VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosím o kontrolu

https://forum.viry.cz:443/viewtopic.php?t=120599

Stránka 1 z 1

prosím o kontrolu

Napsal: 24 bře 2012 13:40
od boss382
mam problem že dosť mi seka (laguje) hra cs 1.6 mam NB celkom výkonni
žiadam o skontrolovanie a pripadne ake tam mam zbytočne programy...


Logfile of random's system information tool 1.09 (written by random/random)
Run by Tibor at 2012-03-24 13:36:15
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 364 GB (78%) free of 464 GB
Total RAM: 3959 MB (51% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe"
taskeng.exe {96BE9D8A-65E3-43FE-B807-F38D9C8FF00B}
"taskhost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\AutoKMS.exe
"C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
cmd /c ""C:\ProgramData\AutoKMS\AutoKMS.cmd" "
\??\C:\Windows\system32\conhost.exe "1192628166343303619238794980-450010033-249486370272438256-1703168782-1697921758
taskeng.exe {FE6A4807-656C-4608-AC6C-AEB29F527F04}
"C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000088c
\??\C:\Windows\system32\conhost.exe "1389237018-1888963618-141009656132314538-5960281321402593396-7226105271727945504
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"Resources\MSGBox\Messagebox.exe" "AutoKMS Failed To Activate Office 2010 25 Times!\n\nIf Office Is Not Activated, Needs To Repair Itself Or AutoKMS Says It Failed, There May Be An Issue With Your License Data!\n\nBe Sure To Check Your Activation Status!\n\nIf Office Is Not Activated/Has Problems Consider Using My Toolkit To Delete License Data.\n\nThen Let Office Repair And Use The Toolkit's Attempt Activation Option A Few Times To See If You Can Activate!" "Office 2010 AutoKMS 1.4.0.5 By CODYQX4" OK
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\TC UP\TC UP.exe"
totalcmd.exe /i="C:\Program Files (x86)\TC UP\wincmd.ini"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe"
"c:\program files (x86)\steam\steamapps\bossik382\counter-strike\hl.exe" -steam -game cstrike
C:\Program Files (x86)\Steam\GameOverlayUI.exe -pid 5300 -manuallyclearframes 0
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASC.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe"
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files (x86)\TC UP\TC UP.exe"
totalcmd.exe /i="C:\Program Files (x86)\TC UP\wincmd.ini"
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" /PRODUCT:Reader /VERSION:10.0 /MODE:2
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe82_ Global\UsGthrCtrlFltPipeMssGthrPipe82 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 584 588 596 65536 592
"C:\Users\Tibor\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\xu8rs6ss.default

prefs.js - "browser.startup.homepage" - "http://www.searchqu.com/408"
prefs.js - "keyword.URL" - "http://dts.search-results.com/sr?src=ff ... 08&sr=0&q="

"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm LTD Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
ffxtlbr@babylon.com
staged
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
nppdf32.dll
npwachk.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
babylon.xml
dunaj-sk.xml
eBay.xml
fcmdSrchw7th.xml
google.xml
Search_Results.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml

C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\xu8rs6ss.default\extensions\
ffxtlbr@babylon.com
info@bflix.info
info@my-tools-app.com
info@thebflix.com
{800b5000-a755-47e1-992b-48a1c1357f07}
{99079a25-328f-4bd4-be04-00955acaa0a7}

