prosím o kontrolu logu
Napsal: 13 kvě 2012 19:23
Prosím o kontrolu logu, děkuji
Logfile of random's system information tool 1.09 (written by random/random)
Run by Eklp at 2012-05-13 20:21:38
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 49 GB (43%) free of 115 GB
Total RAM: 1790 MB (43% free)
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
/QuitInfo:000000000000043C;0000000000000440; /AddRef;
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
/QuitInfo:0000000000000510;0000000000000514; /AddRef;
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\nlssrv32.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Wacom_Tablet.exe
WTablet\Wacom_TabletUser.exe
Wacom_Tablet.exe au
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\RM\Easiteach Next Generation\LightboxEducation.Easiteach.DownloadCentre.exe" /mode:minimise
"C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --channel="364.1.929242596\588356774" /prefetch:3
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Eklp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll" --lang=cs --channel="364.2.1632074381\1959728182" /prefetch:4
"taskhost.exe"
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel="364.7.711932577\1624416127" /prefetch:3
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel="364.10.2093822558\243625778" /prefetch:3
C:\Windows\system32\rundll32.exe "C:\Users\Eklp\AppData\Local\Google\Chrome\APPLIC~1\180102~1.168\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Eklp\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll" --lang=cs --channel="364.11.350871837\1646714663" --flash-broker=2260 /prefetch:4
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel="364.13.1815627984\9588934" /prefetch:3
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel="364.18.931597757\166684760" /prefetch:3
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel="364.21.1142449248\485579079" /prefetch:3
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel="364.23.977179907\464096116" /prefetch:3
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel="364.26.1307019143\239779556" /prefetch:3
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel="364.28.35511410\199866769" /prefetch:3
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel="364.31.2018295191\428237801" /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Eklp\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4202659907-2524143445-3784160132-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4202659907-2524143445-3784160132-1001UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Eklp\AppData\Roaming\Mozilla\Firefox\Profiles\8thpewx4.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [2011-11-11 1942368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-11-10 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-08-09 12666984]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Eklp\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-19 136176]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-30 98304]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-01-24 2416480]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Centrum stahování.lnk - C:\Program Files (x86)\RM\Easiteach Next Generation\LightboxEducation.Easiteach.DownloadCentre.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-05-13 20:21:38 ----D---- C:\rsit
2012-05-13 20:21:38 ----D---- C:\Program Files\trend micro
2012-05-13 19:20:38 ----D---- C:\Windows\system32\appmgmt
2012-05-11 22:48:31 ----D---- C:\ProgramData\Nik Software
2012-05-11 22:48:30 ----D---- C:\Program Files\Nik Software
2012-05-08 23:21:34 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-05-08 23:21:34 ----A---- C:\Windows\system32\DWrite.dll
2012-05-08 23:21:30 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-05-08 23:21:29 ----A---- C:\Windows\system32\win32k.sys
2012-05-08 23:21:28 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-05-08 23:21:28 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-05-08 23:21:00 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-05-08 23:20:46 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-05-06 17:47:16 ----D---- C:\ProgramData\NCH Software
2012-05-06 17:46:46 ----D---- C:\Program Files (x86)\NCH Software
