preventivka prosim

Zpráva

Andrew_Cz · #1 Příspěvek od **Andrew_Cz** » 09 kvě 2011 23:42

Prosim preventivku.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Andrew at 2011-05-10 00:41:45
Microsoft Windows 7 Ultimate
System drive C: has 425 GB (89%) free of 477 GB
Total RAM: 8190 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:41:47, on 10.5.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Normal

Running processes:
C:\Users\Andrew\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\QIP 2010\qip.exe
C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Andrew.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RoccatKova+] "C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2010\qip.exe" /autorun
O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user')
O4 - Startup: EVEREST Ultimate Edition.lnk = C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
O4 - Startup: MSI Afterburner.lnk = C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: S&end to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.euro.dell.com/systemprof ... emLite.CAB
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: {DLL_Str}
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility (XTUService) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe

--
End of file - 9179 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Users\Andrew\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe" /crashhandler
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\QIP 2010\qip.exe" /autorun
"C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\AUDIODG.EXE 0x540
"C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_0/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_250ms_queue_prefetch/DnsParallelism/parallel_20/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/WebSocketExperiment/default/ --channel=424.0436E300.978734008 /prefetch:3
C:\Windows\system32\rundll32.exe "C:\Users\Andrew\AppData\Local\Google\Chrome\APPLIC~1\110696~1.65\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Andrew\AppData\Local\Google\Chrome\Application\11.0.696.65\gcswf32.dll" --lang=cs --plugin-data-dir="C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default" --channel=424.0623A400.123438441 /prefetch:4 --flash-broker=3796
C:\Windows\system32\msiexec.exe /V
"C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel=424.079FDA50.715561939 /prefetch:12
"C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Andrew\AppData\Local\Google\Chrome\Application\11.0.696.65\gears.dll" --lang=cs --plugin-data-dir="C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default" --channel=424.08E52800.289297715 /prefetch:4
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Andrew\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-177400242-4199771672-94652025-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-177400242-4199771672-94652025-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AsioReg"=REGSVR32.EXE /S CTASIO.DLL []
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-07-02 2903688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-19 136176]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2011-02-11 3046808]
"Infium"=C:\Program Files (x86)\QIP 2010\qip.exe [2011-03-14 5973888]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2009-10-19 36864]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-01-22 106496]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-21 2583040]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
"RoccatKova+"=C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE [2010-11-08 539688]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-04-05 336384]
"HTC Sync Loader"=C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-01-27 585728]

C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EVEREST Ultimate Edition.lnk - C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
MSI Afterburner.lnk - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="{DLL_Str}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-05-10 00:36:10 ----D---- C:\rsit
2011-05-10 00:33:08 ----SHD---- C:\Config.Msi
2011-05-09 23:51:38 ----D---- C:\ProgramData\ESET
2011-05-09 23:51:38 ----D---- C:\Program Files\ESET
2011-05-09 23:49:26 ----D---- C:\Program Files (x86)\TNod User & Password Finder
2011-05-09 20:37:26 ----D---- C:\Users\Andrew\AppData\Roaming\gtk-2.0
2011-05-09 20:34:53 ----D---- C:\Program Files (x86)\GIMP-2.0
2011-04-30 12:43:06 ----D---- C:\Users\Andrew\AppData\Roaming\Outlook
2011-04-30 12:06:46 ----D---- C:\Users\Andrew\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
2011-04-30 12:06:24 ----D---- C:\Users\Andrew\AppData\Roaming\HTC
2011-04-28 10:33:23 ----D---- C:\Program Files (x86)\ASUS
2011-04-27 23:51:11 ----D---- C:\ProgramData\ATI
2011-04-27 23:51:07 ----D---- C:\Program Files (x86)\AMD APP
2011-04-27 23:51:03 ----D---- C:\Program Files\Common Files\ATI Technologies
2011-04-27 23:50:10 ----D---- C:\Program Files (x86)\ATI Technologies
2011-04-27 23:49:13 ----D---- C:\Program Files\ATI Technologies
2011-04-19 13:06:11 ----D---- C:\ProgramData\Solidshield
2011-04-18 16:28:37 ----D---- C:\Users\Andrew\AppData\Roaming\Ahead
2011-04-13 23:05:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-04-13 23:05:38 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-04-13 23:05:38 ----A---- C:\Windows\system32\vbscript.dll
2011-04-13 23:05:38 ----A---- C:\Windows\system32\jscript.dll
2011-04-13 23:05:37 ----A---- C:\Windows\system32\win32k.sys
2011-04-13 23:05:36 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2011-04-13 23:05:36 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2011-04-13 23:05:36 ----A---- C:\Windows\system32\mfc42u.dll
2011-04-13 23:05:36 ----A---- C:\Windows\system32\mfc42.dll
2011-04-13 23:05:33 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-04-13 23:05:33 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-04-13 23:05:33 ----A---- C:\Windows\system32\atmlib.dll
2011-04-13 23:05:33 ----A---- C:\Windows\system32\atmfd.dll
2011-04-13 23:05:32 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-04-13 23:05:32 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-04-13 23:05:32 ----A---- C:\Windows\system32\drivers\srv.sys
2011-04-13 23:05:31 ----A---- C:\Windows\system32\mshtml.dll
2011-04-13 23:05:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-04-13 23:05:30 ----A---- C:\Windows\system32\ieframe.dll
2011-04-13 23:05:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-04-13 23:05:28 ----A---- C:\Windows\system32\urlmon.dll
2011-04-13 23:05:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-04-13 23:05:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-04-13 23:05:27 ----A---- C:\Windows\system32\wininet.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\mstime.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\mshtmled.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\msfeedssync.exe
2011-04-13 23:05:26 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\msfeeds.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\licmgr10.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\jsproxy.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\ieui.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\iertutil.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\iepeers.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\iedkcs32.dll
2011-04-13 23:05:13 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2011-04-13 23:05:13 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-04-13 23:05:13 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-04-13 23:05:13 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-04-13 23:05:13 ----A---- C:\Windows\system32\dnsapi.dll
2011-04-13 23:05:10 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-04-13 23:05:10 ----A---- C:\Windows\system32\inetcomm.dll
2011-04-13 23:05:09 ----A---- C:\Windows\system32\winresume.exe
2011-04-13 23:05:09 ----A---- C:\Windows\system32\winload.exe
2011-04-13 23:05:09 ----A---- C:\Windows\system32\kdusb.dll
2011-04-13 23:05:09 ----A---- C:\Windows\system32\kdcom.dll
2011-04-13 23:05:09 ----A---- C:\Windows\system32\kd1394.dll
2011-04-13 23:05:08 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-04-13 23:05:06 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-13 23:05:06 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-13 23:05:06 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-13 23:05:06 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-04-13 21:59:14 ----A---- C:\Windows\SYSWOW64\OVDecode.dll
2011-04-13 21:59:02 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2011-04-13 21:58:46 ----A---- C:\Windows\SYSWOW64\amdocl.dll

======List of files/folders modified in the last 1 months======

2011-05-10 00:41:46 ----D---- C:\Windows\Temp
2011-05-10 00:41:46 ----D---- C:\Program Files\trend micro
2011-05-10 00:35:20 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-05-10 00:35:19 ----SHD---- C:\System Volume Information
2011-05-10 00:34:49 ----RD---- C:\Program Files
2011-05-10 00:34:23 ----SHD---- C:\Windows\Installer
2011-05-10 00:34:17 ----D---- C:\Program Files (x86)\Nero
2011-05-10 00:34:17 ----D---- C:\Program Files (x86)\Common Files
2011-05-10 00:34:16 ----D---- C:\ProgramData\Nero
2011-05-10 00:34:10 ----D---- C:\Windows\ehome
2011-05-10 00:34:09 ----D---- C:\Windows\SysWOW64
2011-05-10 00:34:08 ----D---- C:\Windows
2011-05-10 00:31:34 ----D---- C:\Windows\system32\catroot2
2011-05-10 00:30:34 ----D---- C:\Users\Andrew\AppData\Roaming\uTorrent
2011-05-10 00:30:34 ----D---- C:\Users\Andrew\AppData\Roaming\TS3Client
2011-05-10 00:29:14 ----D---- C:\Program Files (x86)\CCleaner
2011-05-10 00:15:32 ----D---- C:\Program Files (x86)\TeamViewer
2011-05-10 00:10:40 ----D---- C:\Windows\system32\config
2011-05-10 00:06:05 ----D---- C:\Windows\System32
2011-05-10 00:06:04 ----D---- C:\Windows\inf
2011-05-10 00:06:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-10 00:00:10 ----D---- C:\Program Files (x86)\QIP 2010
2011-05-09 23:51:58 ----D---- C:\Windows\system32\drivers
2011-05-09 23:51:38 ----D---- C:\ProgramData
2011-05-09 23:49:26 ----RD---- C:\Program Files (x86)
2011-05-09 23:46:13 ----D---- C:\Program Files (x86)\SplitMediaLabs
2011-05-09 20:36:08 ----D---- C:\Windows\Prefetch
2011-04-30 12:06:13 ----D---- C:\Program Files (x86)\HTC
2011-04-28 10:33:02 ----A---- C:\Windows\Language_trs.ini
2011-04-28 10:32:50 ----A---- C:\Windows\Ascd_tmp.ini
2011-04-28 09:24:00 ----D---- C:\Users\Andrew\AppData\Roaming\Winamp
2011-04-27 23:52:32 ----D---- C:\Windows\system32\catroot
2011-04-27 23:51:03 ----D---- C:\Program Files\Common Files
2011-04-27 23:50:48 ----D---- C:\Windows\system32\DriverStore
2011-04-27 23:39:03 ----D---- C:\Users\Andrew\AppData\Roaming\Uniblue
2011-04-27 23:39:00 ----D---- C:\Windows\Tasks
2011-04-27 23:39:00 ----D---- C:\Windows\system32\Tasks
2011-04-27 23:38:11 ----D---- C:\Program Files (x86)\VS Revo Group
2011-04-27 23:35:33 ----D---- C:\Windows\debug
2011-04-22 08:34:00 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-04-18 19:25:10 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-04-18 19:25:00 ----A---- C:\Windows\system32\aswBoot.exe
2011-04-18 16:26:01 ----D---- C:\Temp
2011-04-18 16:22:44 ----A---- C:\Windows\system32\MRT.exe
2011-04-18 16:15:33 ----D---- C:\Windows\winsxs
2011-04-18 16:12:43 ----RSD---- C:\Windows\assembly
2011-04-18 16:10:16 ----D---- C:\Users\Andrew\AppData\Roaming\Nero
2011-04-14 09:33:52 ----D---- C:\Windows\Microsoft.NET
2011-04-14 09:00:04 ----D---- C:\Windows\SYSWOW64\migration
2011-04-14 09:00:04 ----D---- C:\Program Files\Internet Explorer
2011-04-14 09:00:04 ----D---- C:\Program Files (x86)\Internet Explorer
2011-04-14 09:00:03 ----D---- C:\Windows\system32\migration
2011-04-14 08:59:58 ----D---- C:\Windows\system32\Boot
2011-04-14 00:06:02 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2009-10-19 115312]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-20 834544]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-04-22 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-04-18 31064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-04-18 600920]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-04-18 287064]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-04-18 53592]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-28 139704]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-04-18 22360]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-04-18 64344]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-12-19 314016]
R2 cpuz134;cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x64.sys [2010-07-09 21480]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-06-24 166984]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-04-28 124760]
R2 IOCBIOS;IOCBIOS; \??\C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.sys [2010-02-03 30384]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-12-19 43680]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2009-08-14 11576]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-06 9323520]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-06 304128]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [2010-03-31 26752]
R3 KovaPlusFltr;ROCCAT Kova[+] Mouse; C:\Windows\system32\drivers\KovaPlusFltr.sys [2010-01-25 15104]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
R3 smbusp;Intel(R) SMBus 2.0 Driver; C:\Windows\system32\DRIVERS\intelsmb.sys [2010-01-20 36224]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-09-17 1250816]
S1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys []
S3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2009-02-17 17792]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-06 9323520]
S3 atillk64;atillk64; \??\C:\Users\Andrew\Desktop\6950\programy\ati_winflash_2.0.1.14\atillk64.sys []
S3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL [2007-04-12 151296]
S3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-04-10 252712]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2007-04-10 580904]
S3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2007-04-10 863016]
S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL [2007-04-10 700200]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-04-10 219432]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-04-10 321832]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-04-10 190248]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-04-10 363304]
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL [2007-04-10 142120]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-04-10 1571112]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-04-10 123688]
S3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2007-04-10 17192]
S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL [2007-04-10 681256]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2007-04-10 290600]
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; C:\Windows\system32\DRIVERS\E1G6032E.sys [2009-06-10 145792]
S3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2007-04-10 147752]
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-04-22 12744]
S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2007-04-10 1359144]
S3 hap16v2k;Creative P16V HAL Driver; C:\Windows\system32\drivers\hap16v2k.sys [2007-04-10 259880]
S3 hap17v2k;Creative P17V HAL Driver; C:\Windows\system32\drivers\hap17v2k.sys [2007-04-10 295208]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-01 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
S3 KoneFltr;ROCCAT Kone; C:\Windows\system32\drivers\Kone.sys [2008-12-11 15488]
S3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2007-04-10 218408]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-06 203776]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-04-18 42184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-07-02 810144]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-16 80896]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-07-02 42360]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-19 1255736]
S4 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe []

-----------------EOF-----------------

diky.

#2 Příspěvek od **vyosek** » 10 kvě 2011 07:04

Zdravim a pekny den preji

Co budeme delat s tim nelegalnim NOD32

Andrew_Cz · #3 Příspěvek od **Andrew_Cz** » 10 kvě 2011 09:03

#4 Příspěvek od **vyosek** » 10 kvě 2011 09:13

Avast je proti NODu daleko lepsi, navic cracknout si antivir, to je jako zamknout byt ale nechat otevrene okno...

Kdyz Vy nevite co s nelegalnim NODem, tak ja se ani logem z pohledu haveti zabyvat nebudu

Dle pravidel fora (viz zde a a zde bod c.3 ) se nelegalnim SW nezabyvame, jelikoz nelegalni programy jsou vetsinou zdrojem haveti. Navic tim porusujete i autorska prava Obrázek

, pachate trestny cin a ten jako takovy nebude nasim forem podporovan. Uvedomte si, ze jste na bezpecnostnim foru - podpora warezu (zvlaste bezpecnostnich programu) by byla zcela proti logice fora

#5 Příspěvek od **vyosek** » 10 kvě 2011 09:30

Vidim ze editujete abyste "zamaskoval" stopy, takze snahu o reseni asi nemate...

Tudiz z me strany

a zamykam.

#6 Příspěvek od **vyosek** » 10 kvě 2011 09:36

Po dohode via PM thread odemknut...

Ten edit bl zbytecny, beznym uzivatelum nic nerika a my to mame uz poznamenano ze tam byl nelegalni AV.

#7 Příspěvek od **vyosek** » 10 kvě 2011 09:43

Vlozte mi sem novy log z RSIT, kde jiz bude legalni zabezpeceni

Stahnete na plochu CKScanner

Spustte a kliknete na Search for files
Po dokonceni skenu kliknete na Save List to File a nasledne OK
Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte

Andrew_Cz · #8 Příspěvek od **Andrew_Cz** » 10 kvě 2011 10:14

Vy mejte zas na pameti, ze vam tu poskytuji sve soukrome informace zcela dobrovolne a muzete je vycist z logu, coz uplne bezny uzivatel nemuze, proto neni vhodne od Vas tak vysilovat a zverejnovat informace o mem pc ci pc mych znamych.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Andrew at 2011-05-10 11:05:19
Microsoft Windows 7 Ultimate
System drive C: has 426 GB (89%) free of 477 GB
Total RAM: 8190 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:05:19, on 10.5.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Andrew\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\QIP 2010\qip.exe
C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Andrew.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RoccatKova+] "C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Google Update] "C:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2010\qip.exe" /autorun
O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user')
O4 - Startup: EVEREST Ultimate Edition.lnk = C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
O4 - Startup: MSI Afterburner.lnk = C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: S&end to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.euro.dell.com/systemprof ... emLite.CAB
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: {DLL_Str}
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility (XTUService) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe

--
End of file - 9327 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x314
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
taskeng.exe {56F4D44A-D152-4F43-8EDC-D538CB05347B}
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000620
\??\C:\Windows\system32\conhost.exe
"taskhost.exe"
taskeng.exe {154BE6C2-9F7B-4743-8F65-38FFA8A2CD7A}
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Users\Andrew\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe" /crashhandler
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"C:\Program Files (x86)\QIP 2010\qip.exe" /autorun
"C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe"
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest="ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_4 concurrent_prefetch/DnsParallelism/parallel_6/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_enabled/SpdyCwnd/cwndDynamic/SpdyImpact/npn_with_spdy/WebSocketExperiment/default/" --channel=3456.004AD000.1727980864 /prefetch:3
C:\Windows\system32\rundll32.exe "C:\Users\Andrew\AppData\Local\Google\Chrome\APPLIC~1\110696~1.65\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Andrew\AppData\Local\Google\Chrome\Application\11.0.696.65\gcswf32.dll" --lang=cs --plugin-data-dir="C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default" --channel=3456.04D14E00.778631966 /prefetch:4 --flash-broker=2788
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel=3456.04D7F4D0.890268899 /prefetch:12
"C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-177400242-4199771672-94652025-10002_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-177400242-4199771672-94652025-10002 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
taskhost.exe $(Arg0)
wmiadap.exe /F /T /R
"C:\Users\Andrew\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-177400242-4199771672-94652025-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-177400242-4199771672-94652025-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AsioReg"=REGSVR32.EXE /S CTASIO.DLL []
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-19 136176]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2011-02-11 3046808]
"Infium"=C:\Program Files (x86)\QIP 2010\qip.exe [2011-03-14 5973888]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2009-10-19 36864]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-01-22 106496]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-21 2583040]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
"RoccatKova+"=C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE [2010-11-08 539688]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-04-05 336384]
"HTC Sync Loader"=C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-01-27 585728]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-03-28 281768]

C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EVEREST Ultimate Edition.lnk - C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
MSI Afterburner.lnk - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="{DLL_Str}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-05-10 10:27:36 ----D---- C:\ProgramData\MFAData
2011-05-10 10:24:34 ----A---- C:\Windows\system32\drivers\avipbb.sys
2011-05-10 10:24:34 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2011-05-10 10:24:33 ----D---- C:\ProgramData\Avira
2011-05-10 10:24:33 ----D---- C:\Program Files (x86)\Avira
2011-05-10 00:36:10 ----D---- C:\rsit
2011-05-09 20:37:26 ----D---- C:\Users\Andrew\AppData\Roaming\gtk-2.0
2011-05-09 20:34:53 ----D---- C:\Program Files (x86)\GIMP-2.0
2011-04-30 12:43:06 ----D---- C:\Users\Andrew\AppData\Roaming\Outlook
2011-04-30 12:06:46 ----D---- C:\Users\Andrew\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
2011-04-30 12:06:24 ----D---- C:\Users\Andrew\AppData\Roaming\HTC
2011-04-28 10:33:23 ----D---- C:\Program Files (x86)\ASUS
2011-04-27 23:51:11 ----D---- C:\ProgramData\ATI
2011-04-27 23:51:07 ----D---- C:\Program Files (x86)\AMD APP
2011-04-27 23:51:03 ----D---- C:\Program Files\Common Files\ATI Technologies
2011-04-27 23:50:10 ----D---- C:\Program Files (x86)\ATI Technologies
2011-04-27 23:49:13 ----D---- C:\Program Files\ATI Technologies
2011-04-19 13:06:11 ----D---- C:\ProgramData\Solidshield
2011-04-18 16:28:37 ----D---- C:\Users\Andrew\AppData\Roaming\Ahead
2011-04-13 23:05:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-04-13 23:05:38 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-04-13 23:05:38 ----A---- C:\Windows\system32\vbscript.dll
2011-04-13 23:05:38 ----A---- C:\Windows\system32\jscript.dll
2011-04-13 23:05:37 ----A---- C:\Windows\system32\win32k.sys
2011-04-13 23:05:36 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2011-04-13 23:05:36 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2011-04-13 23:05:36 ----A---- C:\Windows\system32\mfc42u.dll
2011-04-13 23:05:36 ----A---- C:\Windows\system32\mfc42.dll
2011-04-13 23:05:33 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-04-13 23:05:33 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-04-13 23:05:33 ----A---- C:\Windows\system32\atmlib.dll
2011-04-13 23:05:33 ----A---- C:\Windows\system32\atmfd.dll
2011-04-13 23:05:32 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-04-13 23:05:32 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-04-13 23:05:32 ----A---- C:\Windows\system32\drivers\srv.sys
2011-04-13 23:05:31 ----A---- C:\Windows\system32\mshtml.dll
2011-04-13 23:05:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-04-13 23:05:30 ----A---- C:\Windows\system32\ieframe.dll
2011-04-13 23:05:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-04-13 23:05:28 ----A---- C:\Windows\system32\urlmon.dll
2011-04-13 23:05:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-04-13 23:05:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-04-13 23:05:27 ----A---- C:\Windows\system32\wininet.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-04-13 23:05:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\mstime.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\mshtmled.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\msfeedssync.exe
2011-04-13 23:05:26 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\msfeeds.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\licmgr10.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\jsproxy.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\ieui.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\iertutil.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\iepeers.dll
2011-04-13 23:05:26 ----A---- C:\Windows\system32\iedkcs32.dll
2011-04-13 23:05:13 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2011-04-13 23:05:13 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-04-13 23:05:13 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-04-13 23:05:13 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-04-13 23:05:13 ----A---- C:\Windows\system32\dnsapi.dll
2011-04-13 23:05:10 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-04-13 23:05:10 ----A---- C:\Windows\system32\inetcomm.dll
2011-04-13 23:05:09 ----A---- C:\Windows\system32\winresume.exe
2011-04-13 23:05:09 ----A---- C:\Windows\system32\winload.exe
2011-04-13 23:05:09 ----A---- C:\Windows\system32\kdusb.dll
2011-04-13 23:05:09 ----A---- C:\Windows\system32\kdcom.dll
2011-04-13 23:05:09 ----A---- C:\Windows\system32\kd1394.dll
2011-04-13 23:05:08 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-04-13 23:05:06 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-13 23:05:06 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-13 23:05:06 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-13 23:05:06 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-04-13 21:59:14 ----A---- C:\Windows\SYSWOW64\OVDecode.dll
2011-04-13 21:59:02 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2011-04-13 21:58:46 ----A---- C:\Windows\SYSWOW64\amdocl.dll