C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\xu8rs6ss.default\searchplugins\
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin.xml
MyTools.xml
Search_Results.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-02-29 904832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
DataMngr - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\BROWSE~1.DLL [2011-11-17 118168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C9F4179-6CE2-4c6a-A3E5-67FF3592A12E}]
BFlix Class - C:\Program Files (x86)\BFlix\BFlix.dll [2011-12-30 167936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}]
2YourFace Addon - C:\Program Files (x86)\2YourFace\bho.dll [2011-07-13 50176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.10\bh\facemoods.dll [2011-05-23 265944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-07-31 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-02-29 599680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
Searchqu Toolbar - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
DataMngr - C:\PROGRA~2\WIA6EB~1\Datamngr\BROWSE~1.DLL [2011-11-17 101272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files (x86)\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll [2011-08-17 734048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C3A44133-7EAD-434C-AC9E-7F1DA176BA8C}]
MyTools Class - C:\Program Files (x86)\MyTools\MyTools.dll [2011-12-30 167936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9A15734-C02C-472E-AD5D-B02121AD61B0}]
TheBflix Class - C:\ProgramData\TheBflix\bhoclass.dll [2012-02-23 141824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-07-31 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll [2011-06-22 2398720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-02-29 904832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{338B4DFE-2E2C-4338-9E41-E176D497299E} - Hyperionics DB Toolbar - C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll [2011-06-22 2398720]
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - facemoods Toolbar - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.10\facemoodsTlbr.dll [2011-05-23 220888]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files (x86)\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll [2011-08-17 734048]
{99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-02-29 599680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"=C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-05-27 349552]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
"PLFSetI"=C:\Windows\PLFSetI.exe [2010-06-10 206208]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-06-11 861216]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2012-02-29 1126528]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2012-02-20 2786480]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-02-20 3669680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe [2011-09-09 607576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX420W Series]
C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE [2009-09-14 224768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2011-06-15 307200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-04-13 284696]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-05-27 337264]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-03-11 201584]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-03-11 407920]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-06-28 265984]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-06-22 968272]
"facemoods"=C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.10\facemoodssrv.exe [2011-05-23 329432]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2009-12-03 976320]
"DATAMNGR"=C:\PROGRA~2\WIA6EB~1\Datamngr\DATAMN~1.EXE [2011-11-17 1694608]
"Config"=C:\Program Files (x86)\Microsoft Games\Age Of Empires ii\Config.exe [2006-07-06 151552]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2012-01-31 258512]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2012-03-05 73360]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\fast64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-03-24 13:36:16 ----D---- C:\Program Files\trend micro
2012-03-24 13:36:15 ----D---- C:\rsit
2012-03-24 13:13:54 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-03-24 13:13:54 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-03-24 13:13:54 ----A---- C:\Windows\SYSWOW64\java.exe
2012-03-24 09:25:40 ----D---- C:\Program Files\Speccy
2012-03-20 21:54:43 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-03-20 21:54:43 ----A---- C:\Windows\system32\DWrite.dll
2012-03-20 21:54:40 ----A---- C:\Windows\system32\win32k.sys
2012-03-20 21:54:29 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-03-20 21:54:29 ----A---- C:\Windows\system32\rdpwsx.dll
2012-03-20 21:54:29 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-03-20 16:16:21 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-03-20 16:16:21 ----A---- C:\Windows\system32\rdpcore.dll
2012-03-20 16:16:20 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-03-20 16:16:20 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-03-19 17:12:13 ----D---- C:\Windows\Sun
2012-03-18 11:08:00 ----D---- C:\Program Files (x86)\Resource Hacker
2012-03-18 11:00:52 ----A---- C:\Windows\iun6002.exe
2012-03-18 11:00:51 ----D---- C:\Program Files (x86)\Debuggy By Vanja Fuckar
2012-03-15 21:39:39 ----D---- C:\Program Files (x86)\DesiatimiPrstami
2012-03-15 20:16:21 ----D---- C:\Users\Tibor\AppData\Roaming\Avira
2012-03-15 20:09:02 ----D---- C:\ProgramData\AutoKMS
2012-03-15 19:51:20 ----D---- C:\Program Files (x86)\Eusing Free Registry Cleaner
2012-03-15 19:43:16 ----D---- C:\Users\Tibor\AppData\Roaming\Wise Registry Cleaner
2012-03-15 19:42:58 ----D---- C:\Program Files (x86)\Wise Registry Cleaner
2012-03-15 19:40:46 ----A---- C:\Windows\system32\drivers\stflt.sys
2012-03-15 19:40:43 ----D---- C:\Users\Tibor\AppData\Roaming\Spyware Terminator
2012-03-15 19:40:43 ----D---- C:\ProgramData\Spyware Terminator
2012-03-15 19:40:36 ----D---- C:\Program Files (x86)\Spyware Terminator
2012-03-15 19:38:47 ----D---- C:\Users\Tibor\AppData\Roaming\CheckPoint
2012-03-15 19:38:01 ----D---- C:\Program Files\CheckPoint
2012-03-15 19:34:21 ----D---- C:\Program Files (x86)\CheckPoint
2012-03-15 19:33:53 ----D---- C:\ProgramData\CheckPoint
2012-03-15 19:32:24 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2012-03-15 19:32:24 ----A---- C:\Windows\system32\drivers\avipbb.sys
2012-03-15 19:32:24 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2012-03-15 19:32:23 ----D---- C:\ProgramData\Avira
2012-03-15 19:32:23 ----D---- C:\Program Files (x86)\Avira
2012-03-15 19:26:35 ----A---- C:\guninst.bat
2012-03-15 19:25:27 ----A---- C:\guninst.exe
2012-03-03 20:37:06 ----D---- C:\Program Files (x86)\Microsoft Games
2012-03-03 13:24:52 ----A---- C:\AILog.txt
2012-03-02 16:43:10 ----D---- C:\ProgramData\TrackMania
2012-02-28 16:26:19 ----A---- C:\Users\Tibor\AppData\Roaming\room_v3.dat
2012-02-28 16:17:46 ----D---- C:\Users\Tibor\AppData\Roaming\GarenaPlus
2012-02-28 16:14:30 ----D---- C:\Program Files (x86)\Garena Plus
2012-02-28 16:14:20 ----D---- C:\ProgramData\GarenaMessenger
2012-02-25 20:29:17 ----D---- C:\Windows\SYSWOW64\tdk-screensaver-a03 dir
2012-02-25 20:29:17 ----A---- C:\Windows\SYSWOW64\tdk-screensaver-a03.scr
2012-02-25 17:11:34 ----D---- C:\Program Files (x86)\WinRAR
2012-02-25 16:20:21 ----A---- C:\Windows\_MSRSTRT.EXE
2012-02-25 15:04:27 ----A---- C:\Windows\system32\wbload.dll
2012-02-25 15:04:22 ----N---- C:\Windows\SYSWOW64\wbsys.dll
2012-02-25 14:44:49 ----D---- C:\Users\Tibor\AppData\Roaming\Stardock
2012-02-25 14:44:49 ----D---- C:\ProgramData\Documents
2012-02-25 14:20:23 ----D---- C:\Program Files (x86)\CursorXP
2012-02-25 14:10:50 ----D---- C:\Program Files (x86)\Stardock
2012-02-25 02:51:58 ----D---- C:\ProgramData\TheBflix