2012-05-06 17:46:39 ----D---- C:\Users\Eklp\AppData\Roaming\NCH Software
2012-05-03 07:16:41 ----A---- C:\Windows\system32\rdpwsx.dll
2012-05-03 07:16:41 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-05-03 06:50:00 ----D---- C:\Windows\system32\SPReview
2012-05-03 06:49:17 ----D---- C:\Windows\system32\EventProviders
2012-05-03 06:47:44 ----A---- C:\Windows\system32\MRT.exe
2012-04-30 23:59:59 ----D---- C:\Program Files (x86)\astrojargon.net
======List of files/folders modified in the last 1 month======
2012-05-13 20:21:41 ----D---- C:\Windows\Prefetch
2012-05-13 20:21:38 ----RD---- C:\Program Files
2012-05-13 19:38:24 ----D---- C:\Windows\system32\config
2012-05-13 19:38:18 ----D---- C:\Windows\winsxs
2012-05-13 19:30:49 ----D---- C:\Windows\System32
2012-05-13 19:30:49 ----D---- C:\Windows\inf
2012-05-13 19:30:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-05-13 19:27:32 ----D---- C:\Program Files\Zoner
2012-05-13 19:24:59 ----D---- C:\Users\Eklp\AppData\Roaming\WTablet
2012-05-13 19:20:58 ----RD---- C:\Program Files (x86)
2012-05-13 19:20:38 ----SHD---- C:\Windows\Installer
2012-05-13 19:20:20 ----D---- C:\Program Files\Common Files\Adobe
2012-05-13 19:20:02 ----D---- C:\Windows\system32\catroot2
2012-05-13 19:19:58 ----SHD---- C:\System Volume Information
2012-05-13 17:13:09 ----D---- C:\Program Files (x86)\rajce
2012-05-13 11:17:33 ----D---- C:\Windows\Temp
2012-05-13 01:38:14 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-05-11 22:55:32 ----AD---- C:\Windows
2012-05-11 22:49:18 ----D---- C:\Windows\SysWOW64
2012-05-11 22:48:31 ----HD---- C:\ProgramData
2012-05-10 15:06:50 ----D---- C:\Users\Eklp\AppData\Roaming\FileZilla
2012-05-09 07:24:36 ----RSD---- C:\Windows\assembly
2012-05-09 07:24:36 ----D---- C:\Windows\Microsoft.NET
2012-05-09 06:25:15 ----D---- C:\Windows\system32\drivers
2012-05-09 01:03:36 ----D---- C:\ProgramData\Microsoft Help
2012-05-09 00:59:03 ----D---- C:\Windows\system32\catroot
2012-05-09 00:54:23 ----D---- C:\Program Files\Windows Journal
2012-05-06 19:33:09 ----D---- C:\Users\Eklp\AppData\Roaming\Intelli-studio
2012-05-06 17:47:16 ----D---- C:\Windows\system32\Tasks
2012-05-06 09:11:53 ----D---- C:\Windows\system32\wdi
2012-05-03 07:59:43 ----D---- C:\Windows\rescache
2012-05-03 07:24:09 ----D---- C:\Windows\system32\DriverStore
2012-05-03 07:20:02 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-05-03 07:20:02 ----D---- C:\Program Files (x86)\Windows Portable Devices
2012-05-03 07:20:02 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-05-03 07:20:02 ----D---- C:\Program Files (x86)\Windows Media Player
2012-05-03 07:20:02 ----D---- C:\Program Files (x86)\Windows Mail
2012-05-03 07:20:01 ----D---- C:\Program Files\Windows Sidebar
2012-05-03 07:20:01 ----D---- C:\Program Files\Windows Portable Devices
2012-05-03 07:20:01 ----D---- C:\Program Files\Windows Photo Viewer
2012-05-03 07:20:01 ----D---- C:\Program Files\Windows Media Player
2012-05-03 07:20:01 ----D---- C:\Program Files\Windows Mail
2012-05-03 07:20:01 ----D---- C:\Program Files\DVD Maker
2012-05-03 07:20:00 ----D---- C:\Windows\servicing
2012-05-03 07:20:00 ----D---- C:\Windows\ehome
2012-05-03 07:20:00 ----D---- C:\Program Files\Windows Defender
2012-05-03 07:20:00 ----D---- C:\Program Files\Common Files\System
2012-05-03 07:19:55 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2012-05-03 07:19:55 ----D---- C:\Windows\SYSWOW64\oobe
2012-05-03 07:19:55 ----D---- C:\Windows\SYSWOW64\migration
2012-05-03 07:19:55 ----D---- C:\Windows\SYSWOW64\da-DK
2012-05-03 07:19:55 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2012-05-03 07:19:54 ----D---- C:\Windows\SYSWOW64\wbem
2012-05-03 07:19:54 ----D---- C:\Windows\SYSWOW64\sppui
2012-05-03 07:19:54 ----D---- C:\Windows\SYSWOW64\Setup
2012-05-03 07:19:54 ----D---- C:\Windows\SYSWOW64\manifeststore
2012-05-03 07:19:54 ----D---- C:\Windows\SYSWOW64\es-ES
2012-05-03 07:19:54 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-05-03 07:19:54 ----D---- C:\Windows\SYSWOW64\cs
2012-05-03 07:19:53 ----D---- C:\Windows\SYSWOW64\migwiz
2012-05-03 07:19:53 ----D---- C:\Windows\SYSWOW64\Dism
2012-05-03 07:19:44 ----D---- C:\Windows\system32\Setup
2012-05-03 07:19:44 ----D---- C:\Windows\system32\oobe
2012-05-03 07:19:44 ----D---- C:\Windows\system32\migration
