Preventivka

Zpráva

Vajo147 · #1 Příspěvek od **Vajo147** » 07 srp 2010 20:42

Dobry vecer,
tu je moj log :
Logfile of random's system information tool 1.08 (written by random/random)
Run by Peter at 2010-08-07 21:40:35
Microsoft Windows 7 Home Premium
System drive C: has 50 GB (42%) free of 119 GB
Total RAM: 4095 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:40:40, on 7. 8. 2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
D:\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
D:\World of Warcraft\Wow.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Peter.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [reset] regedit /s reset.reg
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\SysWOW64\NeroCheck.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [QuickTime Task] "D:\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0511BC3-AEC4-46F5-93B9-083911F66265}: NameServer = 10.0.2.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10784 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
WLIDSvcM.exe 2076
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"taskhost.exe"
taskeng.exe {3FAC28CF-B8E0-4678-98CD-16B031461A41}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"D:\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
Atouch64.exe
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
ATKOSD.exe
KBFiltr.exe
WDC.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"D:\World of Warcraft\Wow.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3820.5e65a20.380727470 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 3820 plugin \\.\pipe\gecko-crash-server-pipe.3820
"C:\Users\Peter\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for Peter.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-03-03 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"EeeStorageBackup"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-11-26 1732608]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-08-12 323072]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-09-11 2716216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=D:\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-01-23 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-03 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-09-11 8114720]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2010-07-12 74752]
"reset"=regedit /s reset.reg []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"NeroFilterCheck"=C:\Windows\SysWOW64\NeroCheck.exe [2001-07-09 155648]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]
"QuickTime Task"=D:\QuickTime\QTTask.exe [2010-03-18 421888]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-07 21:40:36 ----D---- C:\Program Files\trend micro
2010-08-07 20:59:57 ----A---- C:\Windows\War3Unin.pif
2010-08-07 20:59:57 ----A---- C:\Windows\War3Unin.exe
2010-08-07 19:00:30 ----A---- C:\Windows\Eurobattle.net Setup Log.txt
2010-08-05 22:05:06 ----D---- C:\Users\Peter\AppData\Roaming\JLC's Software
2010-08-05 22:04:58 ----D---- C:\Program Files (x86)\JLC's Software
2010-08-03 22:05:16 ----A---- C:\Windows\SYSWOW64\javaws.exe
2010-08-03 22:05:16 ----A---- C:\Windows\SYSWOW64\javaw.exe
2010-08-03 22:05:16 ----A---- C:\Windows\SYSWOW64\java.exe
2010-08-03 17:40:36 ----A---- C:\Windows\system32\shell32.dll
2010-08-03 17:40:33 ----A---- C:\Windows\SYSWOW64\shell32.dll
2010-07-29 19:28:10 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-07-29 19:27:32 ----D---- C:\ProgramData\NVIDIA Corporation
2010-07-29 19:25:32 ----A---- C:\Windows\system32\nvhdap64.dll
2010-07-29 19:25:32 ----A---- C:\Windows\system32\nvapo64v.dll
2010-07-29 19:25:32 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2010-07-29 19:25:15 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2010-07-29 19:25:13 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2010-07-29 19:25:13 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2010-07-29 19:25:13 ----A---- C:\Windows\system32\OpenCL.dll
2010-07-29 19:25:11 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2010-07-29 19:25:11 ----A---- C:\Windows\SYSWOW64\nvdecodemft.dll
2010-07-29 19:25:11 ----A---- C:\Windows\system32\nvoglv64.dll
2010-07-29 19:25:11 ----A---- C:\Windows\system32\nvdecodemft.dll
2010-07-29 19:25:08 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2010-07-29 19:25:08 ----A---- C:\Windows\system32\nvd3dumx.dll
2010-07-29 19:25:08 ----A---- C:\Windows\system32\nvcuvid.dll
2010-07-29 19:25:08 ----A---- C:\Windows\system32\nvcuvenc.dll
2010-07-29 19:25:06 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2010-07-29 19:25:06 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2010-07-29 19:25:06 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2010-07-29 19:25:06 ----A---- C:\Windows\system32\nvcuda.dll
2010-07-29 19:25:03 ----A---- C:\Windows\system32\nvcompiler.dll
2010-07-29 19:25:03 ----A---- C:\Windows\system32\nvcod1922.dll
2010-07-29 19:25:03 ----A---- C:\Windows\system32\nvcod.dll
2010-07-27 18:32:19 ----D---- C:\Windows\65F1CF6331E0450B96F34A88BE7361A6.TMP
2010-07-22 19:27:17 ----D---- C:\ProgramData\Cabela's Trophy Bucks Saves
2010-07-22 19:24:11 ----D---- C:\Program Files (x86)\Activision Value
2010-07-20 21:25:02 ----D---- C:\Users\Peter\AppData\Roaming\Leadertech
2010-07-20 21:11:14 ----D---- C:\Program Files (x86)\EA Sports
2010-07-19 14:05:38 ----D---- C:\Windows\SYSWOW64\directx
2010-07-19 11:11:45 ----D---- C:\Users\Peter\AppData\Roaming\Ubisoft
2010-07-19 10:59:28 ----D---- C:\Program Files (x86)\Ubisoft
2010-07-19 10:59:21 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2010-07-19 10:59:21 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2010-07-19 10:59:21 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-07-19 10:59:21 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-07-19 10:59:20 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2010-07-19 10:59:20 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-07-19 10:59:19 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2010-07-19 10:59:19 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2010-07-19 10:59:19 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-07-19 10:59:19 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-07-19 10:59:18 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2010-07-19 10:59:18 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2010-07-19 10:59:18 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-07-19 10:59:18 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-07-19 10:59:17 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2010-07-19 10:59:17 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2010-07-19 10:59:17 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-07-19 10:59:17 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-07-19 10:59:16 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2010-07-19 10:59:16 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-07-19 10:59:15 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2010-07-19 10:59:15 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2010-07-19 10:59:15 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2010-07-19 10:59:15 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-07-19 10:59:15 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-07-19 10:59:15 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-07-19 10:59:14 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2010-07-19 10:59:14 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-07-19 10:59:13 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2010-07-19 10:59:13 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2010-07-19 10:59:13 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2010-07-19 10:59:13 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-07-19 10:59:13 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-07-19 10:59:13 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-07-19 10:59:12 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2010-07-19 10:59:12 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2010-07-19 10:59:12 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-07-19 10:59:12 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-07-19 