======List of files/folders modified in the last 1 month======

2012-03-24 13:36:16 ----RD---- C:\Program Files
2012-03-24 13:32:23 ----D---- C:\Windows\Minidump
2012-03-24 13:32:23 ----D---- C:\Windows\debug
2012-03-24 13:32:23 ----D---- C:\Windows
2012-03-24 13:32:22 ----D---- C:\Windows\Temp
2012-03-24 13:31:56 ----D---- C:\Users\Tibor\AppData\Roaming\Skype
2012-03-24 13:31:54 ----D---- C:\Program Files (x86)\Steam
2012-03-24 13:13:56 ----SHD---- C:\Windows\Installer
2012-03-24 13:13:54 ----D---- C:\Windows\SysWOW64
2012-03-24 13:13:53 ----D---- C:\Program Files (x86)\Java
2012-03-24 13:12:25 ----SHD---- C:\System Volume Information
2012-03-24 13:03:20 ----D---- C:\Program Files (x86)\bosskocs
2012-03-24 12:42:24 ----D---- C:\Users\Tibor\AppData\Roaming\Winamp
2012-03-24 12:29:55 ----D---- C:\Program Files (x86)\Winamp
2012-03-24 12:16:31 ----D---- C:\Program Files (x86)\Warcraft III
2012-03-24 07:34:50 ----D---- C:\Windows\system32\config
2012-03-24 07:23:45 ----A---- C:\Windows\SYSWOW64\log.txt
2012-03-23 16:29:38 ----D---- C:\Windows\system32\Tasks
2012-03-22 16:19:57 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-03-21 06:53:18 ----D---- C:\Windows\winsxs
2012-03-21 06:52:06 ----D---- C:\Windows\System32
2012-03-20 22:22:07 ----A---- C:\Windows\system32\MRT.exe
2012-03-20 22:22:02 ----D---- C:\Windows\system32\catroot
2012-03-20 22:21:52 ----D---- C:\ProgramData\Microsoft Help
2012-03-20 21:54:20 ----D---- C:\Windows\system32\catroot2
2012-03-20 21:46:31 ----D---- C:\Windows\system32\drivers
2012-03-20 14:13:42 ----D---- C:\Users\Tibor\AppData\Roaming\IObit
2012-03-20 14:13:34 ----D---- C:\Program Files (x86)\IObit
2012-03-20 14:12:39 ----D---- C:\ProgramData\IObit
2012-03-18 22:23:11 ----D---- C:\Windows\system32\wdi
2012-03-18 11:08:00 ----RD---- C:\Program Files (x86)
2012-03-18 08:07:18 ----D---- C:\Windows\inf
2012-03-18 08:07:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-17 20:25:32 ----D---- C:\Users\Tibor\AppData\Roaming\Hamachi
2012-03-17 10:33:26 ----D---- C:\Program Files (x86)\Hyperionics DB Toolbar
2012-03-15 20:17:18 ----D---- C:\Windows\SYSWOW64\drivers
2012-03-15 20:09:02 ----HD---- C:\ProgramData
2012-03-15 20:08:34 ----D---- C:\Program Files\Google
2012-03-15 20:08:34 ----D---- C:\Program Files (x86)\Google
2012-03-15 19:50:41 ----D---- C:\Windows\SYSWOW64\config
2012-03-15 19:39:07 ----D---- C:\Windows\system32\DriverStore
2012-03-15 19:32:06 ----D---- C:\Windows\Tasks
2012-03-15 19:30:35 ----D---- C:\ProgramData\AVAST Software
2012-03-15 19:27:56 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-03-15 19:27:53 ----D---- C:\Program Files (x86)\NTI
2012-03-15 19:26:58 ----D---- C:\Program Files (x86)\Restorator 2009
2012-03-15 19:26:27 ----D---- C:\Program Files (x86)\Acer GameZone
2012-03-15 19:24:24 ----D---- C:\Program Files (x86)\Acer
2012-03-15 19:23:36 ----D---- C:\Program Files (x86)\OpenOffice.org 3
2012-03-15 19:15:28 ----DC---- C:\Windows\system32\DRVSTORE
2012-03-15 19:12:11 ----D---- C:\Program Files (x86)\Counter-Strike 1.6
2012-03-15 19:10:59 ----D---- C:\ProgramData\Google
2012-03-15 19:07:49 ----D---- C:\Program Files (x86)\Common Files
2012-03-12 22:06:47 ----RD---- C:\Program Files (x86)\Skype
2012-03-12 22:06:42 ----D---- C:\ProgramData\Skype
2012-03-10 00:50:01 ----RSD---- C:\Windows\Fonts
2012-03-02 16:27:29 ----SD---- C:\Users\Tibor\AppData\Roaming\Microsoft
2012-02-26 20:23:52 ----D---- C:\Windows\Logs
2012-02-25 15:07:24 ----A---- C:\Windows\win.ini
2012-02-25 14:52:05 ----D---- C:\Users\Tibor\AppData\Roaming\Dropbox
2012-02-25 13:54:25 ----D---- C:\Windows\Cursors
2012-02-25 11:40:26 ----D---- C:\Windows\Resources
2012-02-25 10:20:11 ----D---- C:\Windows\Microsoft.NET
2012-02-25 10:20:09 ----RSD---- C:\Windows\assembly
2012-02-25 02:57:17 ----A---- C:\user.js
2012-02-25 02:51:59 ----D---- C:\ProgramData\InstallMate
2012-02-25 01:56:03 ----A---- C:\Windows\system32\themeservice.dll
2012-02-25 01:55:49 ----A---- C:\Windows\SYSWOW64\themeui.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-01-31 132320]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-09-16 27760]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-13 271424]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2011-06-15 93240]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2011-05-07 454232]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-01-31 97312]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-02-29 33672]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2012-03-15 51496]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-11 2229608]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-05-20 32296]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-12-13 33344]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-06-21 131688]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-10-13 867064]
S1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2009-10-25 23552]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-05-20 38248]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-05-20 55336]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-05-20 294760]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-05-20 202792]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-05-20 52584]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-05-20 156392]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-05-25 264040]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2009-12-17 145360]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-01-31 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-01-31 86224]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-02-29 827520]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
R2 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-19 159336]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2012-03-05 2420616]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-05-26 47776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
S2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
S2 FBDiskOptimizer;FBDiskOptimizer; C:\Program Files (x86)\FixBee\FBDefragSrv64.exe [2011-08-11 630584]
S2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-15 158856]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2011-11-22 1148632]
S2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
S2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-13 655624]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-03-15 489256]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-30 1255736]

-----------------EOF-----------------

Re: prosím o kontrolu

Napsal: 25 bře 2012 11:00
od Rudy
Odinstalujte cracklý MSOffice. Pak dejte nový log RSIT.

Re: prosím o kontrolu

Napsal: 25 bře 2012 11:29
od boss382
Logfile of random's system information tool 1.09 (written by random/random)
Run by Tibor at 2012-03-25 12:29:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 367 GB (79%) free of 464 GB
Total RAM: 3959 MB (54% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {FA35F6AD-E56C-4B85-94C5-6D282A823938}
"taskhost.exe"
"C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service
taskeng.exe {F15587CC-D5D6-4F6E-A107-29B552E8951C}
C:\Windows\AutoKMS.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe"
cmd /c ""C:\ProgramData\AutoKMS\AutoKMS.cmd" "
\??\C:\Windows\system32\conhost.exe "1802901471944514904-968745691-962047138-8943502672007455289521046353-1663420671
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE"
cscript //nologo "C:\ProgramData\AutoKMS\Resources\LicenseManagement\OSPP.VBS" /sethst:127.0.0.1
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE"
"C:\Program Files (x86)\FixBee\FBDefragSrv64.exe"
"C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.10\facemoodssrv.exe" /md I
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
"C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files (x86)\Microsoft Games\Age of Empires II\Config.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\BOINC\boincmgr.exe" /a /s
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"C:\Program Files (x86)\BOINC\boinctray.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\BOINC\\boinc.exe" --redirectio --launched_by_manager
\??\C:\Windows\system32\conhost.exe "4707277411534895065-2075309963-256442821-18467357772005615740177771885273938447
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe"
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000084c
\??\C:\Windows\system32\conhost.exe "-32544787-158875807415282123332017480948-17536934111002230938-14791359141210475356
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k WerSvcGroup
projects/boinc.bakerlab.org_rosetta/minirosetta_3.24_windows_x86_64.exe -run:protocol jd2_scripting @flags_rb_03_23_30036_60782__t000__robetta -silent_gz -mute all -out:file:silent default.out -in:file:boinc_wu_zip input_rb_03_23_30036_60782__t000__robetta.zip -nstruct 10000 -cpu_run_time 10800 -checkpoint_interval 120 -database minirosetta_database -in::file::zip minirosetta_database.zip -boinc::watchdog -run::rng mt19937 -constant_seed -jran 2949352
projects/boinc.bakerlab.org_rosetta/minirosetta_3.24_windows_x86_64.exe -run:protocol jd2_scripting @flags_rb_03_23_30036_60782__t000__robetta -silent_gz -mute all -out:file:silent default.out -in:file:boinc_wu_zip input_rb_03_23_30036_60782__t000__robetta.zip -nstruct 10000 -cpu_run_time 10800 -checkpoint_interval 120 -database minirosetta_database -in::file::zip minirosetta_database.zip -boinc::watchdog -run::rng mt19937 -constant_seed -jran 2949025
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 584 588 596 65536 592
"C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
wmiadap.exe /F /T /R
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Tibor\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\xu8rs6ss.default

prefs.js - "browser.startup.homepage" - "http://www.searchqu.com/408"
prefs.js - "keyword.URL" - "http://dts.search-results.com/sr?src=ff ... 08&sr=0&q="

"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm LTD Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
ffxtlbr@babylon.com
staged
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
nppdf32.dll
npwachk.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
babylon.xml
dunaj-sk.xml
eBay.xml
fcmdSrchw7th.xml
google.xml
Search_Results.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml

C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\xu8rs6ss.default\extensions\
ffxtlbr@babylon.com
info@bflix.info
info@my-tools-app.com
info@thebflix.com
{800b5000-a755-47e1-992b-48a1c1357f07}
{99079a25-328f-4bd4-be04-00955acaa0a7}

C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\xu8rs6ss.default\searchplugins\
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin.xml
MyTools.xml
Search_Results.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-02-29 904832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
DataMngr - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\BROWSE~1.DLL [2011-11-17 118168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C9F4179-6CE2-4c6a-A3E5-67FF3592A12E}]
BFlix Class - C:\Program Files (x86)\BFlix\BFlix.dll [2011-12-30 167936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}]
2YourFace Addon - C:\Program Files (x86)\2YourFace\bho.dll [2011-07-13 50176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.10\bh\facemoods.dll [2011-05-23 265944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-07-31 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-02-29 599680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
Searchqu Toolbar - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
DataMngr - C:\PROGRA~2\WIA6EB~1\Datamngr\BROWSE~1.DLL [2011-11-17 101272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files (x86)\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll [2011-08-17 734048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C3A44133-7EAD-434C-AC9E-7F1DA176BA8C}]
MyTools Class - C:\Program Files (x86)\MyTools\MyTools.dll [2011-12-30 167936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9A15734-C02C-472E-AD5D-B02121AD61B0}]
TheBflix Class - C:\ProgramData\TheBflix\bhoclass.dll [2012-02-23 141824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-07-31 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll [2011-06-22 2398720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-02-29 904832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{338B4DFE-2E2C-4338-9E41-E176D497299E} - Hyperionics DB Toolbar - C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll [2011-06-22 2398720]
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - facemoods Toolbar - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.10\facemoodsTlbr.dll [2011-05-23 220888]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files (x86)\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll [2011-08-17 734048]
{99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-02-29 599680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"=C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-05-27 349552]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
"PLFSetI"=C:\Windows\PLFSetI.exe [2010-06-10 206208]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-06-11 861216]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2012-02-29 1126528]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2012-02-20 2786480]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-02-20 3669680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe [2011-09-09 607576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX420W Series]
C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE [2009-09-14 224768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2011-06-15 307200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-04-13 284696]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-05-27 337264]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-03-11 201584]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-03-11 407920]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-06-29 265984]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-06-22 968272]
"facemoods"=C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.10\facemoodssrv.exe [2011-05-23 329432]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2009-12-03 976320]
"DATAMNGR"=C:\PROGRA~2\WIA6EB~1\Datamngr\DATAMN~1.EXE [2011-11-17 1694608]
"Config"=C:\Program Files (x86)\Microsoft Games\Age Of Empires ii\Config.exe [2006-07-06 151552]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2012-01-31 258512]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2012-03-05 73360]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe []
"boincmgr"=C:\Program Files (x86)\BOINC\boincmgr.exe [2011-07-28 4514992]
"boinctray"=C:\Program Files (x86)\BOINC\boinctray.exe [2011-07-28 70832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\fast64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-03-24 22:29:20 ----D---- C:\Program Files (x86)\BOINC
2012-03-24 22:28:03 ----SHD---- C:\Config.Msi
2012-03-24 22:17:18 ----D---- C:\ProgramData\BOINC
2012-03-24 20:53:43 ----D---- C:\Program Files (x86)\Zamzom
2012-03-24 20:50:44 ----D---- C:\Program Files (x86)\NirSoft
2012-03-24 14:36:16 ----D---- C:\Program Files\trend micro
2012-03-24 14:36:15 ----D---- C:\rsit
2012-03-24 14:13:54 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-03-24 14:13:54 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-03-24 14:13:54 ----A---- C:\Windows\SYSWOW64\java.exe
2012-03-24 10:25:40 ----D---- C:\Program Files\Speccy
2012-03-20 22:54:43 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-03-20 22:54:43 ----A---- C:\Windows\system32\DWrite.dll
2012-03-20 22:54:40 ----A---- C:\Windows\system32\win32k.sys
2012-03-20 22:54:29 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-03-20 22:54:29 ----A---- C:\Windows\system32\rdpwsx.dll
2012-03-20 22:54:29 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-03-20 17:16:21 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-03-20 17:16:21 ----A---- C:\Windows\system32\rdpcore.dll
2012-03-20 17:16:20 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-03-20 17:16:20 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-03-19 18:12:13 ----D---- C:\Windows\Sun
2012-03-18 12:08:00 ----D---- C:\Program Files (x86)\Resource Hacker
2012-03-18 12:00:52 ----A---- C:\Windows\iun6002.exe
2012-03-18 12:00:51 ----D---- C:\Program Files (x86)\Debuggy By Vanja Fuckar
2012-03-15 22:39:39 ----D---- C:\Program Files (x86)\DesiatimiPrstami
2012-03-15 21:16:21 ----D---- C:\Users\Tibor\AppData\Roaming\Avira
2012-03-15 21:09:02 ----D---- C:\ProgramData\AutoKMS
2012-03-15 20:51:20 ----D---- C:\Program Files (x86)\Eusing Free Registry Cleaner
2012-03-15 20:43:16 ----D---- C:\Users\Tibor\AppData\Roaming\Wise Registry Cleaner
2012-03-15 20:42:58 ----D---- C:\Program Files (x86)\Wise Registry Cleaner
2012-03-15 20:40:46 ----A---- C:\Windows\system32\drivers\stflt.sys
2012-03-15 20:40:43 ----D---- C:\Users\Tibor\AppData\Roaming\Spyware Terminator
2012-03-15 20:40:43 ----D---- C:\ProgramData\Spyware Terminator
2012-03-15 20:40:36 ----D---- C:\Program Files (x86)\Spyware Terminator
2012-03-15 20:38:47 ----D---- C:\Users\Tibor\AppData\Roaming\CheckPoint
2012-03-15 20:38:01 ----D---- C:\Program Files\CheckPoint
2012-03-15 20:34:21 ----D---- C:\Program Files (x86)\CheckPoint
2012-03-15 20:33:53 ----D---- C:\ProgramData\CheckPoint
2012-03-15 20:32:24 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2012-03-15 20:32:24 ----A---- C:\Windows\system32\drivers\avipbb.sys
2012-03-15 20:32:24 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2012-03-15 20:32:23 ----D---- C:\ProgramData\Avira
2012-03-15 20:32:23 ----D---- C:\Program Files (x86)\Avira
2012-03-15 20:26:35 ----A---- C:\guninst.bat
2012-03-15 20:25:27 ----A---- C:\guninst.exe
2012-03-03 21:37:06 ----D---- C:\Program Files (x86)\Microsoft Games
2012-03-03 14:24:52 ----A---- C:\AILog.txt
2012-03-02 17:43:10 ----D---- C:\ProgramData\TrackMania
2012-02-28 17:26:19 ----A---- C:\Users\Tibor\AppData\Roaming\room_v3.dat
2012-02-28 17:17:46 ----D---- C:\Users\Tibor\AppData\Roaming\GarenaPlus
2012-02-28 17:14:30 ----D---- C:\Program Files (x86)\Garena Plus
2012-02-28 17:14:20 ----D---- C:\ProgramData\GarenaMessenger

