers\sk-SK
2011-05-21 10:21:20 ----D---- C:\Windows\system32\drivers\ru-RU
2011-05-21 10:21:20 ----D---- C:\Windows\system32\drivers\etc
2011-05-21 10:21:20 ----D---- C:\Windows\system32\drivers\en-US
2011-05-21 10:21:20 ----D---- C:\Windows\system32\drivers\cs-CZ
2011-05-21 10:21:20 ----D---- C:\Windows\system32\de-DE
2011-05-21 10:21:20 ----D---- C:\Windows\system32\da-DK
2011-05-21 10:21:20 ----D---- C:\Windows\system32\cs
2011-05-21 10:21:19 ----D---- C:\Windows\system32\CodeIntegrity
2011-05-21 10:21:19 ----D---- C:\Windows\system32\bg-BG
2011-05-21 10:21:19 ----D---- C:\Windows\system32\ar-SA
2011-05-21 10:21:19 ----D---- C:\Windows\system32\AdvancedInstallers
2011-05-21 10:21:19 ----D---- C:\Windows\sk-SK
2011-05-21 10:21:18 ----D---- C:\Windows\rescache
2011-05-21 10:21:18 ----D---- C:\Windows\PolicyDefinitions
2011-05-21 10:21:18 ----D---- C:\Windows\L2Schemas
2011-05-21 10:21:18 ----D---- C:\Windows\IME
2011-05-21 10:21:17 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2011-05-21 10:21:17 ----D---- C:\Windows\en-US
2011-05-21 10:21:17 ----D---- C:\Windows\cs-CZ
2011-05-21 10:21:13 ----D---- C:\Program Files\Windows Photo Viewer
2011-05-21 10:18:56 ----D---- C:\Windows\system32\XPSViewer
2011-05-21 10:18:55 ----D---- C:\Windows\system32\winrm
2011-05-21 10:18:54 ----D---- C:\Windows\system32\WCN
2011-05-21 10:18:51 ----D---- C:\Windows\system32\Tasks
2011-05-21 10:18:50 ----D---- C:\Windows\system32\spp
2011-05-21 10:18:50 ----D---- C:\Windows\system32\Speech
2011-05-21 10:18:50 ----D---- C:\Windows\system32\SMI
2011-05-21 10:18:49 ----D---- C:\Windows\system32\slmgr
2011-05-21 10:18:48 ----D---- C:\Windows\system32\RTCOM
2011-05-21 10:18:46 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2011-05-21 10:18:43 ----D---- C:\Windows\system32\NDF
2011-05-21 10:18:43 ----D---- C:\Windows\system32\MUI
2011-05-21 10:18:40 ----D---- C:\Windows\system32\Macromed
2011-05-21 10:18:38 ----D---- C:\Windows\system32\IME
2011-05-21 10:17:59 ----D---- C:\Windows\system32\Boot
2011-05-21 10:17:58 ----D---- C:\Windows\system32\Adobe
2011-05-21 10:17:58 ----D---- C:\Windows\Speech
2011-05-21 10:17:57 ----D---- C:\Windows\schemas
2011-05-21 10:17:57 ----D---- C:\Windows\security
2011-05-21 10:17:57 ----D---- C:\Windows\pss
2011-05-21 10:17:57 ----D---- C:\Windows\Microsoft.NET
2011-05-21 10:17:46 ----SHD---- C:\Windows\Installer
2011-05-21 10:17:37 ----D---- C:\Windows\Help
2011-05-21 10:17:37 ----D---- C:\Windows\Globalization
2011-05-21 10:17:31 ----RSD---- C:\Windows\assembly
2011-05-21 10:17:21 ----D---- C:\Windows\AppCompat
2011-05-21 10:17:20 ----D---- C:\Users\PC\AppData\Roaming\vlc
2011-05-21 10:17:20 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2011-05-21 10:17:20 ----D---- C:\Users\PC\AppData\Roaming\Teeworlds
2011-05-21 10:17:19 ----D---- C:\Users\PC\AppData\Roaming\Software Informer
2011-05-21 10:17:19 ----D---- C:\Users\PC\AppData\Roaming\PSpad
2011-05-21 10:17:17 ----D---- C:\Users\PC\AppData\Roaming\IrfanView
2011-05-21 10:17:17 ----D---- C:\Users\PC\AppData\Roaming\Icon7
2011-05-21 10:17:17 ----D---- C:\Users\PC\AppData\Roaming\HLSW
2011-05-21 10:17:17 ----D---- C:\Users\PC\AppData\Roaming\gtk-2.0
2011-05-21 10:17:17 ----D---- C:\Users\PC\AppData\Roaming\GHISLER
2011-05-21 10:17:17 ----D---- C:\Users\PC\AppData\Roaming\Bioshock
2011-05-21 10:17:14 ----D---- C:\Python26
2011-05-21 10:17:13 ----HD---- C:\ProgramData
2011-05-21 10:17:13 ----D---- C:\ProgramData\TalkAndWrite
2011-05-21 10:17:13 ----D---- C:\ProgramData\Skype
2011-05-21 10:17:07 ----D---- C:\ProgramData\ESET
2011-05-21 10:17:04 ----D---- C:\Program Files\Windows NT
2011-05-21 10:17:03 ----D---- C:\Program Files\uTorrent
2011-05-21 10:17:03 ----D---- C:\Program Files\Software Informer
2011-05-21 10:17:03 ----D---- C:\Program Files\Softinterface, Inc
2011-05-21 10:17:03 ----D---- C:\Program Files\Smart Projects
2011-05-21 10:17:02 ----RD---- C:\Program Files\Skype
2011-05-21 10:17:02 ----D---- C:\Program Files\Realtek
2011-05-21 10:17:02 ----D---- C:\Program Files\Razor
2011-05-21 10:17:02 ----D---- C:\Program Files\QuickTime
2011-05-21 10:17:00 ----D---- C:\Program Files\PSPad editor
2011-05-21 10:17:00 ----D---- C:\Program Files\Prey Demo
2011-05-21 10:17:00 ----D---- C:\Program Files\Paradox Interactive
2011-05-21 10:17:00 ----D---- C:\Program Files\Opera
2011-05-21 10:16:56 ----D---- C:\Program Files\OpenAL
2011-05-21 10:16:56 ----D---- C:\Program Files\NVIDIA Corporation
2011-05-21 10:16:55 ----D---- C:\Program Files\Mozilla Firefox
2011-05-21 10:16:53 ----D---- C:\Program Files\Miranda IM
2011-05-21 10:16:52 ----D---- C:\Program Files\MagicDisc
2011-05-21 10:16:52 ----D---- C:\Program Files\LogMeIn Hamachi
2011-05-21 10:16:52 ----D---- C:\Program Files\JMicron
2011-05-21 10:16:50 ----D---- C:\Program Files\JAM_EE
2011-05-21 10:16:49 ----HD---- C:\Program Files\InstallShield Installation Information
2011-05-21 10:16:47 ----D---- C:\Program Files\FileZilla FTP Client
2011-05-21 10:16:47 ----D---- C:\Program Files\Fantasy Grounds II Demo
2011-05-21 10:16:47 ----D---- C:\Program Files\Fantasy Grounds II
2011-05-21 10:16:45 ----D---- C:\Program Files\ESET
2011-05-21 10:16:45 ----D---- C:\Program Files\Endor Updater
2011-05-21 10:16:45 ----D---- C:\Program Files\DebugMode
2011-05-21 10:16:45 ----D---- C:\Program Files\DAEMON Tools Lite
2011-05-21 10:16:44 ----D---- C:\Program Files\Creative
2011-05-21 10:16:44 ----D---- C:\Program Files\Convert AVI to MP4
2011-05-21 10:16:43 ----D---- C:\Program Files\Common Files\Steam
2011-05-21 10:16:43 ----D---- C:\Program Files\Common Files\SpeechEngines
2011-05-21 10:16:43 ----D---- C:\Program Files\Common Files\Skype
2011-05-21 10:16:43 ----D---- C:\Program Files\Common Files\microsoft shared
2011-05-21 10:16:43 ----D---- C:\Program Files\Common Files
2011-05-21 10:16:41 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-05-21 10:16:41 ----D---- C:\Program Files\CCleaner
2011-05-21 10:16:41 ----D---- C:\Program Files\CamStudio
2011-05-21 10:16:41 ----D---- C:\Program Files\BRS
2011-05-21 10:16:41 ----D---- C:\Program Files\Altitude
2011-05-21 10:16:39 ----D---- C:\Program Files\All Video Converter
2011-05-21 10:16:39 ----D---- C:\Program Files\Adobe
2011-05-21 10:16:39 ----D---- C:\Program Files\1C Company
2011-05-21 10:16:39 ----D---- C:\OpenSSL-Win32
2011-05-21 10:16:38 ----D---- C:\Fraps
2011-05-21 10:16:36 ----D---- C:\Drivers
2011-05-21 10:16:33 ----SHD---- C:\$RECYCLE.BIN
2011-05-21 10:16:33 ----D---- C:\Dev-Cpp
2011-05-21 10:16:31 ----D---- C:\Program Files\AntiTwin
2011-05-21 10:16:31 ----D---- C:\Program Files\AIMP2
2011-05-21 10:16:31 ----D---- C:\Program Files\ABCgames Cheater
2011-05-21 10:16:31 ----D---- C:\Program Files\20Dollars2Surf
2011-05-21 10:16:30 ----D---- C:\Program Files\AVS4YOU
2011-05-21 10:16:30 ----D---- C:\Program Files\Avidemux 2.5
2011-05-21 10:16:30 ----D---- C:\Program Files\ATnotes
2011-05-21 10:16:30 ----D---- C:\Program Files\Apple Software Update
2011-05-21 10:16:29 ----D---- C:\Program Files\BatteryBar
2011-05-21 10:16:28 ----D---- C:\Program Files\CDBurnerXP
2011-05-21 10:16:27 ----D---- C:\Program Files\Common Files\EPSON
2011-05-21 10:16:26 ----D---- C:\Program Files\DOSBox-0.74
2011-05-21 10:16:26 ----D---- C:\Program Files\Desura
2011-05-21 10:16:26 ----D---- C:\Program Files\Defcon
2011-05-21 10:16:18 ----D---- C:\Program Files\GameSpy Arcade
2011-05-21 10:16:18 ----D---- C:\Program Files\gabob
2011-05-21 10:16:17 ----D---- C:\Program Files\Heroes Studio
2011-05-21 10:16:17 ----D---- C:\Program Files\HD Tune
2011-05-21 10:16:17 ----D---- C:\Program Files\GURPS ® NPC Generator
2011-05-21 10:16:17 ----D---- C:\Program Files\Google
2011-05-21 10:16:17 ----D---- C:\Program Files\Gish demo
2011-05-21 10:16:17 ----D---- C:\Program Files\Ghostgum
2011-05-21 10:16:16 ----D---- C:\Program Files\ImageMagick
2011-05-21 10:16:15 ----D---- C:\Program Files\ImageShack Uploader
2011-05-21 10:16:14 ----D---- C:\Program Files\Jabbim
2011-05-21 10:16:14 ----D---- C:\Program Files\IntelBurnTest
2011-05-21 10:16:13 ----D---- C:\Program Files\MathType
2011-05-21 10:16:13 ----D---- C:\Program Files\M.A.R.S
2011-05-21 10:16:10 ----D---- C:\Program Files\Microsoft Silverlight
2011-05-21 10:16:05 ----D---- C:\Program Files\Miranda Micro 1.2
2011-05-21 10:16:03 ----D---- C:\Program Files\nbos
2011-05-21 10:16:02 ----D---- C:\Program Files\Oldgames
2011-05-21 10:15:59 ----D---- C:\Program Files\PDFCreator
2011-05-21 10:15:59 ----D---- C:\Program Files\PC Connectivity Solution
2011-05-21 10:15:58 ----D---- C:\Program Files\Pidgin
2011-05-21 10:15:58 ----D---- C:\Program Files\PFPortChecker
2011-05-21 10:15:58 ----D---- C:\Program Files\pdfforge Toolbar
2011-05-21 10:15:56 ----D---- C:\Program Files\Real
2011-05-21 10:15:55 ----D---- C:\Program Files\RisenMDS
2011-05-21 10:15:52 ----D---- C:\Program Files\TeamSpeak 3 Client
2011-05-21 10:15:52 ----D---- C:\Program Files\SugarSync
2011-05-21 10:15:52 ----D---- C:\Program Files\SensorsViewPro41
2011-05-21 10:15:52 ----D---- C:\Program Files\Scorpions WinCheater
2011-05-21 10:15:51 ----D---- C:\Program Files\Trillian
2011-05-21 10:15:51 ----D---- C:\Program Files\TmNationsForever
2011-05-21 10:15:51 ----D---- C:\Program Files\The KMPlayer
2011-05-21 10:15:49 ----D---- C:\Program Files\Wesnoth
2011-05-21 10:15:48 ----D---- C:\Program Files\Windows Live
2011-05-21 10:15:46 ----D---- C:\Program Files\Xfire
2011-05-21 10:15:46 ----D---- C:\Program Files\WinHTTrack
2011-05-21 10:15:45 ----D---- C:\ProgramData\Masters ITC
2011-05-21 10:15:45 ----D---- C:\Program Files\Zod Engine
2011-05-21 10:15:30 ----D---- C:\ProgramData\Xfire
2011-05-21 10:15:20 ----D---- C:\Users\PC\AppData\Roaming\Epson
2011-05-21 10:15:20 ----D---- C:\Users\PC\AppData\Roaming\Dev-Cpp
2011-05-21 10:15:20 ----D---- C:\Users\PC\AppData\Roaming\AIMP
2011-05-21 10:15:19 ----D---- C:\Users\PC\AppData\Roaming\jabbim
2011-05-21 10:15:16 ----D---- C:\Users\PC\AppData\Roaming\mIRC
2011-05-21 10:15:15 ----D---- C:\Users\PC\AppData\Roaming\WebSurf.ru
2011-05-21 10:15:15 ----D---- C:\Users\PC\AppData\Roaming\TS3Client
2011-05-21 10:15:15 ----D---- C:\Users\PC\AppData\Roaming\teamspeak2
2011-05-21 10:15:14 ----D---- C:\Users\PC\AppData\Roaming\Xfire
2011-05-21 10:14:34 ----HD---- C:\Windows\system32\GroupPolicy
2011-05-21 10:12:11 ----D---- C:\wopt021
2011-05-21 10:12:11 ----D---- C:\Windows\registration
2011-05-21 10:10:18 ----D---- C:\Windows\system32\wdi
2011-05-21 10:09:51 ----D---- C:\Windows\system32\spool
2011-05-21 10:04:57 ----D---- C:\Windows\system32\catroot
2011-05-21 10:00:38 ----RD---- C:\Users
2011-05-21 10:00:13 ----D---- C:\Users\PC\AppData\Roaming\Opera
2011-05-21 10:00:13 ----D---- C:\Users\PC\AppData\Roaming\Mozilla
2011-05-21 10:00:11 ----SD---- C:\Users\PC\AppData\Roaming\Microsoft
2011-05-21 10:00:11 ----D---- C:\Users\PC\AppData\Roaming\IObit
2011-05-21 09:59:49 ----SD---- C:\ProgramData\Microsoft
2011-05-21 09:59:42 ----D---- C:\ProgramData\Apple Computer
2011-05-21 09:59:29 ----D---- C:\Program Files\TeamViewer
2011-05-21 09:59:08 ----D---- C:\Program Files\OpenOffice.org 3
2011-05-21 09:58:25 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2011-05-21 09:58:19 ----D---- C:\Program Files\Java
2011-05-21 09:58:18 ----D---- C:\Program Files\IObit
2011-05-21 09:58:06 ----D---- C:\Program Files\Icon7
2011-05-21 09:57:32 ----D---- C:\Program Files\Common Files\Java
2011-05-21 09:57:32 ----D---- C:\Program Files\Common Files\Adobe
2011-05-21 09:57:00 ----D---- C:\NVIDIA
2011-05-21 09:56:58 ----D---- C:\Games
2011-05-21 09:51:44 ----D---- C:\Users\PC\AppData\Roaming\.purple
2011-05-21 09:34:06 ----D---- C:\Program Files\Common Files\Desura
2011-05-21 09:33:02 ----D---- C:\ProgramData\MFAData
2011-05-21 08:54:33 ----D---- C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2011-05-21 08:54:20 ----D---- C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2011-05-21 08:12:00 ----D---- C:\Windows\Prefetch
2011-05-21 08:01:45 ----D---- C:\Windows\ERDNT
2011-05-20 22:13:18 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-05-19 14:24:43 ----D---- C:\ProgramData\Real
2011-05-19 14:24:38 ----D---- C:\Users\PC\AppData\Roaming\Real
2011-05-19 14:05:39 ----HD---- C:\Program Files\Temp
2011-05-14 22:00:42 ----D---- C:\Users\PC\AppData\Roaming\Miranda
2011-05-14 22:00:42 ----D---- C:\Users\PC\AppData\Roaming\FileZilla
2011-05-14 22:00:28 ----D---- C:\Windows\debug
2011-05-12 20:10:58 ----D---- C:\Users\PC\AppData\Roaming\skypePM
2011-04-24 22:44:47 ----D---- C:\Windows\Logs
2011-04-23 22:18:22 ----D---- C:\Users\PC\AppData\Roaming\.minecraft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2009-08-04 213024]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 psdrv02;CD Guard Environment Driver (v2); C:\Windows\system32\drivers\psdrv02.sys [2006-09-11 67960]
R0 pssync05;CD Guard Synchronization Driver (v5); C:\Windows\system32\drivers\pssync05.sys [2006-11-03 61312]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-17 691696]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-07 114984]
R1 SSHDRV65;SSHDRV65; \??\C:\Windows\system32\drivers\SSHDRV65.sys [2010-06-21 120320]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 69480]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-07-08 281760]
R2 cpuz133;cpuz133; \??\C:\Windows\system32\drivers\cpuz133_x32.sys [2010-03-30 20968]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-04-07 133512]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-04-07 134488]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-04-07 41312]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-07-08 25888]
R3 bbcap;bbcap; C:\Windows\system32\DRIVERS\bbcap.sys [2010-07-30 4096]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 59904]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-04-07 32584]
R3 I7Z300Filter;Icon7_Z300; C:\Windows\system32\drivers\I7Z300.sys [2010-01-20 12800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-20 2664032]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-14 116064]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28.sys [2010-02-09 722720]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2009-06-27 66080]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2009-07-30 287392]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 17920]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-07-14 1068032]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\PC\AppData\Local\Temp\UDC2BE0.tmp []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 PCD65X2;PCD65X2; \??\C:\Users\PC\AppData\Local\Temp\PCD65X2.sys []
S3 PCD65X3;PCD65X3; \??\C:\Users\PC\AppData\Local\Temp\PCD65X3.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 169320]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 42472]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 79872]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 61168]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-09-14 49400]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S3 Z300Fltr;Icon7 Z300 Gaming Laser Mouse; C:\Windows\system32\drivers\I7Z300.sys [2010-01-20 12800]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-04-07 810120]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-06-07 129640]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-07-06 173352]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-10-21 148848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 psrem02;CD Guard Drivers Auto Removal (v2); C:\Windows\system32\psrem02.exe [2006-05-11 358008]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-04-07 33560]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-07-20 407336]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

VIRY.CZ

Audiodg.exe nebo něco podobného.

Audiodg.exe nebo něco podobného.

Re: Audiodg.exe nebo něco podobného.

Re: Audiodg.exe nebo něco podobného.

Re: Audiodg.exe nebo něco podobného.

Re: Audiodg.exe nebo něco podobného.

Re: Audiodg.exe nebo něco podobného.

Re: Audiodg.exe nebo něco podobného.

Re: Audiodg.exe nebo něco podobného.

Re: Audiodg.exe nebo něco podobného.

Re: Audiodg.exe nebo něco podobného.

Re: Audiodg.exe nebo něco podobného.

Re: Audiodg.exe nebo něco podobného.

Re: Audiodg.exe nebo něco podobného.

Re: Audiodg.exe nebo něco podobného.

Re: Audiodg.exe nebo něco podobného.