2012-05-03 07:19:44 ----D---- C:\Windows\system32\en-US
2012-05-03 07:19:44 ----D---- C:\Windows\system32\da-DK
2012-05-03 07:19:44 ----D---- C:\Windows\system32\cs
2012-05-03 07:19:44 ----D---- C:\Windows\system32\AdvancedInstallers
2012-05-03 07:19:44 ----D---- C:\Windows\PolicyDefinitions
2012-05-03 07:19:43 ----D---- C:\Windows\system32\sppui
2012-05-03 07:19:43 ----D---- C:\Windows\system32\manifeststore
2012-05-03 07:19:43 ----D---- C:\Windows\system32\es-ES
2012-05-03 07:19:43 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-05-03 07:19:43 ----D---- C:\Windows\system32\cs-CZ
2012-05-03 07:19:42 ----D---- C:\Windows\system32\wbem
2012-05-03 07:19:42 ----D---- C:\Windows\system32\migwiz
2012-05-03 07:19:42 ----D---- C:\Windows\system32\drivers\UMDF
2012-05-03 07:19:42 ----D---- C:\Windows\system32\Dism
2012-05-03 07:19:33 ----RSD---- C:\Windows\Fonts
2012-05-03 07:19:33 ----D---- C:\Windows\AppPatch
2012-05-03 07:19:26 ----D---- C:\Windows\system32\Boot
2012-05-03 06:57:03 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2012-05-03 06:57:02 ----A---- C:\Windows\system32\msclmd.dll
2012-04-26 22:52:10 ----SD---- C:\Users\Eklp\AppData\Roaming\Microsoft
2012-04-19 19:32:27 ----SD---- C:\ProgramData\Microsoft
2012-04-15 06:47:26 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-04 16440]
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2011-05-23 48992]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-07-11 375376]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-30 6103552]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 120400]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 29776]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-08-12 3053160]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2011-07-06 367976]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2007-02-16 12848]
S3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-29 202752]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2011-02-21 66560]
R2 TabletServiceWacom;TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [2009-11-24 5521192]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-21 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Eklp at 2012-05-13 20:21:38
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 49 GB (43%) free of 115 GB
Total RAM: 1790 MB (43% free)
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
/QuitInfo:000000000000043C;0000000000000440; /AddRef;
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
/QuitInfo:0000000000000510;0000000000000514; /AddRef;
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\nlssrv32.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Wacom_Tablet.exe
WTablet\Wacom_TabletUser.exe
Wacom_Tablet.exe au
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\RM\Easiteach Next Generation\LightboxEducation.Easiteach.DownloadCentre.exe" /mode:minimise
"C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --channel="364.1.929242596\588356774" /prefetch:3
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Eklp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll" --lang=cs --channel="364.2.1632074381\1959728182" /prefetch:4
"taskhost.exe"
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel="364.7.711932577\1624416127" /prefetch:3
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel="364.10.2093822558\243625778" /prefetch:3
C:\Windows\system32\rundll32.exe "C:\Users\Eklp\AppData\Local\Google\Chrome\APPLIC~1\180102~1.168\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Eklp\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll" --lang=cs --channel="364.11.350871837\1646714663" --flash-broker=2260 /prefetch:4
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel="364.13.1815627984\9588934" /prefetch:3
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel="364.18.931597757\166684760" /prefetch:3
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel="364.21.1142449248\485579079" /prefetch:3
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel="364.23.977179907\464096116" /prefetch:3
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel="364.26.1307019143\239779556" /prefetch:3
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel="364.28.35511410\199866769" /prefetch:3
"C:\Users\Eklp\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel="364.31.2018295191\428237801" /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Eklp\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4202659907-2524143445-3784160132-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4202659907-2524143445-3784160132-1001UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Eklp\AppData\Roaming\Mozilla\Firefox\Profiles\8thpewx4.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [2011-11-11 1942368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-11-10 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-08-09 12666984]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Eklp\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-19 136176]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-30 98304]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-01-24 2416480]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Centrum stahování.lnk - C:\Program Files (x86)\RM\Easiteach Next Generation\LightboxEducation.Easiteach.DownloadCentre.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-05-13 20:21:38 ----D---- C:\rsit
2012-05-13 20:21:38 ----D---- C:\Program Files\trend micro
2012-05-13 19:20:38 ----D---- C:\Windows\system32\appmgmt
2012-05-11 22:48:31 ----D---- C:\ProgramData\Nik Software
2012-05-11 22:48:30 ----D---- C:\Program Files\Nik Software
2012-05-08 23:21:34 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-05-08 23:21:34 ----A---- C:\Windows\system32\DWrite.dll
2012-05-08 23:21:30 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-05-08 23:21:29 ----A---- C:\Windows\system32\win32k.sys
2012-05-08 23:21:28 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-05-08 23:21:28 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-05-08 23:21:00 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-05-08 23:20:46 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-05-06 17:47:16 ----D---- C:\ProgramData\NCH Software
2012-05-06 17:46:46 ----D---- C:\Program Files (x86)\NCH Software
2012-05-06 17:46:39 ----D---- C:\Users\Eklp\AppData\Roaming\NCH Software
2012-05-03 07:16:41 ----A---- C:\Windows\system32\rdpwsx.dll
2012-05-03 07:16:41 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-05-03 06:50:00 ----D---- C:\Windows\system32\SPReview
2012-05-03 06:49:17 ----D---- C:\Windows\system32\EventProviders
2012-05-03 06:47:44 ----A---- C:\Windows\system32\MRT.exe
2012-04-30 23:59:59 ----D---- C:\Program Files (x86)\astrojargon.net
======List of files/folders modified in the last 1 month======
2012-05-13 20:21:41 ----D---- C:\Windows\Prefetch
2012-05-13 20:21:38 ----RD---- C:\Program Files
2012-05-13 19:38:24 ----D---- C:\Windows\system32\config
2012-05-13 19:38:18 ----D---- C:\Windows\winsxs
2012-05-13 19:30:49 ----D---- C:\Windows\System32
2012-05-13 19:30:49 ----D---- C:\Windows\inf
2012-05-13 19:30:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-05-13 19:27:32 ----D---- C:\Program Files\Zoner
2012-05-13 19:24:59 ----D---- C:\Users\Eklp\AppData\Roaming\WTablet
2012-05-13 19:20:58 ----RD---- C:\Program Files (x86)
2012-05-13 19:20:38 ----SHD---- C:\Windows\Installer
2012-05-13 19:20:20 ----D---- C:\Program Files\Common Files\Adobe
2012-05-13 19:20:02 ----D---- C:\Windows\system32\catroot2
2012-05-13 19:19:58 ----SHD---- C:\System Volume Information
2012-05-13 17:13:09 ----D---- C:\Program Files (x86)\rajce
2012-05-13 11:17:33 ----D---- C:\Windows\Temp
2012-05-13 01:38:14 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-05-11 22:55:32 ----AD---- C:\Windows
2012-05-11 22:49:18 ----D---- C:\Windows\SysWOW64
2012-05-11 22:48:31 ----HD---- C:\ProgramData
2012-05-10 15:06:50 ----D---- C:\Users\Eklp\AppData\Roaming\FileZilla
2012-05-09 07:24:36 ----RSD---- C:\Windows\assembly
2012-05-09 07:24:36 ----D---- C:\Windows\Microsoft.NET
2012-05-09 06:25:15 ----D---- C:\Windows\system32\drivers
2012-05-09 01:03:36 ----D---- C:\ProgramData\Microsoft Help
2012-05-09 00:59:03 ----D---- C:\Windows\system32\catroot
2012-05-09 00:54:23 ----D---- C:\Program Files\Windows Journal
2012-05-06 19:33:09 ----D---- C:\Users\Eklp\AppData\Roaming\Intelli-studio
2012-05-06 17:47:16 ----D---- C:\Windows\system32\Tasks
2012-05-06 09:11:53 ----D---- C:\Windows\system32\wdi
2012-05-03 07:59:43 ----D---- C:\Windows\rescache
2012-05-03 07:24:09 ----D---- C:\Windows\system32\DriverStore
2012-05-03 07:20:02 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-05-03 07:20:02 ----D---- C:\Program Files (x86)\Windows Portable Devices
2012-05-03 07:20:02 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-05-03 07:20:02 ----D---- C:\Program Files (x86)\Windows Media Player
2012-05-03 07:20:02 ----D---- C:\Program Files (x86)\Windows Mail
2012-05-03 07:20:01 ----D---- C:\Program Files\Windows Sidebar
2012-05-03 07:20:01 ----D---- C:\Program Files\Windows Portable Devices
2012-05-03 07:20:01 ----D---- C:\Program Files\Windows Photo Viewer
2012-05-03 07:20:01 ----D---- C:\Program Files\Windows Media Player
2012-05-03 07:20:01 ----D---- C:\Program Files\Windows Mail
2012-05-03 07:20:01 ----D---- C:\Program Files\DVD Maker
2012-05-03 07:20:00 ----D---- C:\Windows\servicing
2012-05-03 07:20:00 ----D---- C:\Windows\ehome
2012-05-03 07:20:00 ----D---- C:\Program Files\Windows Defender
2012-05-03 07:20:00 ----D---- C:\Program Files\Common Files\System
2012-05-03 07:19:55 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2012-05-03 07:19:55 ----D---- C:\Windows\SYSWOW64\oobe
2012-05-03 07:19:55 ----D---- C:\Windows\SYSWOW64\migration
2012-05-03 07:19:55 ----D---- C:\Windows\SYSWOW64\da-DK
2012-05-03 07:19:55 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2012-05-03 07:19:54 ----D---- C:\Windows\SYSWOW64\wbem
2012-05-03 07:19:54 ----D---- C:\Windows\SYSWOW64\sppui
2012-05-03 07:19:54 ----D---- C:\Windows\SYSWOW64\Setup
2012-05-03 07:19:54 ----D---- C:\Windows\SYSWOW64\manifeststore
2012-05-03 07:19:54 ----D---- C:\Windows\SYSWOW64\es-ES
2012-05-03 07:19:54 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-05-03 07:19:54 ----D---- C:\Windows\SYSWOW64\cs
2012-05-03 07:19:53 ----D---- C:\Windows\SYSWOW64\migwiz
2012-05-03 07:19:53 ----D---- C:\Windows\SYSWOW64\Dism
2012-05-03 07:19:44 ----D---- C:\Windows\system32\Setup
2012-05-03 07:19:44 ----D---- C:\Windows\system32\oobe
2012-05-03 07:19:44 ----D---- C:\Windows\system32\migration
2012-05-03 07:19:44 ----D---- C:\Windows\system32\en-US
2012-05-03 07:19:44 ----D---- C:\Windows\system32\da-DK
2012-05-03 07:19:44 ----D---- C:\Windows\system32\cs
2012-05-03 07:19:44 ----D---- C:\Windows\system32\AdvancedInstallers
2012-05-03 07:19:44 ----D---- C:\Windows\PolicyDefinitions
2012-05-03 07:19:43 ----D---- C:\Windows\system32\sppui
2012-05-03 07:19:43 ----D---- C:\Windows\system32\manifeststore
2012-05-03 07:19:43 ----D---- C:\Windows\system32\es-ES
2012-05-03 07:19:43 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-05-03 07:19:43 ----D---- C:\Windows\system32\cs-CZ
2012-05-03 07:19:42 ----D---- C:\Windows\system32\wbem
2012-05-03 07:19:42 ----D---- C:\Windows\system32\migwiz
2012-05-03 07:19:42 ----D---- C:\Windows\system32\drivers\UMDF
2012-05-03 07:19:42 ----D---- C:\Windows\system32\Dism
2012-05-03 07:19:33 ----RSD---- C:\Windows\Fonts
2012-05-03 07:19:33 ----D---- C:\Windows\AppPatch
2012-05-03 07:19:26 ----D---- C:\Windows\system32\Boot
2012-05-03 06:57:03 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2012-05-03 06:57:02 ----A---- C:\Windows\system32\msclmd.dll
2012-04-26 22:52:10 ----SD---- C:\Users\Eklp\AppData\Roaming\Microsoft
2012-04-19 19:32:27 ----SD---- C:\ProgramData\Microsoft
2012-04-15 06:47:26 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-04 16440]
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2011-05-23 48992]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-07-11 375376]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-30 6103552]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 120400]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 29776]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-08-12 3053160]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2011-07-06 367976]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2007-02-16 12848]
S3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-29 202752]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2011-02-21 66560]
R2 TabletServiceWacom;TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [2009-11-24 5521192]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-21 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------