10:59:11 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2010-07-19 10:59:11 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2010-07-19 10:59:11 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2010-07-19 10:59:11 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-07-19 10:59:11 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-07-19 10:59:11 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-07-19 10:59:10 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2010-07-19 10:59:10 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2010-07-19 10:59:10 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2010-07-19 10:59:10 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2010-07-19 10:59:10 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-07-19 10:59:10 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-07-19 10:59:10 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-07-19 10:59:10 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-07-19 10:59:09 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2010-07-19 10:59:09 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2010-07-19 10:59:09 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-07-19 10:59:09 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-07-19 10:59:08 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2010-07-19 10:59:08 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2010-07-19 10:59:08 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-07-19 10:59:08 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-07-19 10:59:07 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2010-07-19 10:59:07 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2010-07-19 10:59:07 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2010-07-19 10:59:07 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-07-19 10:59:07 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-07-19 10:59:07 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-07-19 10:59:05 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2010-07-19 10:59:05 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-07-19 10:59:04 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2010-07-19 10:59:04 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2010-07-19 10:59:04 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2010-07-19 10:59:04 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-07-19 10:59:04 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-07-19 10:59:04 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-07-19 10:59:03 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2010-07-19 10:59:03 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-07-19 10:59:02 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2010-07-19 10:59:02 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2010-07-19 10:59:02 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2010-07-19 10:59:02 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-07-19 10:59:02 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-07-19 10:59:02 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-07-19 10:59:01 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2010-07-19 10:59:01 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2010-07-19 10:59:01 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2010-07-19 10:59:01 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-07-19 10:59:01 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-07-19 10:59:01 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-07-19 10:59:00 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2010-07-19 10:59:00 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2010-07-19 10:59:00 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-07-19 10:59:00 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-07-19 10:58:59 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2010-07-19 10:58:59 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2010-07-19 10:58:59 ----A---- C:\Windows\system32\xinput1_3.dll
2010-07-19 10:58:59 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-07-19 10:58:58 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2010-07-19 10:58:58 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2010-07-19 10:58:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2010-07-19 10:58:58 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-07-19 10:58:58 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-07-19 10:58:58 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-07-19 10:58:57 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2010-07-19 10:58:57 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2010-07-19 10:58:57 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-07-19 10:58:57 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-07-19 10:58:56 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2010-07-19 10:58:56 ----A---- C:\Windows\system32\d3dx10.dll
2010-07-19 10:58:53 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2010-07-19 10:58:53 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2010-07-19 10:58:53 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-07-19 10:58:53 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-07-19 10:58:52 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2010-07-19 10:58:52 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2010-07-19 10:58:52 ----A---- C:\Windows\system32\xinput1_2.dll
2010-07-19 10:58:52 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-07-19 10:58:52 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-07-19 10:58:51 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2010-07-19 10:58:51 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2010-07-19 10:58:51 ----A---- C:\Windows\system32\xinput1_1.dll
2010-07-19 10:58:51 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-07-19 10:58:50 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2010-07-19 10:58:50 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-07-19 10:58:46 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2010-07-19 10:58:46 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2010-07-19 10:58:46 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2010-07-19 10:58:46 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2010-07-19 10:58:46 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-07-19 10:58:46 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-07-19 10:58:46 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-07-19 10:58:46 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-07-19 10:58:45 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2010-07-19 10:58:45 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-07-19 10:58:44 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2010-07-19 10:58:44 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2010-07-19 10:58:44 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2010-07-19 10:58:44 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-07-19 10:58:44 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-07-19 10:58:44 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-07-19 10:58:43 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2010-07-19 10:58:43 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-07-17 14:02:08 ----D---- C:\Users\Peter\AppData\Roaming\Apple Computer
2010-07-17 14:01:15 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2010-07-17 14:00:17 ----D---- C:\ProgramData\Apple Computer
2010-07-17 13:59:38 ----D---- C:\Program Files (x86)\Apple Software Update
2010-07-17 13:59:20 ----D---- C:\Program Files\Common Files\Apple
2010-07-17 13:59:08 ----D---- C:\Program Files\Bonjour
2010-07-17 13:59:08 ----D---- C:\Program Files (x86)\Bonjour
2010-07-14 14:41:19 ----A---- C:\Windows\system32\cdd.dll
2010-07-09 16:17:18 ----A---- C:\Windows\system32\nvvsvc.exe
2010-07-09 16:17:18 ----A---- C:\Windows\system32\nvsvcr.dll
2010-07-09 16:17:18 ----A---- C:\Windows\system32\nvsvc64.dll
2010-07-09 16:17:18 ----A---- C:\Windows\system32\nvmctray.dll
2010-07-09 16:17:18 ----A---- C:\Windows\system32\nvhotkey.dll
2010-07-09 16:17:18 ----A---- C:\Windows\system32\nvcpl.dll