======List of files/folders modified in the last 1 month======

2012-03-25 12:29:04 ----D---- C:\Windows\Temp
2012-03-25 12:26:42 ----D---- C:\Program Files (x86)\Steam
2012-03-25 12:26:01 ----D---- C:\Windows\system32\config
2012-03-25 12:24:05 ----A---- C:\Windows\SYSWOW64\log.txt
2012-03-25 12:20:23 ----SHD---- C:\System Volume Information
2012-03-25 12:20:03 ----D---- C:\Windows\Microsoft.NET
2012-03-25 12:19:52 ----SHD---- C:\Windows\Installer
2012-03-25 12:19:30 ----D---- C:\ProgramData\Microsoft Help
2012-03-25 12:19:28 ----RSD---- C:\Windows\assembly
2012-03-25 12:16:47 ----RD---- C:\Program Files (x86)
2012-03-25 12:16:47 ----D---- C:\Windows
2012-03-25 12:16:47 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-03-25 12:16:47 ----D---- C:\Program Files (x86)\Microsoft Office
2012-03-25 12:16:31 ----RSD---- C:\Windows\Fonts
2012-03-25 12:16:24 ----SD---- C:\ProgramData\Microsoft
2012-03-25 12:16:24 ----D---- C:\Windows\ShellNew
2012-03-25 12:16:23 ----D---- C:\Program Files (x86)\MSBuild
2012-03-25 12:16:22 ----D---- C:\Windows\SysWOW64
2012-03-25 12:16:22 ----D---- C:\Program Files (x86)\Common Files
2012-03-25 12:13:15 ----A---- C:\Windows\win.ini
2012-03-25 12:13:10 ----D---- C:\Program Files
2012-03-25 12:11:25 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-03-25 09:36:52 ----D---- C:\Windows\System32
2012-03-25 09:36:52 ----D---- C:\Windows\inf
2012-03-25 09:36:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-24 22:26:05 ----D---- C:\Windows\Downloaded Installations
2012-03-24 22:17:18 ----HD---- C:\ProgramData
2012-03-24 21:56:49 ----D---- C:\Program Files (x86)\Warcraft III
2012-03-24 20:43:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-03-24 14:32:23 ----D---- C:\Windows\Minidump
2012-03-24 14:32:23 ----D---- C:\Windows\debug
2012-03-24 14:31:56 ----D---- C:\Users\Tibor\AppData\Roaming\Skype
2012-03-24 14:31:54 ----D---- C:\Users\Tibor\AppData\Roaming\Winamp
2012-03-24 14:13:53 ----D---- C:\Program Files (x86)\Java
2012-03-24 14:03:20 ----D---- C:\Program Files (x86)\bosskocs
2012-03-24 13:29:55 ----D---- C:\Program Files (x86)\Winamp
2012-03-23 17:29:38 ----D---- C:\Windows\system32\Tasks
2012-03-21 07:53:18 ----D---- C:\Windows\winsxs
2012-03-20 23:22:07 ----A---- C:\Windows\system32\MRT.exe
2012-03-20 23:22:02 ----D---- C:\Windows\system32\catroot
2012-03-20 22:54:20 ----D---- C:\Windows\system32\catroot2
2012-03-20 22:46:31 ----D---- C:\Windows\system32\drivers
2012-03-20 15:13:42 ----D---- C:\Users\Tibor\AppData\Roaming\IObit
2012-03-20 15:13:34 ----D---- C:\Program Files (x86)\IObit
2012-03-20 15:12:39 ----D---- C:\ProgramData\IObit
2012-03-18 23:23:11 ----D---- C:\Windows\system32\wdi
2012-03-17 21:25:32 ----D---- C:\Users\Tibor\AppData\Roaming\Hamachi
2012-03-17 11:33:26 ----D---- C:\Program Files (x86)\Hyperionics DB Toolbar
2012-03-15 21:17:18 ----D---- C:\Windows\SYSWOW64\drivers
2012-03-15 21:08:34 ----D---- C:\Program Files\Google
2012-03-15 21:08:34 ----D---- C:\Program Files (x86)\Google
2012-03-15 20:50:41 ----D---- C:\Windows\SYSWOW64\config
2012-03-15 20:39:07 ----D---- C:\Windows\system32\DriverStore
2012-03-15 20:32:06 ----D---- C:\Windows\Tasks
2012-03-15 20:30:35 ----D---- C:\ProgramData\AVAST Software
2012-03-15 20:27:56 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-03-15 20:27:53 ----D---- C:\Program Files (x86)\NTI
2012-03-15 20:26:58 ----D---- C:\Program Files (x86)\Restorator 2009
2012-03-15 20:26:27 ----D---- C:\Program Files (x86)\Acer GameZone
2012-03-15 20:24:24 ----D---- C:\Program Files (x86)\Acer
2012-03-15 20:23:36 ----D---- C:\Program Files (x86)\OpenOffice.org 3
2012-03-15 20:15:28 ----DC---- C:\Windows\system32\DRVSTORE
2012-03-15 20:12:11 ----D---- C:\Program Files (x86)\Counter-Strike 1.6
2012-03-15 20:11:13 ----D---- C:\ProgramData\TheBflix
2012-03-15 20:10:59 ----D---- C:\ProgramData\Google
2012-03-15 20:07:54 ----D---- C:\Program Files (x86)\CursorXP
2012-03-15 20:04:55 ----A---- C:\Windows\_MSRSTRT.EXE
2012-03-12 23:06:47 ----RD---- C:\Program Files (x86)\Skype
2012-03-12 23:06:42 ----D---- C:\ProgramData\Skype
2012-03-02 17:27:29 ----SD---- C:\Users\Tibor\AppData\Roaming\Microsoft
2012-02-26 21:23:52 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-01-31 132320]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-09-16 27760]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-13 271424]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2011-06-15 93240]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2011-05-07 454232]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-01-31 97312]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-02-29 33672]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2012-03-15 51496]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-11 2229608]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-05-20 32296]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-12-13 33344]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-06-21 131688]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-10-13 867064]
S1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2009-10-25 23552]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-05-20 38248]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-05-20 55336]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-05-20 294760]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-05-20 202792]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-05-20 52584]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-05-20 156392]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-05-26 264040]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2009-12-17 145360]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-01-31 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-01-31 86224]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-05-26 47776]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
R2 FBDiskOptimizer;FBDiskOptimizer; C:\Program Files (x86)\FixBee\FBDefragSrv64.exe [2011-08-11 630584]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-02-29 827520]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
R2 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-29 255744]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-19 159336]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2011-11-22 1148632]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2012-03-05 2420616]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-15 158856]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-13 655624]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-03-15 489256]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-30 1255736]

-----------------EOF-----------------

Re: prosím o kontrolu

Napsal: 25 bře 2012 12:02
od Rudy
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files (x86)\2YourFace
C:\Program Files (x86)\Skype\Toolbars
C:\Program Files (x86)\pdfforge Toolbar
C:\ProgramData\TheBflix
C:\Program Files (x86)\Hyperionics DB Toolbar
C:\Program Files (x86)\facemoods.com

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9A15734-C02C-472E-AD5D-B02121AD61B0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"facemoods"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC.

Re: prosím o kontrolu

Napsal: 25 bře 2012 12:17
od boss382
All processes killed
========== FILES ==========
C:\Program Files (x86)\2YourFace\ffextension\defaults\preferences folder moved successfully.
C:\Program Files (x86)\2YourFace\ffextension\defaults folder moved successfully.
C:\Program Files (x86)\2YourFace\ffextension\chrome\skin folder moved successfully.
C:\Program Files (x86)\2YourFace\ffextension\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\2YourFace\ffextension\chrome\locale folder moved successfully.
C:\Program Files (x86)\2YourFace\ffextension\chrome\content folder moved successfully.
C:\Program Files (x86)\2YourFace\ffextension\chrome folder moved successfully.
C:\Program Files (x86)\2YourFace\ffextension folder moved successfully.
C:\Program Files (x86)\2YourFace folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Shared folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar\Res folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar\IE\4.6 folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar\IE folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar\FF\chrome\skin folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar\FF\chrome\locale\EN-US folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar\FF\chrome\locale folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar\FF\chrome\content folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar\FF\chrome folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar\FF folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar folder moved successfully.
C:\ProgramData\TheBflix\data folder moved successfully.
C:\ProgramData\TheBflix folder moved successfully.
C:\Program Files (x86)\Hyperionics DB Toolbar folder moved successfully.
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.10\bh folder moved successfully.
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.10 folder moved successfully.
C:\Program Files (x86)\facemoods.com\facemoods folder moved successfully.
C:\Program Files (x86)\facemoods.com folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9A15734-C02C-472E-AD5D-B02121AD61B0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9A15734-C02C-472E-AD5D-B02121AD61B0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\facemoods deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Tibor
->Temp folder emptied: 9459684 bytes
->Temporary Internet Files folder emptied: 2795642 bytes
->Java cache emptied: 5862 bytes
->FireFox cache emptied: 58175492 bytes
->Google Chrome cache emptied: 13357020 bytes
->Opera cache emptied: 14488811 bytes
->Flash cache emptied: 3683 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4060080 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50587 bytes
RecycleBin emptied: 971775829 bytes

Total Files Cleaned = 1,024.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Public

User: Tibor
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTM by OldTimer - Version 3.1.19.0 log created on 03252012_130924

Files moved on Reboot...
C:\Users\Tibor\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Tibor\AppData\Local\Temp\~DF8D0C62888113560D.TMP moved successfully.
C:\Windows\temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Windows\temp\FXSTIFFDebugLogFile.txt moved successfully.
File C:\Windows\temp\ZLT060cb.TMP not found!

Registry entries deleted on Reboot...

Re: prosím o kontrolu

Napsal: 25 bře 2012 18:31
od Rudy
Smazáno. Nastala nějaká změna?

Re: prosím o kontrolu

Napsal: 25 bře 2012 18:35
od boss382
ANO rýchlosť a plinulosť sa zlepšila o 20-30% dakujem moc krát :thumbsup:

Re: prosím o kontrolu

Napsal: 25 bře 2012 18:50
od Rudy
Nemáte zač!
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz