VIRY.CZ

Pc se mi v poslední době chová divně. Proto prosím o preventivku zda tam není nějaký ten Šmejd..
Přikládám RSIT log. Předem mockrát děkuji.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Methanol at 2012-11-03 15:46:34
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 49 GB (40%) free of 122 GB
Total RAM: 8146 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:46:35, on 3.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe
C:\Users\Methanol\AppData\Local\DirectDownloader\DirectDownloader.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\MSI\Live Update 5\LU5.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Program Files (x86)\NCSoft\Launcher\NCLauncher.exe
C:\Program Files\trend micro\Methanol.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?s=0&a=foxtab&c ... =566123706
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
O2 - BHO: (no name) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: BitAccelerator - {CAC42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\BitAccelerator\BitAccelerator.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [TC UP] "C:\Program Files (x86)\TC UP\TC UP.exe" /wnd=max
O4 - HKLM\..\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe
O4 - HKLM\..\Run: [Live Update 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Methanol\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "A:\Games\Metro2033\Steam.exe" -silent
O4 - Startup: Direct Downloader.lnk = C:\Users\Methanol\AppData\Local\DirectDownloader\DirectDownloader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {4F9FD89A-24F0-4fb7-9635-D54B3593B85B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: @"C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe",-101 - {4F9FD89A-24F0-4fb7-9635-D54B3593B85B} - (no file) (HKCU)
O9 - Extra button: @"C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe",-103 - {9E508DD9-844C-4985-AC11-AFE5DD71E0BF} - (no file) (HKCU)
O9 - Extra button: (no name) - {B771147A-4CC8-450e-8AB1-7D47821751B1} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: @"C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe",-102 - {B771147A-4CC8-450e-8AB1-7D47821751B1} - (no file) (HKCU)
O9 - Extra button: @"C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe",-104 - {EB89B163-2474-4734-9E93-68B61BC5BED5} - (no file) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9838 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"taskhost.exe"
taskeng.exe {B7AE7422-FFAF-4644-8BB7-CA2F8BC04701}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe" -autorun
"C:\Users\Methanol\AppData\Local\DirectDownloader\DirectDownloader.exe" startup
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
"C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\MSI\Live Update 5\LU5.exe" /reminder
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4308.c2fb200.2076400972 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 4308 "\\.\pipe\gecko-crash-server-pipe.4308" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe" --proxy-stub-channel=Flash4596.68B93AA0.41 --host-broker-channel=Flash4596.68B93AA0.18467 --host-pid=4596 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe" --channel=4632.0029F1E8.470595119 --proxy-stub-channel=Flash4596.68B93AA0.41 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files (x86)\NCSoft\Launcher\NCLauncher.exe" /LaunchGame=Lineage2
"C:\Program Files (x86)\NCsoft\Lineage II\system\l2.bin"
\x01\x80\xe5\xc6\xd1\x3c\x7d\x63\x1c\x86\x61\x18\xd0\xfc\xfc\x92\x2d\xb4\xe5\xb9\xe3\x98\x05\xd0\x45\x3d\x5b\xbd\xa0\x1b\xc8\x72\x8c\x57\x85\x1c\xd2\x78\x3d\xa4\x88\xcc\x35\x48\x81\x2b\xbd\xd7\xe8\xfc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
wmiadap.exe /F /T /R
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Methanol\Downloads\RSITx64(1).exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2973342720-1030308514-1458377291-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2973342720-1030308514-1458377291-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Methanol\AppData\Roaming\Mozilla\Firefox\Profiles\5jgijzp0.default-1346268749977

prefs.js - "browser.startup.homepage" - "http://www.searchnu.com/406"
prefs.js - "keyword.URL" - "http://dts.search-results.com/sr?src=ff ... 06&sr=0&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{5ddeb737-082c-48fb-8c06-aa4b38d61e5f}
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
Search_Results.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Methanol\AppData\Roaming\Mozilla\Firefox\Profiles\5jgijzp0.default-1346268749977\searchplugins\
Search_Results.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-10-02 5748928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC42510-9B41-42c1-9DCD-7282A2D07C61}]
BitAccelerator - C:\Program Files (x86)\BitAccelerator\BitAccelerator.dll [2012-09-16 14336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"THXCfg64"=C:\Windows\system32\THXCfg64.dll [2010-09-14 25600]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe [2009-12-16 312640]
"Google Update"=C:\Users\Methanol\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-10 116648]
"Steam"=A:\Games\Metro2033\Steam.exe -silent []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"THX Audio Control Panel"=C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [2011-08-29 1517056]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"TC UP"=C:\Program Files (x86)\TC UP\TC UP.exe [2011-11-21 616448]
"ControlCenterCount"=C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [2012-03-26 872448]
"Live Update 5"=C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [2012-01-30 315392]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2012-07-27 495616]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]

C:\Users\Methanol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Direct Downloader.lnk - C:\Users\Methanol\AppData\Local\DirectDownloader\DirectDownloader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2012-06-30 249344]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-11-03 15:46:34 ----D---- C:\rsit
2012-11-03 09:42:28 ----N---- C:\bootsqm.dat
2012-11-02 00:57:21 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2012-11-02 00:57:21 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2012-11-02 00:57:21 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2012-11-02 00:57:21 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2012-11-02 00:57:21 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2012-11-02 00:57:21 ----A---- C:\Windows\system32\XAudio2_6.dll
2012-11-02 00:57:21 ----A---- C:\Windows\system32\XAudio2_5.dll
2012-11-02 00:57:21 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2012-11-02 00:57:21 ----A---- C:\Windows\system32\xactengine3_6.dll
2012-11-02 00:57:21 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2012-11-02 00:57:20 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2012-11-02 00:57:20 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2012-11-02 00:57:20 ----A---- C:\Windows\system32\xactengine3_5.dll
2012-11-02 00:57:20 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2012-11-02 00:57:19 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2012-11-02 00:57:19 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2012-11-02 00:57:19 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2012-11-02 00:57:19 ----A---- C:\Windows\system32\d3dx11_42.dll
2012-11-02 00:57:19 ----A---- C:\Windows\system32\d3dx10_42.dll
2012-11-02 00:57:19 ----A---- C:\Windows\system32\d3dcsx_42.dll
2012-11-02 00:57:18 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2012-11-02 00:57:18 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2012-11-02 00:57:18 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2012-11-02 00:57:18 ----A---- C:\Windows\system32\D3DX9_42.dll
2012-11-02 00:57:18 ----A---- C:\Windows\system32\d3dx10_41.dll
2012-11-02 00:57:18 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2012-11-02 00:57:17 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2012-11-02 00:57:17 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2012-11-02 00:57:17 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2012-11-02 00:57:17 ----A---- C:\Windows\system32\XAudio2_4.dll
2012-11-02 00:57:17 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2012-11-02 00:57:17 ----A---- C:\Windows\system32\D3DX9_41.dll
2012-11-02 00:57:16 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2012-11-02 00:57:16 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2012-11-02 00:57:16 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2012-11-02 00:57:16 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2012-11-02 00:57:16 ----A---- C:\Windows\system32\xactengine3_4.dll
2012-11-02 00:57:16 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2012-11-02 00:57:16 ----A---- C:\Windows\system32\d3dx10_40.dll
2012-11-02 00:57:16 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2012-11-02 00:57:15 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2012-11-02 00:57:15 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2012-11-02 00:57:15 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2012-11-02 00:57:15 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2012-11-02 00:57:15 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2012-11-02 00:57:15 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2012-11-02 00:57:15 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2012-11-02 00:57:15 ----A---- C:\Windows\system32\XAudio2_3.dll
2012-11-02 00:57:15 ----A---- C:\Windows\system32\XAudio2_2.dll
2012-11-02 00:57:15 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2012-11-02 00:57:15 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2012-11-02 00:57:15 ----A---- C:\Windows\system32\xactengine3_3.dll
2012-11-02 00:57:15 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2012-11-02 00:57:15 ----A---- C:\Windows\system32\D3DX9_40.dll
2012-11-02 00:57:14 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2012-11-02 00:57:14 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2012-11-02 00:57:14 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2012-11-02 00:57:14 ----A---- C:\Windows\system32\xactengine3_2.dll
2012-11-02 00:57:14 ----A---- C:\Windows\system32\d3dx10_39.dll
2012-11-02 00:57:14 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2012-11-02 00:57:13 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2012-11-02 00:57:13 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2012-11-02 00:57:13 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2012-11-02 00:57:13 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2012-11-02 00:57:13 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2012-11-02 00:57:13 ----A---- C:\Windows\system32\XAudio2_1.dll
2012-11-02 00:57:13 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2012-11-02 00:57:13 ----A---- C:\Windows\system32\xactengine3_1.dll
2012-11-02 00:57:13 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2012-11-02 00:57:13 ----A---- C:\Windows\system32\D3DX9_39.dll
2012-11-02 00:57:12 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2012-11-02 00:57:12 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2012-11-02 00:57:12 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2012-11-02 00:57:12 ----A---- C:\Windows\system32\D3DX9_38.dll
2012-11-02 00:57:12 ----A---- C:\Windows\system32\d3dx10_38.dll
2012-11-02 00:57:12 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2012-10-31 13:10:49 ----D---- C:\Program Files (x86)\Futuremark
2012-10-31 13:08:46 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2012-10-31 13:08:46 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2012-10-31 13:08:46 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2012-10-31 13:08:46 ----A---- C:\Windows\system32\XAudio2_0.dll
2012-10-31 13:08:46 ----A---- C:\Windows\system32\xactengine3_0.dll
2012-10-31 13:08:46 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2012-10-31 13:08:45 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2012-10-31 13:08:45 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2012-10-31 13:08:45 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2012-10-31 13:08:45 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2012-10-31 13:08:45 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2012-10-31 13:08:45 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2012-10-31 13:08:45 ----A---- C:\Windows\system32\xactengine2_10.dll
2012-10-31 13:08:45 ----A---- C:\Windows\system32\D3DX9_37.dll
2012-10-31 13:08:45 ----A---- C:\Windows\system32\d3dx10_37.dll
2012-10-31 13:08:45 ----A---- C:\Windows\system32\d3dx10_36.dll
2012-10-31 13:08:45 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2012-10-31 13:08:45 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2012-10-31 13:08:44 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2012-10-31 13:08:44 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2012-10-31 13:08:44 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2012-10-31 13:08:44 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2012-10-31 13:08:44 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2012-10-31 13:08:44 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2012-10-31 13:08:44 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2012-10-31 13:08:44 ----A---- C:\Windows\system32\xactengine2_9.dll
2012-10-31 13:08:44 ----A---- C:\Windows\system32\xactengine2_8.dll
2012-10-31 13:08:44 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2012-10-31 13:08:44 ----A---- C:\Windows\system32\d3dx9_36.dll
2012-10-31 13:08:44 ----A---- C:\Windows\system32\d3dx9_35.dll
2012-10-31 13:08:44 ----A---- C:\Windows\system32\d3dx10_35.dll
2012-10-31 13:08:44 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2012-10-31 13:08:43 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2012-10-31 13:08:43 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2012-10-31 13:08:43 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2012-10-31 13:08:43 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2012-10-31 13:08:43 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2012-10-31 13:08:43 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2012-10-31 13:08:43 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2012-10-31 13:08:43 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2012-10-31 13:08:43 ----A---- C:\Windows\system32\xinput1_3.dll
2012-10-31 13:08:43 ----A---- C:\Windows\system32\xactengine2_7.dll
2012-10-31 13:08:43 ----A---- C:\Windows\system32\d3dx9_34.dll
2012-10-31 13:08:43 ----A---- C:\Windows\system32\d3dx9_33.dll
2012-10-31 13:08:43 ----A---- C:\Windows\system32\d3dx10_34.dll
2012-10-31 13:08:43 ----A---- C:\Windows\system32\d3dx10_33.dll
2012-10-31 13:08:43 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2012-10-31 13:08:43 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2012-10-31 13:08:42 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2012-10-31 13:08:42 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2012-10-31 13:08:42 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2012-10-31 13:08:42 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2012-10-31 13:08:42 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2012-10-31 13:08:42 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2012-10-31 13:08:42 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2012-10-31 13:08:42 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2012-10-31 13:08:42 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2012-10-31 13:08:42 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2012-10-31 13:08:42 ----A---- C:\Windows\system32\xinput1_2.dll
2012-10-31 13:08:42 ----A---- C:\Windows\system32\xactengine2_6.dll
2012-10-31 13:08:42 ----A---- C:\Windows\system32\xactengine2_5.dll
2012-10-31 13:08:42 ----A---- C:\Windows\system32\xactengine2_4.dll
2012-10-31 13:08:42 ----A---- C:\Windows\system32\xactengine2_3.dll
2012-10-31 13:08:42 ----A---- C:\Windows\system32\xactengine2_2.dll
2012-10-31 13:08:42 ----A---- C:\Windows\system32\x3daudio1_1.dll
2012-10-31 13:08:42 ----A---- C:\Windows\system32\d3dx9_32.dll
2012-10-31 13:08:42 ----A---- C:\Windows\system32\d3dx9_31.dll
2012-10-31 13:08:42 ----A---- C:\Windows\system32\d3dx10.dll
2012-10-31 13:08:41 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2012-10-31 13:08:41 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2012-10-31 13:08:41 ----A---- C:\Windows\system32\xinput1_1.dll
2012-10-31 13:08:41 ----A---- C:\Windows\system32\xactengine2_1.dll
2012-10-31 13:08:40 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2012-10-31 13:08:40 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2012-10-31 13:08:40 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2012-10-31 13:08:40 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2012-10-31 13:08:40 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2012-10-31 13:08:40 ----A---- C:\Windows\system32\xactengine2_0.dll
2012-10-31 13:08:40 ----A---- C:\Windows\system32\x3daudio1_0.dll
2012-10-31 13:08:40 ----A---- C:\Windows\system32\d3dx9_30.dll
2012-10-31 13:08:40 ----A---- C:\Windows\system32\d3dx9_29.dll
2012-10-31 13:08:40 ----A---- C:\Windows\system32\d3dx9_28.dll
2012-10-31 13:08:39 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2012-10-31 13:08:39 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2012-10-31 13:08:39 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2012-10-31 13:08:39 ----A---- C:\Windows\system32\d3dx9_27.dll
2012-10-31 13:08:39 ----A---- C:\Windows\system32\d3dx9_26.dll
2012-10-31 13:08:39 ----A---- C:\Windows\system32\d3dx9_25.dll
2012-10-31 13:08:38 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2012-10-31 13:08:38 ----A---- C:\Windows\system32\d3dx9_24.dll
2012-10-30 20:12:25 ----D---- C:\Program Files (x86)\Sapphire TRIXX
2012-10-30 16:45:21 ----D---- C:\ProgramData\ATI
2012-10-30 16:45:20 ----D---- C:\Program Files (x86)\AMD AVT
2012-10-30 16:45:19 ----D---- C:\Program Files (x86)\AMD APP
2012-10-30 16:44:04 ----D---- C:\AMD
2012-10-30 16:35:40 ----D---- C:\Users\Methanol\AppData\Roaming\ATI
2012-10-30 16:26:27 ----D---- C:\ProgramData\AMD
2012-10-30 16:26:19 ----D---- C:\Program Files\Common Files\ATI Technologies
2012-10-30 16:25:55 ----A---- C:\Windows\SYSWOW64\ativvsvl.dat
2012-10-30 16:25:55 ----A---- C:\Windows\SYSWOW64\ativvsva.dat
2012-10-30 16:25:55 ----A---- C:\Windows\system32\ativvsvl.dat
2012-10-30 16:25:55 ----A---- C:\Windows\system32\ativvsva.dat
2012-10-30 16:25:54 ----A---- C:\Windows\SYSWOW64\atipblag.dat
2012-10-30 16:25:54 ----A---- C:\Windows\system32\atipblag.dat
2012-10-30 16:25:54 ----A---- C:\Windows\system32\ATIDEMGX.dll
2012-10-30 16:25:31 ----D---- C:\Program Files (x86)\ATI Technologies
2012-10-30 16:25:30 ----D---- C:\Program Files\ATI
2012-10-30 16:24:41 ----D---- C:\Program Files\ATI Technologies
2012-10-27 11:49:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-10-14 16:18:28 ----D---- C:\ProgramData\boost_interprocess
2012-10-14 16:18:28 ----D---- C:\Program Files (x86)\Searchqu Toolbar
2012-10-14 16:15:19 ----D---- C:\Program Files (x86)\Gophoto.it
2012-10-14 16:15:16 ----D---- C:\Program Files (x86)\OnlineHD.TV
2012-10-09 21:57:09 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-09 21:57:08 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-10-09 21:57:08 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-10-09 21:57:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-09 21:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-09 21:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-09 21:57:07 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-10-09 21:57:07 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-10-09 21:57:07 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-10-09 21:57:07 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-10-09 21:57:07 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-10-09 21:57:07 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-10-09 21:57:07 ----A---- C:\Windows\system32\wow64win.dll
2012-10-09 21:57:07 ----A---- C:\Windows\system32\wow64cpu.dll
2012-10-09 21:57:07 ----A---- C:\Windows\system32\wow64.dll
2012-10-09 21:57:07 ----A---- C:\Windows\system32\winsrv.dll
2012-10-09 21:57:07 ----A---- C:\Windows\system32\ntvdm64.dll
2012-10-09 21:57:07 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-09 21:57:07 ----A---- C:\Windows\system32\kernel32.dll
2012-10-09 21:57:07 ----A---- C:\Windows\system32\conhost.exe
2012-10-09 21:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-09 21:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-09 21:57:06 ----A---- C:\Windows\SYSWOW64\user.exe
2012-10-09 21:57:05 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-10-09 21:57:05 ----A---- C:\Windows\system32\wintrust.dll
2012-10-09 21:57:04 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-10-09 21:57:04 ----A---- C:\Windows\system32\tzres.dll
2012-10-09 21:57:03 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-10-09 21:57:03 ----A---- C:\Windows\system32\kerberos.dll
2012-10-09 21:57:03 ----A---- C:\Windows\system32\crypt32.dll
2012-10-09 21:57:02 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-10-09 21:57:02 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-10-09 21:57:02 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-10-09 21:57:02 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-09 21:57:02 ----A---- C:\Windows\system32\cryptnet.dll

======List of files/folders modified in the last 1 month======

2012-11-03 15:46:35 ----D---- C:\Windows\temp
2012-11-03 15:46:35 ----D---- C:\Program Files\trend micro
2012-11-03 15:46:23 ----D---- C:\Windows\System32
2012-11-03 15:46:23 ----D---- C:\Windows\inf
2012-11-03 15:46:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-03 15:42:40 ----A---- C:\Windows\SYSWOW64\log.txt
2012-11-03 15:41:44 ----D---- C:\Windows\system32\Tasks
2012-11-03 15:41:12 ----D---- C:\Users\Methanol\AppData\Roaming\Skype
2012-11-03 14:03:37 ----D---- C:\Windows\system32\config
2012-11-03 10:56:18 ----D---- C:\Users\Methanol\AppData\Roaming\TS3Client
2012-11-02 20:31:56 ----SHD---- C:\Windows\Installer
2012-11-02 20:31:55 ----D---- C:\ProgramData\Skype
2012-11-02 19:30:57 ----SHD---- C:\System Volume Information
2012-11-02 01:53:14 ----D---- C:\Users\Methanol\AppData\Roaming\uTorrent
2012-11-02 01:01:33 ----RD---- C:\Program Files (x86)
2012-11-02 00:57:51 ----D---- C:\Windows
2012-11-02 00:57:50 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2012-11-02 00:57:49 ----D---- C:\Windows\SysWOW64
2012-11-02 00:57:06 ----RSD---- C:\Windows\assembly
2012-11-02 00:56:56 ----D---- C:\Windows\system32\catroot2
2012-11-02 00:56:47 ----D---- C:\Windows\Logs
2012-11-02 00:14:51 ----D---- C:\Program Files (x86)\Common Files
2012-11-02 00:14:07 ----D---- C:\Windows\winsxs
2012-11-02 00:13:20 ----D---- C:\Users\Methanol\AppData\Roaming\DAEMON Tools Pro
2012-11-01 23:54:50 ----D---- C:\Program Files (x86)\MSI Afterburner
2012-11-01 11:02:29 ----D---- C:\ProgramData\PMB Files
2012-10-31 13:08:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-10-30 22:48:14 ----D---- C:\Windows\system32\catroot
2012-10-30 22:47:51 ----D---- C:\Windows\SYSWOW64\directx
2012-10-30 17:25:47 ----D---- C:\Program Files\TeamSpeak 3 Client
2012-10-30 16:45:21 ----D---- C:\ProgramData
2012-10-30 16:44:58 ----D---- C:\Windows\system32\drivers
2012-10-30 16:44:57 ----D---- C:\Windows\system32\DriverStore
2012-10-30 16:33:28 ----D---- C:\Windows\Help
2012-10-30 16:33:28 ----D---- C:\Program Files\NVIDIA Corporation
2012-10-30 16:32:24 ----RD---- C:\Users
2012-10-30 16:26:19 ----D---- C:\Program Files\Common Files
2012-10-30 16:25:30 ----RD---- C:\Program Files
2012-10-28 15:44:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-10-21 22:27:56 ----D---- C:\Users\Methanol\AppData\Roaming\XBMC
2012-10-20 17:19:20 ----D---- C:\Windows\system32\NDF
2012-10-12 08:38:35 ----D---- C:\Windows\rescache
2012-10-10 13:25:43 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-10-10 13:25:43 ----D---- C:\Windows\system32\cs-CZ
2012-10-10 13:25:43 ----D---- C:\Windows\AppPatch
2012-10-09 23:35:40 ----D---- C:\Windows\debug
2012-10-09 23:35:40 ----A---- C:\Windows\system32\MRT.exe
2012-10-09 18:11:36 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-07-05 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2011-01-26 30312]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-28 10697216]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-09-28 460288]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-10 33592]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2010-01-18 14136]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-07-01 31232]
S3 7ByteIo;7ByteIo; \??\C:\Program Files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys []
S3 a7macm1a;a7macm1a; C:\Windows\system32\drivers\a7macm1a.sys []
S3 ALSysIO;ALSysIO; \??\C:\Users\Methanol\AppData\Local\Temp\ALSysIO64.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-28 10697216]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 cpuz130;cpuz130; \??\C:\Users\Methanol\AppData\Local\Temp\cpuz130\cpuz_x64.sys []
S3 dump_wmimmc;dump_wmimmc; \??\C:\Program Files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys []
S3 GPU-Z;GPU-Z; \??\C:\Users\Methanol\AppData\Local\Temp\GPU-Z.sys [2012-11-02 27008]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2005-01-02 4682]
S3 NTIOLib_1_0_6;NTIOLib_1_0_6; \??\C:\Program Files (x86)\Setup Files\Ms7752v260\NTIOLib_X64.sys [2011-01-06 11888]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 tap0801;TAP-Win32 Adapter V8; C:\Windows\system32\DRIVERS\tap0801.sys [2005-04-13 30720]
S3 tapoas;TAP-Win32 Adapter OAS; C:\Windows\system32\DRIVERS\tapoas.sys [2011-08-18 30720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S4 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-09-28 239616]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-29 165144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-29 277784]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2012-06-29 136704]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2011-12-21 578264]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-29 363800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-27 115168]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2011-03-28 4323256]
S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2011-07-01 14848]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-30 1255736]

-----------------EOF-----------------

Zdravím, tohle fixni v HJT :

R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
O2 - BHO: (no name) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - (no file)
O4 - HKLM\..\Run: [Live Update 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
O4 - HKCU\..\Run: [Google Update] "C:\Users\Methanol\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O9 - Extra button: (no name) - {4F9FD89A-24F0-4fb7-9635-D54B3593B85B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: @"C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe",-101 - {4F9FD89A-24F0-4fb7-9635-D54B3593B85B} - (no file) (HKCU)
O9 - Extra button: @"C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe",-103 - {9E508DD9-844C-4985-AC11-AFE5DD71E0BF} - (no file) (HKCU)
O9 - Extra button: (no name) - {B771147A-4CC8-450e-8AB1-7D47821751B1} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: @"C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe",-102 - {B771147A-4CC8-450e-8AB1-7D47821751B1} - (no file) (HKCU)
O9 - Extra button: @"C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe",-104 - {EB89B163-2474-4734-9E93-68B61BC5BED5} - (no file) (HKCU)


HJT najdeš zde :

C:\Program Files\trend micro\Methanol.exe

Fix znamená že spustíš HJT jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Všechny programy >> Příslušenství >> Spustit >> napiš - services.msc >> Enter. Najdi službu :

PandoraService (PanService)

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.


Přes Odebrat programy odinstaluj Pando Media Booster (Pando Networks) a Searchqu Toolbar


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!

Ve jsem udělal tak jak jsi chtěl.. Tady přikládám log z MBAM.

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.11.04.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Methanol :: METHANOL-PC [administrátor]

4.11.2012 1:08:51
mbam-log-2012-11-04 (01-31-44).txt

Typ: Úplná kontrola (A:\|C:\|D:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 435841
Uplynulý čas: 20 minut, 9 sekund

Nalezené procesy v paměti: 1
C:\Users\Methanol\AppData\Local\DirectDownloader\DirectDownloader.exe (Adware.DirectDownloader) -> 2172 -> Žádná instrukce nebyla provedena.

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 8
HKCR\Typelib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} (PUP.Funmoods) -> Žádná instrukce nebyla provedena.
HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Žádná instrukce nebyla provedena.
HKCR\CLSID\{CAC42510-9B41-42c1-9DCD-7282A2D07C61} (Trojan.BHO) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC42510-9B41-42C1-9DCD-7282A2D07C61} (Trojan.BHO) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CAC42510-9B41-42C1-9DCD-7282A2D07C61} (Trojan.BHO) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAC42510-9B41-42C1-9DCD-7282A2D07C61} (Trojan.BHO) -> Žádná instrukce nebyla provedena.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\Program Files (x86)\BitAccelerator (Trojan.BHO) -> Žádná instrukce nebyla provedena.

Nalezené soubory: 7
C:\Users\Methanol\AppData\Local\DirectDownloader\DirectDownloader.exe (Adware.DirectDownloader) -> Žádná instrukce nebyla provedena.
C:\Users\Methanol\AppData\Local\DirectDownloader\updateRunner.exe (Adware.DirectDownloader) -> Žádná instrukce nebyla provedena.
C:\Users\Methanol\Downloads\FLVPlayer_v3.exe (PUP.Adware.Installcore) -> Žádná instrukce nebyla provedena.
C:\Users\Methanol\Downloads\Prometheus.2012.1080p.BluRay.DTS.x264-BRADJE_PublicHD.exe (Adware.DirectDownloader) -> Žádná instrukce nebyla provedena.
C:\Users\Methanol\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Žádná instrukce nebyla provedena.
C:\Users\Methanol\AppData\Local\funmoods.crx (PUP.Funmoods) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\BitAccelerator\BitAccelerator.dll (Trojan.BHO) -> Žádná instrukce nebyla provedena.

(konec)

Vše co Mbam našel nech smazat.

Nyní se podíváme hluběji.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

Hotovo..tady přikládám log z Combofix..



ComboFix 12-11-05.03 - Methanol 06.11.2012 9:55.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8146.6620 [GMT 1:00]
Spuštěný z: c:\users\Methanol\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-06 do 2012-11-06 )))))))))))))))))))))))))))))))
.
.
2012-11-06 08:56 . 2012-11-06 08:56 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-11-06 08:56 . 2012-11-06 08:56 -------- d-----w- c:\users\Lucinka\AppData\Local\temp
2012-11-06 08:56 . 2012-11-06 08:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-04 00:07 . 2012-11-04 00:07 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-04 00:07 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-03 14:46 . 2012-11-03 14:46 -------- d-----w- C:\rsit
2012-11-02 18:31 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D41666D7-8120-488E-BBB3-437D80D85162}\mpengine.dll
2012-11-02 00:20 . 2012-11-02 00:20 -------- d-----w- c:\users\Methanol\AppData\Local\4A Games
2012-11-01 23:14 . 2012-11-01 23:14 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-10-31 12:10 . 2012-10-31 12:10 -------- d-----w- c:\program files (x86)\Futuremark
2012-10-31 12:10 . 2012-11-01 23:57 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2012-10-30 19:12 . 2012-10-30 19:16 -------- d-----w- c:\program files (x86)\Sapphire TRIXX
2012-10-25 15:46 . 2012-10-25 15:46 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-14 15:19 . 2012-10-14 15:19 -------- d-----w- c:\users\Methanol\AppData\Local\Ilivid Player
2012-10-14 15:18 . 2012-10-15 18:02 -------- d-----w- c:\programdata\boost_interprocess
2012-10-14 15:18 . 2012-10-14 15:18 -------- d-----w- c:\program files (x86)\Searchqu Toolbar
2012-10-14 15:15 . 2012-10-14 15:15 -------- d-----w- c:\program files (x86)\Gophoto.it
2012-10-14 15:15 . 2012-10-14 15:15 -------- d-----w- c:\program files (x86)\OnlineHD.TV
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 22:35 . 2012-06-30 12:30 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-09 17:11 . 2012-06-30 09:31 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 17:11 . 2012-06-30 09:31 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-28 14:37 . 2012-09-28 14:37 221696 ----a-w- c:\windows\system32\clinfo.exe
2012-09-28 14:36 . 2012-09-28 14:36 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-09-28 14:36 . 2012-09-28 14:36 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-09-28 14:36 . 2012-09-28 14:36 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-09-28 14:36 . 2012-09-28 14:36 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-09-28 14:36 . 2012-09-28 14:36 32635904 ----a-w- c:\windows\system32\amdocl64.dll
2012-09-28 14:32 . 2012-09-28 14:32 27341824 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-09-28 14:28 . 2012-09-28 14:28 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-09-28 14:28 . 2012-09-28 14:28 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-09-28 02:23 . 2012-04-06 01:34 5557928 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-09-28 02:21 . 2012-09-28 02:21 10697216 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-09-28 02:05 . 2012-09-28 02:05 70144 ----a-w- c:\windows\system32\coinst_9.002.dll
2012-09-28 02:03 . 2012-09-28 02:03 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-09-28 02:02 . 2012-09-28 02:02 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-09-28 02:02 . 2012-09-28 02:02 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-09-28 02:02 . 2012-09-28 02:02 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-09-28 02:02 . 2012-09-28 02:02 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-09-28 02:02 . 2012-09-28 02:02 16082432 ----a-w- c:\windows\system32\aticaldd64.dll
2012-09-28 01:59 . 2012-09-28 01:59 23825920 ----a-w- c:\windows\system32\atio6axx.dll
2012-09-28 01:57 . 2012-09-28 01:57 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-09-28 01:43 . 2012-04-06 02:21 935424 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-09-28 01:41 . 2012-04-06 02:20 1120768 ----a-w- c:\windows\system32\aticfx64.dll
2012-09-28 01:41 . 2012-09-28 01:41 19624960 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-09-28 01:39 . 2012-04-06 02:13 6536192 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-09-28 01:39 . 2012-09-28 01:39 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-09-28 01:39 . 2012-09-28 01:39 538112 ----a-w- c:\windows\system32\atieclxx.exe
2012-09-28 01:38 . 2012-09-28 01:38 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-09-28 01:36 . 2012-09-28 01:36 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-09-28 01:36 . 2012-09-28 01:36 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-09-28 01:36 . 2012-09-28 01:36 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-09-28 01:36 . 2012-09-28 01:36 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-09-28 01:31 . 2012-09-28 01:31 3127296 ----a-w- c:\windows\system32\atiumd6a.dll
2012-09-28 01:25 . 2012-09-28 01:25 6704640 ----a-w- c:\windows\system32\atiumd64.dll
2012-09-28 01:22 . 2012-04-06 01:54 7167488 ----a-w- c:\windows\system32\atidxx64.dll
2012-09-28 01:22 . 2012-04-06 01:22 2691584 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-09-28 01:13 . 2012-09-28 01:13 595456 ----a-w- c:\windows\system32\atiadlxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 79360 ----a-w- c:\windows\system32\amdave64.dll
2012-09-28 01:13 . 2012-09-28 01:13 78336 ----a-w- c:\windows\SysWow64\amdave32.dll
2012-09-28 01:13 . 2012-09-28 01:13 405504 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-09-28 01:13 . 2012-09-28 01:13 74240 ----a-w- c:\windows\system32\atisamu64.dll
2012-09-28 01:13 . 2012-09-28 01:13 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 71168 ----a-w- c:\windows\SysWow64\atisamu32.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-09-28 01:13 . 2012-09-28 01:13 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-09-28 01:12 . 2012-09-28 01:12 460288 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-09-28 01:11 . 2012-04-06 01:09 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-09-28 01:11 . 2012-04-06 01:09 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-09-28 01:11 . 2012-09-28 01:11 103424 ----a-w- c:\windows\system32\atiu9p64.dll
2012-09-28 01:10 . 2012-04-06 01:09 82944 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-09-28 01:09 . 2012-09-28 01:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-08-24 11:15 . 2012-09-21 20:21 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-21 20:21 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-21 20:21 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-21 20:21 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-21 20:21 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-21 20:21 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-21 20:21 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-21 20:21 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-21 20:21 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-21 20:21 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-21 20:21 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-21 20:21 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-21 20:21 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-21 20:21 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-21 20:21 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-21 20:21 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-21 20:21 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-21 20:21 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-21 20:21 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-21 20:21 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-21 20:21 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-21 20:21 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 12:51 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 12:51 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 12:51 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 12:51 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 15:44 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-20 17:38 . 2012-10-09 20:57 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTProAgent.exe" [2009-12-16 312640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-26 291608]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2011-08-29 1517056]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"ControlCenterCount"="c:\program files (x86)\MSI\ControlCenter\ControlCenterCount.exe" [2012-03-26 872448]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2012-07-27 495616]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
.
c:\users\Methanol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Direct Downloader.lnk - c:\users\Methanol\AppData\Local\DirectDownloader\DirectDownloader.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 7ByteIo;7ByteIo;c:\program files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys [x]
R3 ALSysIO;ALSysIO;c:\users\Methanol\AppData\Local\Temp\ALSysIO64.sys [x]
R3 cpuz130;cpuz130;c:\users\Methanol\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys [x]
R3 GPU-Z;GPU-Z;c:\users\Methanol\AppData\Local\Temp\GPU-Z.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-10 33592]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136]
R3 NTIOLib_1_0_6;NTIOLib_1_0_6;c:\program files (x86)\Setup Files\Ms7752v260\NTIOLib_X64.sys [2011-01-06 11888]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;E:\NTIOLib_X64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys [2005-04-13 30720]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [2011-08-18 30720]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-30 1255736]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-26 19224]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-07-05 834544]
S1 VD_FileDisk;VD_FileDisk; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-29 165144]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [2012-06-29 136704]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-29 363800]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-26 356632]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-26 789272]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2010-01-18 14136]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - NTIOLIB_1_0_3
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-30 17:11]
.
2012-11-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2973342720-1030308514-1458377291-1000Core.job
- c:\users\Methanol\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-10 09:21]
.
2012-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2973342720-1030308514-1458377291-1000UA.job
- c:\users\Methanol\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-10 09:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2010-09-14 25600]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.searchnu.com/406
mStart Page = hxxp://www.searchya.com/?s=0&a=foxtab&chnl=tc- ... =566123706
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Methanol\AppData\Roaming\Mozilla\Firefox\Profiles\5jgijzp0.default-1346268749977\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.searchnu.com/406
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=400&systemid=406&sr=0&q=
FF - ExtSQL: 2012-09-27 11:17; {5ddeb737-082c-48fb-8c06-aa4b38d61e5f}; c:\program files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f}
FF - ExtSQL: 2012-10-14 17:15; onlinehdtv@onlinehd.tv; c:\users\Methanol\AppData\Roaming\Mozilla\Firefox\Profiles\5jgijzp0.default-1346268749977\extensions\onlinehdtv@onlinehd.tv.xpi
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-11-06 09:57:58
ComboFix-quarantined-files.txt 2012-11-06 08:57
.
Před spuštěním: Volných bajtů: 50 940 813 312
Po spuštění: Volných bajtů: 50 627 244 032
.
- - End Of File - - 8F19BD6EE7A8ADB074B6AA8994257039

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

Vše jsem udělal jak jsi chtěl..Tady přikládám poslední log z CmboFix..Takže už by asi mělo být čisto..?


ComboFix 12-11-06.03 - Methanol 07.11.2012 1:04.5.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8146.6518 [GMT 1:00]
Spuštěný z: c:\users\Methanol\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Methanol\Desktop\CFScript.txt.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\css\new-tab.css
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_amazon.png
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_ebay.png
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_facebook.png
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_fantastigames.png
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_ftalk.png
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_youtube.png
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\IDR_WEBSTORE_ICON.png
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\imesh_logo_128.png
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\imesh_logo_128.png__
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\new-tab.html
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\lib\analytics.js
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\lib\constant.js
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\lib\default-config - Copy.js
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\lib\default-config.js
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\lib\jquery.js
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\lib\localStorage.js
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\lib\new-tab.js
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\lib\preferences.js
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\manifest.json
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\OurLocalPage.html
c:\windows\TEMP\~E54A.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-07 do 2012-11-07 )))))))))))))))))))))))))))))))
.
.
2012-11-07 00:06 . 2012-11-07 00:06 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-11-07 00:06 . 2012-11-07 00:06 -------- d-----w- c:\users\Lucinka\AppData\Local\temp
2012-11-07 00:06 . 2012-11-07 00:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-04 00:07 . 2012-11-04 00:07 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-04 00:07 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-03 14:46 . 2012-11-03 14:46 -------- d-----w- C:\rsit
2012-11-02 18:31 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D41666D7-8120-488E-BBB3-437D80D85162}\mpengine.dll
2012-11-02 00:20 . 2012-11-02 00:20 -------- d-----w- c:\users\Methanol\AppData\Local\4A Games
2012-11-01 23:14 . 2012-11-06 19:12 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-10-31 12:10 . 2012-10-31 12:10 -------- d-----w- c:\program files (x86)\Futuremark
2012-10-31 12:10 . 2012-11-01 23:57 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2012-10-30 19:12 . 2012-10-30 19:16 -------- d-----w- c:\program files (x86)\Sapphire TRIXX
2012-10-25 15:46 . 2012-10-25 15:46 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-14 15:19 . 2012-10-14 15:19 -------- d-----w- c:\users\Methanol\AppData\Local\Ilivid Player
2012-10-14 15:18 . 2012-10-15 18:02 -------- d-----w- c:\programdata\boost_interprocess
2012-10-14 15:15 . 2012-10-14 15:15 -------- d-----w- c:\program files (x86)\Gophoto.it
2012-10-14 15:15 . 2012-10-14 15:15 -------- d-----w- c:\program files (x86)\OnlineHD.TV
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 22:35 . 2012-06-30 12:30 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-09 17:11 . 2012-06-30 09:31 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 17:11 . 2012-06-30 09:31 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-28 14:37 . 2012-09-28 14:37 221696 ----a-w- c:\windows\system32\clinfo.exe
2012-09-28 14:36 . 2012-09-28 14:36 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-09-28 14:36 . 2012-09-28 14:36 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-09-28 14:36 . 2012-09-28 14:36 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-09-28 14:36 . 2012-09-28 14:36 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-09-28 14:36 . 2012-09-28 14:36 32635904 ----a-w- c:\windows\system32\amdocl64.dll
2012-09-28 14:32 . 2012-09-28 14:32 27341824 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-09-28 14:28 . 2012-09-28 14:28 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-09-28 14:28 . 2012-09-28 14:28 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-09-28 02:23 . 2012-04-06 01:34 5557928 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-09-28 02:21 . 2012-09-28 02:21 10697216 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-09-28 02:05 . 2012-09-28 02:05 70144 ----a-w- c:\windows\system32\coinst_9.002.dll
2012-09-28 02:03 . 2012-09-28 02:03 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-09-28 02:02 . 2012-09-28 02:02 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-09-28 02:02 . 2012-09-28 02:02 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-09-28 02:02 . 2012-09-28 02:02 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-09-28 02:02 . 2012-09-28 02:02 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-09-28 02:02 . 2012-09-28 02:02 16082432 ----a-w- c:\windows\system32\aticaldd64.dll
2012-09-28 01:59 . 2012-09-28 01:59 23825920 ----a-w- c:\windows\system32\atio6axx.dll
2012-09-28 01:57 . 2012-09-28 01:57 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-09-28 01:43 . 2012-04-06 02:21 935424 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-09-28 01:41 . 2012-04-06 02:20 1120768 ----a-w- c:\windows\system32\aticfx64.dll
2012-09-28 01:41 . 2012-09-28 01:41 19624960 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-09-28 01:39 . 2012-04-06 02:13 6536192 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-09-28 01:39 . 2012-09-28 01:39 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-09-28 01:39 . 2012-09-28 01:39 538112 ----a-w- c:\windows\system32\atieclxx.exe
2012-09-28 01:38 . 2012-09-28 01:38 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-09-28 01:36 . 2012-09-28 01:36 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-09-28 01:36 . 2012-09-28 01:36 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-09-28 01:36 . 2012-09-28 01:36 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-09-28 01:36 . 2012-09-28 01:36 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-09-28 01:31 . 2012-09-28 01:31 3127296 ----a-w- c:\windows\system32\atiumd6a.dll
2012-09-28 01:25 . 2012-09-28 01:25 6704640 ----a-w- c:\windows\system32\atiumd64.dll
2012-09-28 01:22 . 2012-04-06 01:54 7167488 ----a-w- c:\windows\system32\atidxx64.dll
2012-09-28 01:22 . 2012-04-06 01:22 2691584 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-09-28 01:13 . 2012-09-28 01:13 595456 ----a-w- c:\windows\system32\atiadlxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 79360 ----a-w- c:\windows\system32\amdave64.dll
2012-09-28 01:13 . 2012-09-28 01:13 78336 ----a-w- c:\windows\SysWow64\amdave32.dll
2012-09-28 01:13 . 2012-09-28 01:13 405504 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-09-28 01:13 . 2012-09-28 01:13 74240 ----a-w- c:\windows\system32\atisamu64.dll
2012-09-28 01:13 . 2012-09-28 01:13 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 71168 ----a-w- c:\windows\SysWow64\atisamu32.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-09-28 01:13 . 2012-09-28 01:13 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-09-28 01:12 . 2012-09-28 01:12 460288 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-09-28 01:11 . 2012-04-06 01:09 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-09-28 01:11 . 2012-04-06 01:09 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-09-28 01:11 . 2012-09-28 01:11 103424 ----a-w- c:\windows\system32\atiu9p64.dll
2012-09-28 01:10 . 2012-04-06 01:09 82944 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-09-28 01:09 . 2012-09-28 01:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-08-24 11:15 . 2012-09-21 20:21 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-21 20:21 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-21 20:21 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-21 20:21 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-21 20:21 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-21 20:21 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-21 20:21 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-21 20:21 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-21 20:21 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-21 20:21 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-21 20:21 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-21 20:21 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-21 20:21 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-21 20:21 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-21 20:21 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-21 20:21 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-21 20:21 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-21 20:21 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-21 20:21 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-21 20:21 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-21 20:21 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-21 20:21 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 12:51 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 12:51 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 12:51 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 12:51 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 15:44 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-20 17:38 . 2012-10-09 20:57 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTProAgent.exe" [2009-12-16 312640]
"Steam"="a:\steam\steam.exe" [2012-11-06 1353080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-26 291608]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2011-08-29 1517056]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"ControlCenterCount"="c:\program files (x86)\MSI\ControlCenter\ControlCenterCount.exe" [2012-03-26 872448]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2012-07-27 495616]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
.
c:\users\Methanol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Direct Downloader.lnk - c:\users\Methanol\AppData\Local\DirectDownloader\DirectDownloader.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 7ByteIo;7ByteIo;c:\program files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys [x]
R3 ALSysIO;ALSysIO;c:\users\Methanol\AppData\Local\Temp\ALSysIO64.sys [x]
R3 cpuz130;cpuz130;c:\users\Methanol\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys [x]
R3 GPU-Z;GPU-Z;c:\users\Methanol\AppData\Local\Temp\GPU-Z.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-10 33592]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136]
R3 NTIOLib_1_0_6;NTIOLib_1_0_6;c:\program files (x86)\Setup Files\Ms7752v260\NTIOLib_X64.sys [2011-01-06 11888]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;E:\NTIOLib_X64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys [2005-04-13 30720]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [2011-08-18 30720]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-30 1255736]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-26 19224]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-07-05 834544]
S1 VD_FileDisk;VD_FileDisk; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-29 165144]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [2012-06-29 136704]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-29 363800]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-26 356632]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-26 789272]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2010-01-18 14136]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-30 17:11]
.
2012-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2973342720-1030308514-1458377291-1000Core.job
- c:\users\Methanol\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-10 09:21]
.
2012-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2973342720-1030308514-1458377291-1000UA.job
- c:\users\Methanol\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-10 09:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2010-09-14 25600]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.searchnu.com/406
mStart Page = hxxp://www.searchya.com/?s=0&a=foxtab&chnl=tc- ... =566123706
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Methanol\AppData\Roaming\Mozilla\Firefox\Profiles\5jgijzp0.default-1346268749977\
FF - prefs.js: browser.search.selectedEngine - Google
FF - ExtSQL: 2012-09-27 11:17; {5ddeb737-082c-48fb-8c06-aa4b38d61e5f}; c:\program files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f}
FF - ExtSQL: 2012-10-14 17:15; onlinehdtv@onlinehd.tv; c:\users\Methanol\AppData\Roaming\Mozilla\Firefox\Profiles\5jgijzp0.default-1346268749977\extensions\onlinehdtv@onlinehd.tv.xpi
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
Celkový čas: 2012-11-07 01:07:14
ComboFix-quarantined-files.txt 2012-11-07 00:07
ComboFix2.txt 2012-11-06 08:57
.
Před spuštěním: Volných bajtů: 50 510 733 312
Po spuštění: Volných bajtů: 50 426 073 088
.
- - End Of File - - 0B021D16CD32F471398F78E43FF9755A

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jaký je stav PC.

Vypadá to že je vše OK.. Nestabilitu PC a zamrzávání pravděpodobně způsobuje GK kterou jsem minulí týden koupil..Takže pujde na reklamaci.
Ale ted chodí vše daleko líp než před tím takže tam asi nějaký šmejdi byli..Každopadně díky moc za tvůj čas a pomoc s PC
Přeji hodně zdaru v boji s havětí..

pepe3dx píše:Nestabilitu PC a zamrzávání pravděpodobně způsobuje GK kterou jsem minulí týden koupil..Takže pujde na reklamaci.

On to ale klidně může být zdroj co nezvládá krmit výkonné komponenty.

Zdrojem to asi nebude mam Seasonic 520 což je dost kvalitní zdroj..a nemam ani vypalovačku (tu mam externí s vlastním zdrojem) jen jeden SSD disk a 3 disky normální..to by zdroj měl utáhnout bez problémů..ale radši to ještě přeměřím.. A přetaktovaný je všechno jen lehce..procik 4.4 GHz a karta 950/1300..ale furt mi to hazí "kontrola souborů systemu na disku C" při každym startu a nemužu se toho zbavit..nevim proč..

Ono klidně můžeš mít kvalitní zdroj ale pokud nebude dostatečně výkonný je to oničem.

Ohledně té kontroly disku, když jí necháš proběhnout tak se to při dalším spuštění opakuje ?

Co zkusit spustit kontrolu ručně přes Vlastnosi disku ?

To jsem zkoušel..nastavit při dalším zpuštění a nechal ji udělat a stejnak mi to hodí pokaždý znova.. Zdroj by měl tuhle GK (gigabyte 7950) utahnout bez problemů řešil jsem to s klukama z PC tuningu u nich na foru a spousta lidí má stejnou sestavu co já a jede jim to a maji to ještě víc přetaktovaný..

Pak je tu ještě možnost, že je nakopnutý systém a to by znamenalo ho opravit.

Zkusim reinstal a uvidíme..snad to pomůže ještě jednou díky Roli za pomoc..