======List of files/folders modified in the last 1 months======

2010-08-07 21:40:40 ----D---- C:\Windows\Prefetch
2010-08-07 21:40:38 ----D---- C:\Windows\Temp
2010-08-07 21:40:36 ----RD---- C:\Program Files
2010-08-07 20:59:57 ----D---- C:\Windows
2010-08-07 19:44:24 ----D---- C:\Windows\system32\Tasks
2010-08-07 19:26:36 ----D---- C:\Windows\system32\config
2010-08-07 09:49:05 ----D---- C:\Windows\System32
2010-08-07 09:49:05 ----D---- C:\Windows\inf
2010-08-07 09:49:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-05 22:04:58 ----RD---- C:\Program Files (x86)
2010-08-05 18:52:26 ----SHD---- C:\System Volume Information
2010-08-03 22:06:47 ----SHD---- C:\Windows\Installer
2010-08-03 22:06:46 ----D---- C:\Program Files (x86)\Common Files
2010-08-03 22:05:16 ----D---- C:\Windows\SysWOW64
2010-08-03 22:05:12 ----D---- C:\Program Files (x86)\Java
2010-08-03 17:50:18 ----D---- C:\Windows\winsxs
2010-08-03 17:39:24 ----D---- C:\Windows\system32\catroot2
2010-08-03 17:39:24 ----D---- C:\Windows\system32\catroot
2010-07-30 16:41:23 ----D---- C:\Program Files (x86)\Winamp
2010-07-30 16:39:03 ----D---- C:\Users\Peter\AppData\Roaming\Winamp
2010-07-30 16:34:21 ----D---- C:\Program Files (x86)\Winamp Detect
2010-07-29 19:34:09 ----D---- C:\Windows\system32\drivers
2010-07-29 19:33:09 ----D---- C:\ProgramData\NVIDIA
2010-07-29 19:27:32 ----HD---- C:\ProgramData
2010-07-29 19:27:19 ----D---- C:\Program Files\NVIDIA Corporation
2010-07-29 19:27:12 ----D---- C:\Windows\system32\DriverStore
2010-07-29 19:12:05 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-07-26 13:50:17 ----D---- C:\Users\Peter\AppData\Roaming\BSplayer
2010-07-25 13:00:49 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-07-22 22:23:22 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2010-07-22 19:54:29 ----DC---- C:\Windows\system32\DRVSTORE
2010-07-22 12:07:04 ----D---- C:\Users\Peter\AppData\Roaming\Skype
2010-07-22 12:06:49 ----D---- C:\Users\Peter\AppData\Roaming\skypePM
2010-07-20 21:11:11 ----RSD---- C:\Windows\assembly
2010-07-19 10:58:48 ----D---- C:\Windows\Microsoft.NET
2010-07-17 14:04:27 ----A---- C:\Windows\system32\ServiceFilter.ini
2010-07-17 14:04:23 ----A---- C:\Windows\system32\AutoRunFilter.ini
2010-07-17 13:59:20 ----D---- C:\Program Files\Common Files
2010-07-17 05:00:04 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2010-07-14 20:04:44 ----D---- C:\ProgramData\Microsoft Help
2010-07-11 14:39:22 ----D---- C:\ProgramData\DivX
2010-07-10 00:38:00 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2010-07-10 00:38:00 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2010-07-10 00:38:00 ----A---- C:\Windows\system32\nvwgf2umx.dll
2010-07-10 00:38:00 ----A---- C:\Windows\system32\nvudisp.exe
2010-07-10 00:38:00 ----A---- C:\Windows\system32\nvapi64.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2010-01-23 35384]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-07-30 241696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-18 834544]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-09-11 136584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-09-11 144824]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-09-11 168544]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-09-11 44944]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-06-19 33608]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-09-11 2001056]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-06-22 131688]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 28704]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
S3 axf60bsc;axf60bsc; C:\Windows\system32\drivers\axf60bsc.sys []
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2009-09-11 735960]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 159336]
R2 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-06-10 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2010-07-22 215016]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-17 136176]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-09-11 23296]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-23 1255736]

-----------------EOF-----------------

Vajo147 · #2 Příspěvek od **Vajo147** » 09 srp 2010 08:34

ospavedlnujem sa ze sem pisem nechcem spamovat, ale fakt nik nema na mna cas?

wirelles · #3 Příspěvek od **wirelles** » 09 srp 2010 08:38

Musíš čekat je tady hrozně moc příspěvků které čekají na vyřešení

Vajo147 · #4 Příspěvek od **Vajo147** » 09 srp 2010 08:41

wirelles píše:Musíš čekat je tady hrozně moc příspěvků které čekají na vyřešení

ja to chapem,, ale niektorich ludi stihli vyriesit este dnes a ja tu mam log od 7.8

#5 Příspěvek od **Caroprd111** » 10 srp 2010 22:28

Zdravím

1. Pokud si odpovídáte sám na svůj příspěvek, tak se nemůžete divit, že se ztratíte mezi již řešené logy.

2. Podle pravidel fóra se zde nelegálním softwarem nezabýváme (nelegální programy představují bezpečnostní hrozbu).
Obstarejte si legální zabezpečení PC (antivir, firewall), poté sem vložte nový log z RSIT a log z CKScanner.

Vyberte si třeba free Aviru nebo Avast + nějaký firewall (doporučuji ZoneAlarm) http://www.viry.cz/forum/viewtopic.php?f=29&t=6152 + http://www.viry.cz/forum/viewtopic.php?f=41&t=6523

Obrázek

Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe

Spusťte a klikněte na "Search For Files", po dokončení skenu klikněte na "Save List to File" -> "OK"
Log s názvem ckfiles.txt bude uložený na ploše, obsah tohoto souboru sem vložte.

Vajo147 · #6 Příspěvek od **Vajo147** » 11 srp 2010 18:24

Dobry den,

Stiahol som si Aviru.Mam problem s Rsitom tesne pred dokoncenim mi vypise AutoIt error line-1 : error variable used without being declared
Tu je log z CK:
CKScanner - Additional Security Risks - These are not necessarily bad
c:\windows\prefetch\warcraft3 keygen.exe-df5a9dd0.pf
scanner sequence 3.AP.11
----- EOF -----
Inak chcem sa opytat co hovorite na MS essentials antivir.

Vajo147 · #7 Příspěvek od **Vajo147** » 11 srp 2010 18:26

Tak uz to mam

stacilo nanovo stiahnut program tu je LOG:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Peter at 2010-08-11 19:25:42
Microsoft Windows 7 Home Premium
System drive C: has 54 GB (46%) free of 119 GB
Total RAM: 4095 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:25:44, on 11. 8. 2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
D:\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Warcraft III\eb.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\trend micro\Peter.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [reset] regedit /s reset.reg
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\SysWOW64\NeroCheck.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [QuickTime Task] "D:\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [eurobattlegui] "D:\Warcraft III\eb.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0511BC3-AEC4-46F5-93B9-083911F66265}: NameServer = 10.0.2.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11037 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
WLIDSvcM.exe 2620
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000124c
\??\C:\Windows\system32\conhost.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\wbem\wmiprvse.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\nvvsvc.exe -session
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
Atouch64.exe
C:\Windows\Explorer.EXE
taskeng.exe {58604E8D-7B74-4C2B-B6A9-AD0E0224F7C3}
ATKOSD.exe
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
KBFiltr.exe
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files\P4G\BatteryLife.exe"
WDC.exe
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"D:\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"D:\Warcraft III\eb.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4472.92ed660.2071037185 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 4472 plugin \\.\pipe\gecko-crash-server-pipe.4472
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Users\Peter\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for Peter.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-03-03 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"EeeStorageBackup"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-11-26 1732608]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-08-12 323072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=D:\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-01-23 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-03 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-09-11 8114720]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2010-07-12 74752]
"reset"=regedit /s reset.reg []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"NeroFilterCheck"=C:\Windows\SysWOW64\NeroCheck.exe [2001-07-09 155648]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]
"QuickTime Task"=D:\QuickTime\QTTask.exe [2010-03-18 421888]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"eurobattlegui"=D:\Warcraft III\eb.exe [2009-10-22 757760]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-11 19:14:18 ----D---- C:\Users\Peter\AppData\Roaming\Avira
2010-08-11 19:12:05 ----D---- C:\ProgramData\Avira
2010-08-11 19:12:05 ----D---- C:\Program Files (x86)\Avira
2010-08-11 19:12:05 ----A---- C:\Windows\SYSWOW64\drivers\avgntmgr.sys
2010-08-11 19:12:05 ----A---- C:\Windows\SYSWOW64\drivers\avgntdd.sys
2010-08-11 19:12:05 ----A---- C:\Windows\system32\drivers\avipbb.sys
2010-08-11 19:12:05 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2010-08-11 18:56:47 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-11 18:56:46 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2010-08-11 18:56:45 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2010-08-11 18:56:43 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-11 18:56:42 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-08-11 18:56:42 ----A---- C:\Windows\system32\schannel.dll
2010-08-11 18:56:26 ----A---- C:\Windows\system32\mshtml.dll
2010-08-11 18:56:26 ----A---- C:\Windows\system32\ieframe.dll
2010-08-11 18:56:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-08-11 18:56:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-08-11 18:56:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-08-11 18:56:20 ----A---- C:\Windows\system32\wininet.dll
2010-08-11 18:56:20 ----A---- C:\Windows\system32\urlmon.dll
2010-08-11 18:56:19 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-08-11 18:56:19 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-08-11 18:56:19 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-08-11 18:56:19 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-08-11 18:56:19 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-08-11 18:56:19 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-08-11 18:56:19 ----A---- C:\Windows\system32\mstime.dll
2010-08-11 18:56:19 ----A---- C:\Windows\system32\ieui.dll
2010-08-11 18:56:19 ----A---- C:\Windows\system32\iepeers.dll
2010-08-11 18:56:19 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-11 18:56:18 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-08-11 18:56:18 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-08-11 18:56:18 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-11 18:56:18 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-11 18:56:18 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-11 18:56:17 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2010-08-11 18:56:16 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-11 18:56:16 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-11 18:56:16 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-11 18:56:08 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2010-08-11 18:56:08 ----A---- C:\Windows\system32\rtutils.dll
2010-08-11 18:56:06 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2010-08-11 18:56:06 ----A---- C:\Windows\system32\msxml3.dll
2010-08-11 18:55:49 ----A---- C:\Windows\system32\win32k.sys
2010-08-09 10:21:45 ----D---- C:\Users\Peter\AppData\Roaming\TS3Client
2010-08-07 22:04:34 ----D---- C:\Windows\Eurobattle.net
2010-08-07 21:40:36 ----D---- C:\Program Files\trend micro
2010-08-07 20:59:57 ----A---- C:\Windows\War3Unin.pif
2010-08-07 20:59:57 ----A---- C:\Windows\War3Unin.exe
2010-08-07 19:00:30 ----A---- C:\Windows\Eurobattle.net Setup Log.txt
2010-08-05 22:05:06 ----D---- C:\Users\Peter\AppData\Roaming\JLC's Software
2010-08-05 22:04:58 ----D---- C:\Program Files (x86)\JLC's Software
2010-08-03 22:05:16 ----A---- C:\Windows\SYSWOW64\javaws.exe
2010-08-03 22:05:16 ----A---- C:\Windows\SYSWOW64\javaw.exe
2010-08-03 22:05:16 ----A---- C:\Windows\SYSWOW64\java.exe
2010-08-03 17:40:36 ----A---- C:\Windows\system32\shell32.dll
2010-08-03 17:40:33 ----A---- C:\Windows\SYSWOW64\shell32.dll
2010-07-29 19:28:10 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-07-29 19:27:32 ----D---- C:\ProgramData\NVIDIA Corporation
2010-07-29 19:25:32 ----A---- C:\Windows\system32\nvhdap64.dll
2010-07-29 19:25:32 ----A---- C:\Windows\system32\nvapo64v.dll
2010-07-29 19:25:32 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2010-07-29 19:25:15 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2010-07-29 19:25:13 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2010-07-29 19:25:13 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2010-07-29 19:25:13 ----A---- C:\Windows\system32\OpenCL.dll
2010-07-29 19:25:11 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2010-07-29 19:25:11 ----A---- C:\Windows\SYSWOW64\nvdecodemft.dll
2010-07-29 19:25:11 ----A---- C:\Windows\system32\nvoglv64.dll
2010-07-29 19:25:11 ----A---- C:\Windows\system32\nvdecodemft.dll
2010-07-29 19:25:08 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2010-07-29 19:25:08 ----A---- C:\Windows\system32\nvd3dumx.dll
2010-07-29 19:25:08 ----A---- C:\Windows\system32\nvcuvid.dll
2010-07-29 19:25:08 ----A---- C:\Windows\system32\nvcuvenc.dll
2010-07-29 19:25:06 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2010-07-29 19:25:06 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2010-07-29 19:25:06 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2010-07-29 19:25:06 ----A---- C:\Windows\system32\nvcuda.dll
2010-07-29 19:25:03 ----A---- C:\Windows\system32\nvcompiler.dll
2010-07-29 19:25:03 ----A---- C:\Windows\system32\nvcod1922.dll
2010-07-29 19:25:03 ----A---- C:\Windows\system32\nvcod.dll
2010-07-27 18:32:19 ----D---- C:\Windows\65F1CF6331E0450B96F34A88BE7361A6.TMP
2010-07-22 19:27:17 ----D---- C:\ProgramData\Cabela's Trophy Bucks Saves
2010-07-22 19:24:11 ----D---- C:\Program Files (x86)\Activision Value
2010-07-20 21:25:02 ----D---- C:\Users\Peter\AppData\Roaming\Leadertech
2010-07-20 21:11:14 ----D---- C:\Program Files (x86)\EA Sports
2010-07-19 14:05:38 ----D---- C:\Windows\SYSWOW64\directx
2010-07-19 11:11:45 ----D---- C:\Users\Peter\AppData\Roaming\Ubisoft
2010-07-19 10:59:28 ----D---- C:\Program Files (x86)\Ubisoft
2010-07-19 10:59:21 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2010-07-19 10:59:21 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2010-07-19 10:59:21 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-07-19 10:59:21 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-07-19 10:59:20 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2010-07-19 10:59:20 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-07-19 10:59:19 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2010-07-19 10:59:19 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2010-07-19 10:59:19 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-07-19 10:59:19 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-07-19 10:59:18 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2010-07-19 10:59:18 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2010-07-19 10:59:18 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-07-19 10:59:18 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-07-19 10:59:17 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2010-07-19 10:59:17 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2010-07-19 10:59:17 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-07-19 10:59:17 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-07-19 10:59:16 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2010-07-19 10:59:16 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-07-19 10:59:15 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2010-07-19 10:59:15 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2010-07-19 10:59:15 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2010-07-19 10:59:15 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-07-19 10:59:15 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-07-19 10:59:15 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-07-19 10:59:14 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2010-07-19 10:59:14 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-07-19 10:59:13 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2010-07-19 10:59:13 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2010-07-19 10:59:13 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2010-07-19 10:59:13 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-07-19 10:59:13 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-07-19 10:59:13 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-07-19 10:59:12 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2010-07-19 10:59:12 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2010-07-19 10:59:12 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-07-19 10:59:12 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-07-19 10:59:11 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2010-07-19 10:59:11 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2010-07-19 10:59:11 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2010-07-19 10:59:11 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-07-19 10:59:11 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-07-19 10:59:11 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-07-19 10:59:10 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2010-07-19 10:59:10 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2010-07-19 10:59:10 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2010-07-19 10:59:10 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2010-07-19 10:59:10 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-07-19 10:59:10 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-07-19 10:59:10 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-07-19 10:59:10 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-07-19 10:59:09 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2010-07-19 10:59:09 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2010-07-19 10:59:09 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-07-19 10:59:09 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-07-19 10:59:08 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2010-07-19 10:59:08 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2010-07-19 10:59:08 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-07-19 10:59:08 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-07-19 10:59:07 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2010-07-19 10:59:07 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2010-07-19 10:59:07 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2010-07-19 10:59:07 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-07-19 10:59:07 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-07-19 10:59:07 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-07-19 10:59:05 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2010-07-19 10:59:05 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-07-19 10:59:04 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2010-07-19 10:59:04 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2010-07-19 10:59:04 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2010-07-19 10:59:04 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-07-19 10:59:04 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-07-19 10:59:04 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-07-19 10:59:03 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2010-07-19 10:59:03 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-07-19 10:59:02 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2010-07-19 10:59:02 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2010-07-19 10:59:02 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2010-07-19 10:59:02 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-07-19 10:59:02 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-07-19 10:59:02 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-07-19 10:59:01 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2010-07-19 10:59:01 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2010-07-19 10:59:01 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2010-07-19 10:59:01 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-07-19 10:59:01 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-07-19 10:59:01 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-07-19 10:59:00 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2010-07-19 10:59:00 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2010-07-19 10:59:00 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-07-19 10:59:00 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-07-19 10:58:59 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2010-07-19 10:58:59 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2010-07-19 10:58:59 ----A---- C:\Windows\system32\xinput1_3.dll
2010-07-19 10:58:59 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-07-19 10:58:58 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2010-07-19 10:58:58 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2010-07-19 10:58:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2010-07-19 10:58:58 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-07-19 10:58:58 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-07-19 10:58:58 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-07-19 10:58:57 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2010-07-19 10:58:57 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2010-07-19 10:58:57 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-07-19 10:58:57 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-07-19 10:58:56 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2010-07-19 10:58:56 ----A---- C:\Windows\system32\d3dx10.dll
2010-07-19 10:58:53 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2010-07-19 10:58:53 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2010-07-19 10:58:53 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-07-19 10:58:53 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-07-19 10:58:52 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2010-07-19 10:58:52 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2010-07-19 10:58:52 ----A---- C:\Windows\system32\xinput1_2.dll
2010-07-19 10:58:52 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-07-19 10:58:52 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-07-19 10:58:51 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2010-07-19 10:58:51 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2010-07-19 10:58:51 ----A---- C:\Windows\system32\xinput1_1.dll
2010-07-19 10:58:51 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-07-19 10:58:50 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2010-07-19 10:58:50 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-07-19 10:58:46 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2010-07-19 10:58:46 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2010-07-19 10:58:46 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2010-07-19 10:58:46 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2010-07-19 10:58:46 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-07-19 10:58:46 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-07-19 10:58:46 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-07-19 10:58:46 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-07-19 10:58:45 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2010-07-19 10:58:45 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-07-19 10:58:44 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2010-07-19 10:58:44 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2010-07-19 10:58:44 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2010-07-19 10:58:44 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-07-19 10:58:44 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-07-19 10:58:44 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-07-19 10:58:43 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2010-07-19 10:58:43 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-07-17 14:02:08 ----D---- C:\Users\Peter\AppData\Roaming\Apple Computer
2010-07-17 14:01:15 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2010-07-17 14:00:17 ----D---- C:\ProgramData\Apple Computer
2010-07-17 13:59:38 ----D---- C:\Program Files (x86)\Apple Software Update
2010-07-17 13:59:20 ----D---- C:\Program Files\Common Files\Apple
2010-07-17 13:59:08 ----D---- C:\Program Files\Bonjour
2010-07-17 13:59:08 ----D---- C:\Program Files (x86)\Bonjour
2010-07-14 14:41:19 ----A---- C:\Windows\system32\cdd.dll