======List of files/folders modified in the last 1 months======

2011-05-10 11:05:19 ----D---- C:\Program Files\trend micro
2011-05-10 11:01:43 ----D---- C:\Program Files (x86)\QIP 2010
2011-05-10 11:01:32 ----D---- C:\Windows\Temp
2011-05-10 11:01:29 ----D---- C:\Windows\system32\config
2011-05-10 11:01:10 ----D---- C:\Windows
2011-05-10 11:01:00 ----D---- C:\Program Files\Alwil Software
2011-05-10 10:59:38 ----D---- C:\Windows\System32
2011-05-10 10:59:36 ----D---- C:\Windows\system32\drivers
2011-05-10 10:48:52 ----D---- C:\Windows\winsxs
2011-05-10 10:38:49 ----SHD---- C:\Windows\Installer
2011-05-10 10:37:38 ----SHD---- C:\System Volume Information
2011-05-10 10:36:55 ----D---- C:\Windows\Logs
2011-05-10 10:34:47 ----D---- C:\Windows\inf
2011-05-10 10:34:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-10 10:27:36 ----D---- C:\ProgramData
2011-05-10 10:24:41 ----D---- C:\Windows\system32\catroot
2011-05-10 10:24:33 ----RD---- C:\Program Files (x86)
2011-05-10 10:22:24 ----RD---- C:\Program Files
2011-05-10 00:35:20 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-05-10 00:34:17 ----D---- C:\Program Files (x86)\Nero
2011-05-10 00:34:17 ----D---- C:\Program Files (x86)\Common Files
2011-05-10 00:34:16 ----D---- C:\ProgramData\Nero
2011-05-10 00:34:10 ----D---- C:\Windows\ehome
2011-05-10 00:34:09 ----D---- C:\Windows\SysWOW64
2011-05-10 00:31:34 ----D---- C:\Windows\system32\catroot2
2011-05-10 00:30:34 ----D---- C:\Users\Andrew\AppData\Roaming\uTorrent
2011-05-10 00:30:34 ----D---- C:\Users\Andrew\AppData\Roaming\TS3Client
2011-05-10 00:29:14 ----D---- C:\Program Files (x86)\CCleaner
2011-05-10 00:15:32 ----D---- C:\Program Files (x86)\TeamViewer
2011-05-09 23:46:13 ----D---- C:\Program Files (x86)\SplitMediaLabs
2011-05-09 20:36:08 ----D---- C:\Windows\Prefetch
2011-04-30 12:06:13 ----D---- C:\Program Files (x86)\HTC
2011-04-28 10:33:02 ----A---- C:\Windows\Language_trs.ini
2011-04-28 10:32:50 ----A---- C:\Windows\Ascd_tmp.ini
2011-04-28 09:24:00 ----D---- C:\Users\Andrew\AppData\Roaming\Winamp
2011-04-27 23:51:03 ----D---- C:\Program Files\Common Files
2011-04-27 23:50:48 ----D---- C:\Windows\system32\DriverStore
2011-04-27 23:39:03 ----D---- C:\Users\Andrew\AppData\Roaming\Uniblue
2011-04-27 23:39:00 ----D---- C:\Windows\Tasks
2011-04-27 23:39:00 ----D---- C:\Windows\system32\Tasks
2011-04-27 23:38:11 ----D---- C:\Program Files (x86)\VS Revo Group
2011-04-27 23:35:33 ----D---- C:\Windows\debug
2011-04-22 08:34:00 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-04-18 19:25:10 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-04-18 16:26:01 ----D---- C:\Temp
2011-04-18 16:22:44 ----A---- C:\Windows\system32\MRT.exe
2011-04-18 16:12:43 ----RSD---- C:\Windows\assembly
2011-04-18 16:10:16 ----D---- C:\Users\Andrew\AppData\Roaming\Nero
2011-04-14 09:33:52 ----D---- C:\Windows\Microsoft.NET
2011-04-14 09:00:04 ----D---- C:\Windows\SYSWOW64\migration
2011-04-14 09:00:04 ----D---- C:\Program Files\Internet Explorer
2011-04-14 09:00:04 ----D---- C:\Program Files (x86)\Internet Explorer
2011-04-14 09:00:03 ----D---- C:\Windows\system32\migration
2011-04-14 08:59:58 ----D---- C:\Windows\system32\Boot
2011-04-14 00:06:02 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2009-10-19 115312]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-20 834544]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-04-22 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-04-01 116568]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-12-19 314016]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-04-01 83120]
R2 cpuz134;cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x64.sys [2010-07-09 21480]
R2 IOCBIOS;IOCBIOS; \??\C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.sys [2010-02-03 30384]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-12-19 43680]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2009-08-14 11576]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-06 9323520]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-06 304128]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [2010-03-31 26752]
R3 KovaPlusFltr;ROCCAT Kova[+] Mouse; C:\Windows\system32\drivers\KovaPlusFltr.sys [2010-01-25 15104]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
R3 smbusp;Intel(R) SMBus 2.0 Driver; C:\Windows\system32\DRIVERS\intelsmb.sys [2010-01-20 36224]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-09-17 1250816]
S1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys []
S3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2009-02-17 17792]
S3 atfiydyb;atfiydyb; C:\Windows\system32\drivers\atfiydyb.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-06 9323520]
S3 atillk64;atillk64; \??\C:\Users\Andrew\Desktop\6950\programy\ati_winflash_2.0.1.14\atillk64.sys []
S3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL [2007-04-12 151296]
S3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-04-10 252712]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2007-04-10 580904]
S3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2007-04-10 863016]
S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL [2007-04-10 700200]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-04-10 219432]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-04-10 321832]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-04-10 190248]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-04-10 363304]
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL [2007-04-10 142120]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-04-10 1571112]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-04-10 123688]
S3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2007-04-10 17192]
S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL [2007-04-10 681256]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2007-04-10 290600]
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; C:\Windows\system32\DRIVERS\E1G6032E.sys [2009-06-10 145792]
S3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2007-04-10 147752]
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-04-22 12744]
S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2007-04-10 1359144]
S3 hap16v2k;Creative P16V HAL Driver; C:\Windows\system32\drivers\hap16v2k.sys [2007-04-10 259880]
S3 hap17v2k;Creative P17V HAL Driver; C:\Windows\system32\drivers\hap17v2k.sys [2007-04-10 295208]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-01 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
S3 KoneFltr;ROCCAT Kone; C:\Windows\system32\drivers\Kone.sys [2008-12-11 15488]
S3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2007-04-10 218408]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-06 203776]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-03-28 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-16 80896]
R2 XTUService;Intel(R) Extreme Tuning Utility; C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe [2010-04-09 22280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-19 1255736]

-----------------EOF-----------------

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\gimp-2.0\share\gimp\2.0\patterns\cracked.pat
scanner sequence 3.CP.11
----- EOF -----

#9 Příspěvek od **vyosek** » 10 kvě 2011 10:24

Pokud se Vam nelibi, ze tu po Vas chceme nejaky logy - muzete si jit nechat poradit jinam. Vy nam tu poskytujete informace dobrovolne, ale my jste mu tez zdarma a ve svem volnem case pomahame.

Pokud mate problem s mym postupem, muzete kontaktovat admina webu (Rudy). Zpusob upozorneni na nelegalni AV jsem tam dal a odkazal jsem Vas na prislusna pravidla fora - delam to tak u vsech uzivatelu.

Otevrete si poznamkovy blok

Start->spustit->notepad
Vlozte text nize

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"QuickTime Task"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-

Soubor ulozte jako oprava.reg
Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
Zavrit notepad a spustit dvojklikem oprava.reg
Pripadny dotaz na zmenu registru potvrdte
Okno jen problikne a opravi regsitry - soubor muzete smazat

Jinak nic spatneho nevidim

Andrew_Cz · #10 Příspěvek od **Andrew_Cz** » 10 kvě 2011 10:47

Logy sem davam pres 4 roky jak sve tak mych znamych, nikdy jsem tady s nikym nemel problem a byl jsem spokojen.

To s tim av byla nahoda. tak hodinova.

Postup v poradku ale nelibi se mi Vas neprijemny a horkokrevny pristup ke me. Neznate mne, ja neznam Vas, proto bychom si radeji oba meli vazit slov..

Diky za kontrolu logu. Hezky den.

#11 Příspěvek od **vyosek** » 10 kvě 2011 10:51

Neni zac, kontrolu jsem provedl rad - forum mam (stejne jako kolegove) jako relax....

Pekny zbytek dne i Vam

Andrew_Cz · #12 Příspěvek od **Andrew_Cz** » 13 kvě 2011 10:57

jeste jednou dobry den,

po te procedure mi prestal fungovat windows media player. ,,provadeni serveru selhalo" zadna videa ani filmy v nem nejdou. na film muzu v poho pouzit jiny program ale na klipy s playlistem ne, takze mi to celkem vadi.

nevite co s tim? vygooglil jsem, ze to muze byt antivirem, tak jsem aviru odinstaloval a dal zpet avast ale nic se nezmenilo.. nejspis je to v nejaky karantene, do ktery to dala avira ale v avire jsem karantenu nenasel a v jinem vlakne mi nikdo na problem se sw neodpovedel..

zkousel jsem tedy odinstalovat antivir a nebo jeste

,,Občas pomůže i zaregistrovat dvě knihovny:
v příkazovém řádku napiš příkazy:
regsvr32 jscript.dll
regsvr32 vbscript.dll"

ale nic nepomohlo..

windows mam 7, 64bit

#13 Příspěvek od **vyosek** » 13 kvě 2011 11:19

A co zkusit media player preinstalovat

Andrew_Cz · #14 Příspěvek od **Andrew_Cz** » 13 kvě 2011 11:22

,,Přehrávač jako takový nejde klasicky přeinstalovat. Musíš ho vypnout ve funkcích Windows a znovu ho zapnout.

Start - Spustit - appwiz.cpl - levé menu a tam zvol Zapnout nebo vypnout funkce systému Windows. Je tam pod položkou Media Features. Zapneš ho na stejném místě... stačí pak jen znovu tu kolonku zaqškrtnout"

to jsem zkousel ale nema to vyznam..

#15 Příspěvek od **vyosek** » 13 kvě 2011 11:48

Jakou verzi WMP pouzivate

VIRY.CZ

preventivka prosim

preventivka prosim

Re: preventivka prosim

Re: preventivka prosim

Re: preventivka prosim

Re: preventivka prosim

Re: preventivka prosim

Re: preventivka prosim

Re: preventivka prosim

Re: preventivka prosim

Re: preventivka prosim

Re: preventivka prosim

Re: preventivka prosim

Re: preventivka prosim

Re: preventivka prosim

Re: preventivka prosim