======List of files/folders modified in the last 1 months======

2010-08-11 19:25:43 ----D---- C:\Windows\Temp
2010-08-11 19:24:50 ----D---- C:\Program Files (x86)\trend micro
2010-08-11 19:21:28 ----D---- C:\Windows\system32\config
2010-08-11 19:20:05 ----D---- C:\Windows\system32\Tasks
2010-08-11 19:16:03 ----D---- C:\Windows\Microsoft.NET
2010-08-11 19:16:00 ----RSD---- C:\Windows\assembly
2010-08-11 19:12:12 ----D---- C:\Windows\system32\catroot
2010-08-11 19:12:05 ----RD---- C:\Program Files (x86)
2010-08-11 19:12:05 ----HD---- C:\ProgramData
2010-08-11 19:12:05 ----D---- C:\Windows\SYSWOW64\drivers
2010-08-11 19:12:05 ----D---- C:\Windows\system32\drivers
2010-08-11 19:11:24 ----SHD---- C:\Windows\Installer
2010-08-11 19:11:20 ----D---- C:\Windows\winsxs
2010-08-11 19:05:32 ----RD---- C:\Program Files
2010-08-11 19:05:28 ----D---- C:\Windows\system32\DriverStore
2010-08-11 19:05:27 ----D---- C:\Windows\inf
2010-08-11 19:02:26 ----D---- C:\Windows\SysWOW64
2010-08-11 19:02:26 ----D---- C:\Windows\System32
2010-08-11 19:02:24 ----D---- C:\Program Files\Internet Explorer
2010-08-11 19:02:24 ----D---- C:\Program Files (x86)\Internet Explorer
2010-08-11 19:02:23 ----D---- C:\Windows\SYSWOW64\migration
2010-08-11 19:02:23 ----D---- C:\Windows\system32\migration
2010-08-11 19:00:13 ----D---- C:\ProgramData\Microsoft Help
2010-08-11 18:58:01 ----D---- C:\Windows\Prefetch
2010-08-11 18:57:14 ----SHD---- C:\System Volume Information
2010-08-11 18:55:42 ----D---- C:\Windows\system32\catroot2
2010-08-09 10:16:25 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-08-08 10:05:45 ----A---- C:\Windows\system32\AutoRunFilter.ini
2010-08-07 22:04:34 ----D---- C:\Windows
2010-08-07 09:49:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-03 22:06:46 ----D---- C:\Program Files (x86)\Common Files
2010-08-03 22:05:12 ----D---- C:\Program Files (x86)\Java
2010-08-03 20:52:33 ----A---- C:\Windows\system32\MRT.exe
2010-07-30 16:41:23 ----D---- C:\Program Files (x86)\Winamp
2010-07-30 16:39:03 ----D---- C:\Users\Peter\AppData\Roaming\Winamp
2010-07-30 16:34:21 ----D---- C:\Program Files (x86)\Winamp Detect
2010-07-29 19:33:09 ----D---- C:\ProgramData\NVIDIA
2010-07-29 19:27:19 ----D---- C:\Program Files\NVIDIA Corporation
2010-07-29 19:12:05 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-07-26 13:50:17 ----D---- C:\Users\Peter\AppData\Roaming\BSplayer
2010-07-25 13:00:49 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-07-22 22:23:22 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2010-07-22 19:54:29 ----DC---- C:\Windows\system32\DRVSTORE
2010-07-22 12:07:04 ----D---- C:\Users\Peter\AppData\Roaming\Skype
2010-07-22 12:06:49 ----D---- C:\Users\Peter\AppData\Roaming\skypePM
2010-07-17 14:04:27 ----A---- C:\Windows\system32\ServiceFilter.ini
2010-07-17 13:59:20 ----D---- C:\Program Files\Common Files
2010-07-17 05:00:04 ----A---- C:\Windows\SYSWOW64\deployJava1.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2010-01-23 35384]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-07-30 241696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-18 834544]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-02 116568]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-02-16 81072]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-09-11 2001056]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-06-22 131688]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 28704]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
S3 a296a497;a296a497; C:\Windows\system32\drivers\a296a497.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 159336]
R2 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-06-10 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2010-07-22 215016]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-17 136176]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-23 1255736]

-----------------EOF-----------------

#8 Příspěvek od **Caroprd111** » 11 srp 2010 19:06

http://www.viry.cz/forum/viewtopic.php?f=29&t=99410

Obrázek

Odinstalujte všechen nelegální software.

Obrázek

Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.

Obrázek

Otevřete si Poznámkový blok a zkopírujte do něj text (z bílého políčka):

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"reset"=-

Nyní uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek, klik na uložit, pak na soubor standardně 2X kliknete a potvrďte dialogové okno.

Obrázek

Jsou s PC nějaké problémy

Vajo147 · #9 Příspěvek od **Vajo147** » 11 srp 2010 19:42

Myslim ze som vsetky vypisane body splnil a PC je ziatial vpohode.

#10 Příspěvek od **Caroprd111** » 11 srp 2010 19:55

Stáhněte T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe

Spusťte, pro potvrzení volby mačkejte klávesu A, Enter
Po použití program vymažte. Pozor, antiviry ho mohou falešně označit za vir.

Stáhněte TFC http://oldtimer.geekstogo.com/TFC.exe

Spusťte.
Klikněte na "Start". Potvrďte hlášku kliknutím na "Ok" (Bude následovat restart)

Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe

Spusťte.
Klikněte na "CleanUp!". Potvrďte hlášky kliknutím na "Yes" (Bude následovat restart)

Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478

Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.

Záložka Čistič
Dejte analyzovat, po dokončení dejte Spustit Ccleaner.

Záložka Registry
Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít

Vajo147 · #11 Příspěvek od **Vajo147** » 11 srp 2010 20:08

O.K vsetky body som uspesne dokoncil

#12 Příspěvek od **Caroprd111** » 11 srp 2010 20:16

V tom případě je to vše.

Vajo147 · #13 Příspěvek od **Vajo147** » 11 srp 2010 20:21

Supeer, dakujem za vas cas

#14 Příspěvek od **Caroprd111** » 11 srp 2010 20:24

Nemáte zač

VIRY.CZ

Preventivka

Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka