Nejdou spustit důležité věci, problém s plochou
Napsal: 30 lis 2012 23:20
Dobrý den.
Takže. Začnu asi takhle (bude to asi na dlouho). Poslední dobou co PC používám se vyskytují problémy. Řeknu Vám jaké. Když dám CTRL+ALT+DEL a dám Spravce Uloh, nic nenabehne. Take kdyz chci spustit cmd.exe tak také nejde. Nevím čím to je. Nejspíš mám v PC vir, ale nevím to jistě no. Poté když si něco uložím na plochu, nemužu to na ploše poté najít. Musím proto kliknout pravým tlačítkem myši a dát Aktualizovat (Refresh), a teprve potom se mi ikony zobrazí. Další problém je, že když ty ikony chci vymazat, buď mi to napíše error že soubor nebyl nalezen, a nebo musím dát znovu refresh (to samé při vysypávání koše.Někdy když zapnu pc tak naběhne vše v poho ale ukáže se zde pár errorů (typu 0xC0646, podobné) a teprve potom naběhne plocha.Taky se mi zdá že mám v PC velmi velmi divnej vir. Počas pracování s pc my vyskočí tabulka oznamující něco jako "Virtual Command Base Line přestal pracovat" a ve chvíly kdy dám OK tak se mi oteviraji a zaviraji CMD okýnka. Byl bych rád kdyby jste se mi na to koukli, protože vy jste jediný, kterým můžu věřit
Možná toho bude více a když mi nepomůžete, nebudu se zlobit. Chápu vás. A ještě se omlouvám za délku :/ (né textu ale počtu problému).
Log z RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by MrShock at 2012-11-30 00:07:26
Microsoft Windows 7 Ultimate
System drive C: has 14 GB (22%) free of 67 GB
Total RAM: 4086 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:07:30, on 30.11.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Users\MrShock\AppData\Roaming\sysini.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
C:\Windows\SysWOW64\notepad.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe
C:\Program Files\trend micro\MrShock.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://find.localstrike.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://find.localstrike.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://find.localstrike.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://find.localstrike.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.games-fusion.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [tmp8AE9] "C:\Users\MrShock\AppData\Local\Temp\tmp8AE8.tmp.exe"
O4 - HKCU\..\Run: [Cracked Steam Service] "D:\Program Files (x86)\Cracked Steam\Cracked Steam.exe" /SERVICE
O4 - HKCU\..\Run: [MicroUpdate] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSDCSC\msdcscx.exe
O4 - HKCU\..\Run: [sysini] C:\Users\MrShock\AppData\Roaming\sysini.exe
O4 - HKCU\..\Run: [google] C:\Users\MrShock\AppData\Roaming\wmdc.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: 1server.exe.lnk = ?
O4 - Startup: hamachi.lnk = C:\Program Files (x86)\Hamachi\hamachi.exe
O4 - Startup: listupdater.exe.lnk = C:\Program Files (x86)\Valve\platform\config\listupdater.exe
O4 - Startup: serverlistesi.exe.lnk = C:\Program Files (x86)\Valve\platform\config\serverlistesi.exe
O4 - Startup: zserver.exe.lnk = ?
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7912 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-16646125-89fe-4f37-8664-8fb72cf57560 -SystemEventPortName:HostProcess-e6947ebe-3249-4faa-bf26-81cb5f99b552 -IoCancelEventPortName:HostProcess-9d64ff05-7fb1-4deb-8fcf-3c1edfd0f545 -NonStateChangingEventPortName:HostProcess-0b2efd08-d1a1-411f-95e9-4ac502bd358d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6fc3e843-4711-46e4-97a0-77b8c6fd6739
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Windows\PixArt\Pac7302\Monitor.exe"
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Users\MrShock\AppData\Roaming\sysini.exe"
"C:\Users\MrShock\AppData\Roaming\wmdc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
notepad
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe" "magnet:?xt=urn:btih:c797c6d270002a2d507447eef2fbc4d271309e8c&dn=Windows+7+Ultimate+32%2F64-bit+RemoveWAT+Included%21&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.publicbt.com%3A80&tr=udp%3A%2F%2Ftracker.istole.it%3A6969&tr=udp%3A%2F%2Ftracker.ccc.de%3A80"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\SysWOW64\WerFault.exe -u -p 3784 -s 1112
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe"
"C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe" -PID:"3364" -RunMxAddonsMgr -UserName:"guest" -LangIni:"C:\Program Files (x86)\Maxthon3\Language\en.ini" -AppDataPath:"C:\Users\MrShock\AppData\Roaming\Maxthon3\" /prefetch:3
"C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe" -RunResMgr -MainFrmIpc:"IPC_M_R_00000D24" -UsersFolder:"C:\Users\MrShock\AppData\Roaming\Maxthon3\Users\" -UserName:"guest" -LangIni:"C:\Program Files (x86)\Maxthon3\Language\en.ini" -AppDataPath:"C:\Users\MrShock\AppData\Roaming\Maxthon3\" -ProductType:"intl" /prefetch:3
"C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe" -RunCore -CoreType:"webkit-normal-0-00000D24" -MainFrmIpc:"IPC_M_C_00000D24" -ResMgrIpc:"IPC_R_C_00000D24" -UserName:"guest" -LangIni:"C:\Program Files (x86)\Maxthon3\Language\en.ini" -AppDataPath:"C:\Users\MrShock\AppData\Roaming\Maxthon3\" -ProductType:"intl" -CustomCacheFolder:"%TEMP%\Maxthon3Cache\Temp\Webkit\Cache" -SyEvent:"mxevent_IPC_R_C_00000D24" /prefetch:3
"C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe" -RunMxDl -IPC_M_D_NAME:"IPC_M_D_00000D24" -IPC_C_D_NAME:"IPC_C_D_00000A08" -LANG_INI_FILE:"C:\Program Files (x86)\Maxthon3\Language\en.ini" -MxdlConfigFolder:"C:\Users\MrShock\AppData\Roaming\Maxthon3\Public\Downloader\" /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\MrShock\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\Microsoft_Hardware_Launch_IType_exe.job
C:\Windows\tasks\RDReminder.job
C:\Windows\tasks\SidebarExecute.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2008-12-26 6962208]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2008-12-26 1833504]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 363544]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2011-08-10 1873256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-08-28 3671904]
"AdobeBridge"= []
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2012-10-11 966072]
"KiesAirMessage"=C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [2012-10-09 580096]
""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-10-11 842680]
"tmp8AE9"=C:\Users\MrShock\AppData\Local\Temp\tmp8AE8.tmp.exe [2012-10-31 635392]
"Cracked Steam Service"=D:\Program Files (x86)\Cracked Steam\Cracked Steam.exe [2011-09-16 337506]
"MicroUpdate"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSDCSC\msdcscx.exe [2009-06-10 1169224]
"sysini"=C:\Users\MrShock\AppData\Roaming\sysini.exe [2012-11-17 25088]
"google"=C:\Users\MrShock\AppData\Roaming\wmdc.exe [2012-11-17 27648]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-09-25 895376]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2012-10-11 309688]
"PWRISOVM.EXE"=D:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-08-23 336992]
C:\Users\MrShock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
1server.exe.lnk - C:\Program Files (x86)\valve\platform\config\1server.exe
hamachi.lnk - C:\Program Files (x86)\Hamachi\hamachi.exe
listupdater.exe.lnk - C:\Program Files (x86)\Valve\platform\config\listupdater.exe
serverlistesi.exe.lnk - C:\Program Files (x86)\Valve\platform\config\serverlistesi.exe
zserver.exe.lnk - C:\Program Files (x86)\valve\platform\config\zserver.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 261120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"DisableTaskMgr"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.TMB1"=tmb1-v64.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"MSVideo8"=VfWWDM32.dll
"vidc.xtor"=DxtoryCodec64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-11-30 00:07:26 ----D---- C:\rsit
2012-11-30 00:07:26 ----D---- C:\Program Files\trend micro
2012-11-29 21:45:21 ----D---- C:\Users\MrShock\AppData\Roaming\mypcdrivers
2012-11-29 21:45:14 ----D---- C:\Program Files (x86)\MyPCDrivers
2012-11-29 19:26:18 ----D---- C:\Program Files (x86)\Windows7_Key_Changer
2012-11-28 21:29:09 ----D---- C:\Program Files (x86)\Skype
2012-11-28 18:34:15 ----D---- C:\Minecraft
2012-11-27 21:20:57 ----D---- C:\Games
2012-11-24 21:23:57 ----D---- C:\Program Files (x86)\GameTop.com
2012-11-24 18:43:26 ----D---- C:\Program Files (x86)\Intrusion 2
2012-11-24 13:56:23 ----D---- C:\Counter-Strike 1.6 [cswos.com]
2012-11-24 13:12:42 ----D---- C:\Program Files (x86)\Jed's Half-Life Model Viewer 1.3.6
2012-11-23 23:03:09 ----D---- C:\UrbanTerror42
2012-11-23 17:02:34 ----D---- C:\MP-HACKS.NET Aimbot Release 14
2012-11-23 11:28:21 ----D---- C:\SAVE
2012-11-23 11:08:45 ----A---- C:\Windows\sierra.ini
2012-11-23 11:07:47 ----D---- C:\Sierra
2012-11-22 20:13:02 ----D---- C:\Xonotic
2012-11-22 19:33:39 ----D---- C:\Program Files (x86)\Valve
2012-11-17 21:26:32 ----A---- C:\Users\MrShock\AppData\Roaming\wmdc.exe
2012-11-17 16:01:23 ----D---- C:\Program Files (x86)\booddanet
2012-11-17 15:56:20 ----D---- C:\Program Files\Steam
2012-11-17 15:39:13 ----A---- C:\Users\MrShock\AppData\Roaming\sysini.exe
2012-11-17 14:22:14 ----D---- C:\Program Files (x86)\Ubisoft
2012-11-17 13:48:52 ----D---- C:\Users\MrShock\AppData\Roaming\dclogs
2012-11-14 15:50:11 ----A---- C:\Users\MrShock\AppData\Roaming\ascrf.exe
2012-11-13 19:47:15 ----D---- C:\Program Files (x86)\Counter Strike 1.6 Modern Warfare 2
2012-11-12 15:33:30 ----A---- C:\Users\MrShock\AppData\Roaming\uTorrent.exe
2012-11-11 21:23:39 ----A---- C:\Windows\eReg.dat
2012-11-11 19:07:43 ----D---- C:\Program Files\Nem's Tools
2012-11-11 13:44:32 ----A---- C:\Users\MrShock\AppData\Roaming\dwm.exe
2012-11-09 21:49:54 ----D---- C:\Program Files (x86)\Fast AVI to GIF Converter
2012-11-09 21:49:54 ----A---- C:\Windows\Fast AVI to GIF Converter Uninstaller.exe
2012-11-09 16:12:00 ----A---- C:\Windows\SYSWOW64\dx8vb.dll
2012-11-09 12:40:00 ----D---- C:\Users\MrShock\AppData\Roaming\Sony Creative Software Inc
2012-11-07 20:52:43 ----D---- C:\Users\MrShock\AppData\Roaming\PowerISO
2012-11-07 20:36:32 ----A---- C:\Windows\system32\drivers\scdemu.sys
2012-11-07 14:53:49 ----D---- C:\Program Files\CCleaner
2012-11-06 19:21:59 ----D---- C:\ProgramData\Babylon
2012-11-06 19:21:58 ----D---- C:\Users\MrShock\AppData\Roaming\Babylon
2012-11-06 12:48:08 ----D---- C:\Program Files (x86)\BP DOWNLOADER
2012-11-05 15:19:04 ----A---- C:\Windows\system32\drivers\cnnctfy2.sys
2012-11-05 15:00:24 ----D---- C:\Users\MrShock\AppData\Roaming\Samsung
2012-11-05 13:40:23 ----A---- C:\Windows\system32\WdfCoInstaller01005.dll
2012-11-05 13:40:23 ----A---- C:\Windows\system32\drivers\WdfCoInstaller01005.dll
2012-11-05 13:40:23 ----A---- C:\Windows\system32\drivers\ssadwhnt.sys
2012-11-05 13:40:23 ----A---- C:\Windows\system32\drivers\ssadwh.sys
2012-11-05 13:40:23 ----A---- C:\Windows\system32\drivers\ssadmdm.sys
2012-11-05 13:40:23 ----A---- C:\Windows\system32\drivers\ssadmdfl.sys
2012-11-05 13:40:23 ----A---- C:\Windows\system32\drivers\ssadcmnt.sys
2012-11-05 13:40:23 ----A---- C:\Windows\system32\drivers\ssadcm.sys
2012-11-05 13:40:22 ----A---- C:\Windows\system32\drivers\ssadserd.sys
2012-11-05 13:40:22 ----A---- C:\Windows\system32\drivers\ssadbus.sys
2012-11-05 13:40:22 ----A---- C:\Windows\system32\drivers\ssadadb.sys
2012-11-05 13:39:29 ----A---- C:\Windows\SYSWOW64\Redemption.dll
2012-11-05 13:39:20 ----D---- C:\Program Files (x86)\MarkAny
2012-11-05 13:39:20 ----A---- C:\Windows\SYSWOW64\dgderapi.dll
2012-11-05 13:38:20 ----D---- C:\ProgramData\Samsung
2012-11-05 13:38:20 ----D---- C:\Program Files (x86)\Samsung
2012-11-01 10:31:08 ----A---- C:\Windows\system32\drivers\taphss6.sys
2012-11-01 10:25:26 ----A---- C:\Windows\system32\drivers\hssdrv6.sys
======List of files/folders modified in the last 1 month======
2012-11-30 00:07:26 ----RD---- C:\Program Files
2012-11-30 00:06:51 ----D---- C:\Users\MrShock\AppData\Roaming\uTorrent
2012-11-30 00:05:43 ----D---- C:\Users\MrShock\AppData\Roaming\Skype
2012-11-29 21:45:14 ----RD---- C:\Program Files (x86)
2012-11-29 21:30:39 ----D---- C:\Users\MrShock\AppData\Roaming\Hamachi
2012-11-29 19:48:01 ----HD---- C:\Windows\system32\GroupPolicy
2012-11-29 19:43:10 ----D---- C:\Windows\Temp
2012-11-29 19:42:54 ----D---- C:\Windows\debug
2012-11-29 19:28:30 ----SHD---- C:\System Volume Information
2012-11-29 19:28:30 ----D---- C:\Windows\Logs
2012-11-29 19:26:18 ----D---- C:\Windows\SysWOW64
2012-11-29 19:25:15 ----A---- C:\Windows\win.ini
2012-11-28 21:29:18 ----SHD---- C:\Windows\Installer
2012-11-28 21:29:18 ----D---- C:\ProgramData\Skype
2012-11-28 21:29:10 ----D---- C:\Program Files (x86)\Common Files
2012-11-27 21:21:45 ----D---- C:\Windows\SYSWOW64\directx
2012-11-23 16:32:55 ----D---- C:\Users\MrShock\AppData\Roaming\.minecraft
2012-11-23 11:08:45 ----D---- C:\Windows
2012-11-22 18:18:01 ----D---- C:\Windows\inf
2012-11-22 18:16:11 ----D---- C:\Windows\system32\LogFiles
2012-11-17 21:26:32 ----D---- C:\Windows\System32
2012-11-17 19:25:59 ----D---- C:\Windows\Prefetch
2012-11-17 16:17:27 ----D---- C:\Windows\LiveKernelReports
2012-11-17 14:22:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-17 13:45:31 ----HD---- C:\ProgramData
2012-11-17 13:02:24 ----D---- C:\Users\MrShock\AppData\Roaming\DAEMON Tools Lite
2012-11-17 08:47:39 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2012-11-17 08:47:35 ----D---- C:\Users\MrShock\AppData\Roaming\SystemRequirementsLab
2012-11-11 17:51:54 ----RD---- C:\Users
2012-11-11 13:19:38 ----D---- C:\Windows\system32\catroot2
2012-11-09 12:05:57 ----RSD---- C:\Windows\Fonts
2012-11-07 17:25:02 ----D---- C:\Windows\SYSWOW64\drivers
2012-11-07 15:18:16 ----D---- C:\ProgramData\PMB Files
2012-11-07 14:54:45 ----D---- C:\Windows\Panther
2012-11-07 14:54:42 ----D---- C:\Windows\Minidump
2012-11-06 18:55:24 ----RSD---- C:\Windows\assembly
2012-11-06 17:36:47 ----D---- C:\Windows\Downloaded Program Files
2012-11-06 17:34:39 ----D---- C:\Windows\system32\DriverStore
2012-11-06 17:34:39 ----D---- C:\Windows\system32\catroot
2012-11-06 16:45:51 ----D---- C:\Windows\system32\NDF
2012-11-06 12:50:35 ----D---- C:\Program Files (x86)\WebcamMax
2012-11-06 11:40:40 ----D---- C:\Windows\Microsoft.NET
2012-11-05 13:49:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-05 13:48:31 ----D---- C:\Windows\system32\config
2012-11-05 13:37:25 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-13 214096]
R0 SscRdBus;RamDisk bus enumerator; C:\Windows\system32\DRIVERS\SscRdBus.sys [2012-03-08 93928]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-13 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-26 283200]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-08-23 126944]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2012-09-28 33344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-23 6180832]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2008-12-26 1590048]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 PAC7302;iLook 300; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 532480]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2012-11-01 40712]
S1 PQNTDrv;PQNTDrv; C:\Windows\system32\drivers\PQNTDrv.sys []
S2 WCMVCAM;WebcamMax, WDM Video Capture; C:\Windows\system32\DRIVERS\wcmvcam64.sys [2012-04-15 1071032]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2012-06-27 36328]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-13 95232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-13 95232]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-10 44928]
S3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2012-10-10 29696]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-13 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-13 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-13 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2012-06-27 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2012-06-27 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2012-06-27 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2012-06-27 146920]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-13 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-13 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-13 21760]
S3 X6va011;X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-13 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-29 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-13 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-29 116648]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-13 27136]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-13 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-27 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Takže. Začnu asi takhle (bude to asi na dlouho). Poslední dobou co PC používám se vyskytují problémy. Řeknu Vám jaké. Když dám CTRL+ALT+DEL a dám Spravce Uloh, nic nenabehne. Take kdyz chci spustit cmd.exe tak také nejde. Nevím čím to je. Nejspíš mám v PC vir, ale nevím to jistě no. Poté když si něco uložím na plochu, nemužu to na ploše poté najít. Musím proto kliknout pravým tlačítkem myši a dát Aktualizovat (Refresh), a teprve potom se mi ikony zobrazí. Další problém je, že když ty ikony chci vymazat, buď mi to napíše error že soubor nebyl nalezen, a nebo musím dát znovu refresh (to samé při vysypávání koše.Někdy když zapnu pc tak naběhne vše v poho ale ukáže se zde pár errorů (typu 0xC0646, podobné) a teprve potom naběhne plocha.Taky se mi zdá že mám v PC velmi velmi divnej vir. Počas pracování s pc my vyskočí tabulka oznamující něco jako "Virtual Command Base Line přestal pracovat" a ve chvíly kdy dám OK tak se mi oteviraji a zaviraji CMD okýnka. Byl bych rád kdyby jste se mi na to koukli, protože vy jste jediný, kterým můžu věřit
Možná toho bude více a když mi nepomůžete, nebudu se zlobit. Chápu vás. A ještě se omlouvám za délku :/ (né textu ale počtu problému).Log z RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by MrShock at 2012-11-30 00:07:26
Microsoft Windows 7 Ultimate
System drive C: has 14 GB (22%) free of 67 GB
Total RAM: 4086 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:07:30, on 30.11.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Users\MrShock\AppData\Roaming\sysini.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
C:\Windows\SysWOW64\notepad.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe
C:\Program Files\trend micro\MrShock.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://find.localstrike.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://find.localstrike.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://find.localstrike.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://find.localstrike.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.games-fusion.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [tmp8AE9] "C:\Users\MrShock\AppData\Local\Temp\tmp8AE8.tmp.exe"
O4 - HKCU\..\Run: [Cracked Steam Service] "D:\Program Files (x86)\Cracked Steam\Cracked Steam.exe" /SERVICE
O4 - HKCU\..\Run: [MicroUpdate] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSDCSC\msdcscx.exe
O4 - HKCU\..\Run: [sysini] C:\Users\MrShock\AppData\Roaming\sysini.exe
O4 - HKCU\..\Run: [google] C:\Users\MrShock\AppData\Roaming\wmdc.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: 1server.exe.lnk = ?
O4 - Startup: hamachi.lnk = C:\Program Files (x86)\Hamachi\hamachi.exe
O4 - Startup: listupdater.exe.lnk = C:\Program Files (x86)\Valve\platform\config\listupdater.exe
O4 - Startup: serverlistesi.exe.lnk = C:\Program Files (x86)\Valve\platform\config\serverlistesi.exe
O4 - Startup: zserver.exe.lnk = ?
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7912 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-16646125-89fe-4f37-8664-8fb72cf57560 -SystemEventPortName:HostProcess-e6947ebe-3249-4faa-bf26-81cb5f99b552 -IoCancelEventPortName:HostProcess-9d64ff05-7fb1-4deb-8fcf-3c1edfd0f545 -NonStateChangingEventPortName:HostProcess-0b2efd08-d1a1-411f-95e9-4ac502bd358d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6fc3e843-4711-46e4-97a0-77b8c6fd6739
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Windows\PixArt\Pac7302\Monitor.exe"
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Users\MrShock\AppData\Roaming\sysini.exe"
"C:\Users\MrShock\AppData\Roaming\wmdc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
notepad
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe" "magnet:?xt=urn:btih:c797c6d270002a2d507447eef2fbc4d271309e8c&dn=Windows+7+Ultimate+32%2F64-bit+RemoveWAT+Included%21&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.publicbt.com%3A80&tr=udp%3A%2F%2Ftracker.istole.it%3A6969&tr=udp%3A%2F%2Ftracker.ccc.de%3A80"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\SysWOW64\WerFault.exe -u -p 3784 -s 1112
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe"
"C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe" -PID:"3364" -RunMxAddonsMgr -UserName:"guest" -LangIni:"C:\Program Files (x86)\Maxthon3\Language\en.ini" -AppDataPath:"C:\Users\MrShock\AppData\Roaming\Maxthon3\" /prefetch:3
"C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe" -RunResMgr -MainFrmIpc:"IPC_M_R_00000D24" -UsersFolder:"C:\Users\MrShock\AppData\Roaming\Maxthon3\Users\" -UserName:"guest" -LangIni:"C:\Program Files (x86)\Maxthon3\Language\en.ini" -AppDataPath:"C:\Users\MrShock\AppData\Roaming\Maxthon3\" -ProductType:"intl" /prefetch:3
"C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe" -RunCore -CoreType:"webkit-normal-0-00000D24" -MainFrmIpc:"IPC_M_C_00000D24" -ResMgrIpc:"IPC_R_C_00000D24" -UserName:"guest" -LangIni:"C:\Program Files (x86)\Maxthon3\Language\en.ini" -AppDataPath:"C:\Users\MrShock\AppData\Roaming\Maxthon3\" -ProductType:"intl" -CustomCacheFolder:"%TEMP%\Maxthon3Cache\Temp\Webkit\Cache" -SyEvent:"mxevent_IPC_R_C_00000D24" /prefetch:3
"C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe" -RunMxDl -IPC_M_D_NAME:"IPC_M_D_00000D24" -IPC_C_D_NAME:"IPC_C_D_00000A08" -LANG_INI_FILE:"C:\Program Files (x86)\Maxthon3\Language\en.ini" -MxdlConfigFolder:"C:\Users\MrShock\AppData\Roaming\Maxthon3\Public\Downloader\" /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\MrShock\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\Microsoft_Hardware_Launch_IType_exe.job
C:\Windows\tasks\RDReminder.job
C:\Windows\tasks\SidebarExecute.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2008-12-26 6962208]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2008-12-26 1833504]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 363544]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2011-08-10 1873256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-08-28 3671904]
"AdobeBridge"= []
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2012-10-11 966072]
"KiesAirMessage"=C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [2012-10-09 580096]
""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-10-11 842680]
"tmp8AE9"=C:\Users\MrShock\AppData\Local\Temp\tmp8AE8.tmp.exe [2012-10-31 635392]
"Cracked Steam Service"=D:\Program Files (x86)\Cracked Steam\Cracked Steam.exe [2011-09-16 337506]
"MicroUpdate"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSDCSC\msdcscx.exe [2009-06-10 1169224]
"sysini"=C:\Users\MrShock\AppData\Roaming\sysini.exe [2012-11-17 25088]
"google"=C:\Users\MrShock\AppData\Roaming\wmdc.exe [2012-11-17 27648]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-09-25 895376]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2012-10-11 309688]
"PWRISOVM.EXE"=D:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-08-23 336992]
C:\Users\MrShock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
1server.exe.lnk - C:\Program Files (x86)\valve\platform\config\1server.exe
hamachi.lnk - C:\Program Files (x86)\Hamachi\hamachi.exe
listupdater.exe.lnk - C:\Program Files (x86)\Valve\platform\config\listupdater.exe
serverlistesi.exe.lnk - C:\Program Files (x86)\Valve\platform\config\serverlistesi.exe
zserver.exe.lnk - C:\Program Files (x86)\valve\platform\config\zserver.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 261120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"DisableTaskMgr"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.TMB1"=tmb1-v64.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"MSVideo8"=VfWWDM32.dll
"vidc.xtor"=DxtoryCodec64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-11-30 00:07:26 ----D---- C:\rsit
2012-11-30 00:07:26 ----D---- C:\Program Files\trend micro
2012-11-29 21:45:21 ----D---- C:\Users\MrShock\AppData\Roaming\mypcdrivers
2012-11-29 21:45:14 ----D---- C:\Program Files (x86)\MyPCDrivers
2012-11-29 19:26:18 ----D---- C:\Program Files (x86)\Windows7_Key_Changer
2012-11-28 21:29:09 ----D---- C:\Program Files (x86)\Skype
2012-11-28 18:34:15 ----D---- C:\Minecraft
2012-11-27 21:20:57 ----D---- C:\Games
2012-11-24 21:23:57 ----D---- C:\Program Files (x86)\GameTop.com
2012-11-24 18:43:26 ----D---- C:\Program Files (x86)\Intrusion 2
2012-11-24 13:56:23 ----D---- C:\Counter-Strike 1.6 [cswos.com]
2012-11-24 13:12:42 ----D---- C:\Program Files (x86)\Jed's Half-Life Model Viewer 1.3.6
2012-11-23 23:03:09 ----D---- C:\UrbanTerror42
2012-11-23 17:02:34 ----D---- C:\MP-HACKS.NET Aimbot Release 14
2012-11-23 11:28:21 ----D---- C:\SAVE
2012-11-23 11:08:45 ----A---- C:\Windows\sierra.ini
2012-11-23 11:07:47 ----D---- C:\Sierra
2012-11-22 20:13:02 ----D---- C:\Xonotic
2012-11-22 19:33:39 ----D---- C:\Program Files (x86)\Valve
2012-11-17 21:26:32 ----A---- C:\Users\MrShock\AppData\Roaming\wmdc.exe
2012-11-17 16:01:23 ----D---- C:\Program Files (x86)\booddanet
2012-11-17 15:56:20 ----D---- C:\Program Files\Steam
2012-11-17 15:39:13 ----A---- C:\Users\MrShock\AppData\Roaming\sysini.exe
2012-11-17 14:22:14 ----D---- C:\Program Files (x86)\Ubisoft
2012-11-17 13:48:52 ----D---- C:\Users\MrShock\AppData\Roaming\dclogs
2012-11-14 15:50:11 ----A---- C:\Users\MrShock\AppData\Roaming\ascrf.exe
2012-11-13 19:47:15 ----D---- C:\Program Files (x86)\Counter Strike 1.6 Modern Warfare 2
2012-11-12 15:33:30 ----A---- C:\Users\MrShock\AppData\Roaming\uTorrent.exe
2012-11-11 21:23:39 ----A---- C:\Windows\eReg.dat
2012-11-11 19:07:43 ----D---- C:\Program Files\Nem's Tools
2012-11-11 13:44:32 ----A---- C:\Users\MrShock\AppData\Roaming\dwm.exe
2012-11-09 21:49:54 ----D---- C:\Program Files (x86)\Fast AVI to GIF Converter
2012-11-09 21:49:54 ----A---- C:\Windows\Fast AVI to GIF Converter Uninstaller.exe
2012-11-09 16:12:00 ----A---- C:\Windows\SYSWOW64\dx8vb.dll
2012-11-09 12:40:00 ----D---- C:\Users\MrShock\AppData\Roaming\Sony Creative Software Inc
2012-11-07 20:52:43 ----D---- C:\Users\MrShock\AppData\Roaming\PowerISO
2012-11-07 20:36:32 ----A---- C:\Windows\system32\drivers\scdemu.sys
2012-11-07 14:53:49 ----D---- C:\Program Files\CCleaner
2012-11-06 19:21:59 ----D---- C:\ProgramData\Babylon
2012-11-06 19:21:58 ----D---- C:\Users\MrShock\AppData\Roaming\Babylon
2012-11-06 12:48:08 ----D---- C:\Program Files (x86)\BP DOWNLOADER
2012-11-05 15:19:04 ----A---- C:\Windows\system32\drivers\cnnctfy2.sys
2012-11-05 15:00:24 ----D---- C:\Users\MrShock\AppData\Roaming\Samsung
2012-11-05 13:40:23 ----A---- C:\Windows\system32\WdfCoInstaller01005.dll
2012-11-05 13:40:23 ----A---- C:\Windows\system32\drivers\WdfCoInstaller01005.dll
2012-11-05 13:40:23 ----A---- C:\Windows\system32\drivers\ssadwhnt.sys
2012-11-05 13:40:23 ----A---- C:\Windows\system32\drivers\ssadwh.sys
2012-11-05 13:40:23 ----A---- C:\Windows\system32\drivers\ssadmdm.sys
2012-11-05 13:40:23 ----A---- C:\Windows\system32\drivers\ssadmdfl.sys
2012-11-05 13:40:23 ----A---- C:\Windows\system32\drivers\ssadcmnt.sys
2012-11-05 13:40:23 ----A---- C:\Windows\system32\drivers\ssadcm.sys
2012-11-05 13:40:22 ----A---- C:\Windows\system32\drivers\ssadserd.sys
2012-11-05 13:40:22 ----A---- C:\Windows\system32\drivers\ssadbus.sys
2012-11-05 13:40:22 ----A---- C:\Windows\system32\drivers\ssadadb.sys
2012-11-05 13:39:29 ----A---- C:\Windows\SYSWOW64\Redemption.dll
2012-11-05 13:39:20 ----D---- C:\Program Files (x86)\MarkAny
2012-11-05 13:39:20 ----A---- C:\Windows\SYSWOW64\dgderapi.dll
2012-11-05 13:38:20 ----D---- C:\ProgramData\Samsung
2012-11-05 13:38:20 ----D---- C:\Program Files (x86)\Samsung
2012-11-01 10:31:08 ----A---- C:\Windows\system32\drivers\taphss6.sys
2012-11-01 10:25:26 ----A---- C:\Windows\system32\drivers\hssdrv6.sys
======List of files/folders modified in the last 1 month======
2012-11-30 00:07:26 ----RD---- C:\Program Files
2012-11-30 00:06:51 ----D---- C:\Users\MrShock\AppData\Roaming\uTorrent
2012-11-30 00:05:43 ----D---- C:\Users\MrShock\AppData\Roaming\Skype
2012-11-29 21:45:14 ----RD---- C:\Program Files (x86)
2012-11-29 21:30:39 ----D---- C:\Users\MrShock\AppData\Roaming\Hamachi
2012-11-29 19:48:01 ----HD---- C:\Windows\system32\GroupPolicy
2012-11-29 19:43:10 ----D---- C:\Windows\Temp
2012-11-29 19:42:54 ----D---- C:\Windows\debug
2012-11-29 19:28:30 ----SHD---- C:\System Volume Information
2012-11-29 19:28:30 ----D---- C:\Windows\Logs
2012-11-29 19:26:18 ----D---- C:\Windows\SysWOW64
2012-11-29 19:25:15 ----A---- C:\Windows\win.ini
2012-11-28 21:29:18 ----SHD---- C:\Windows\Installer
2012-11-28 21:29:18 ----D---- C:\ProgramData\Skype
2012-11-28 21:29:10 ----D---- C:\Program Files (x86)\Common Files
2012-11-27 21:21:45 ----D---- C:\Windows\SYSWOW64\directx
2012-11-23 16:32:55 ----D---- C:\Users\MrShock\AppData\Roaming\.minecraft
2012-11-23 11:08:45 ----D---- C:\Windows
2012-11-22 18:18:01 ----D---- C:\Windows\inf
2012-11-22 18:16:11 ----D---- C:\Windows\system32\LogFiles
2012-11-17 21:26:32 ----D---- C:\Windows\System32
2012-11-17 19:25:59 ----D---- C:\Windows\Prefetch
2012-11-17 16:17:27 ----D---- C:\Windows\LiveKernelReports
2012-11-17 14:22:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-17 13:45:31 ----HD---- C:\ProgramData
2012-11-17 13:02:24 ----D---- C:\Users\MrShock\AppData\Roaming\DAEMON Tools Lite
2012-11-17 08:47:39 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2012-11-17 08:47:35 ----D---- C:\Users\MrShock\AppData\Roaming\SystemRequirementsLab
2012-11-11 17:51:54 ----RD---- C:\Users
2012-11-11 13:19:38 ----D---- C:\Windows\system32\catroot2
2012-11-09 12:05:57 ----RSD---- C:\Windows\Fonts
2012-11-07 17:25:02 ----D---- C:\Windows\SYSWOW64\drivers
2012-11-07 15:18:16 ----D---- C:\ProgramData\PMB Files
2012-11-07 14:54:45 ----D---- C:\Windows\Panther
2012-11-07 14:54:42 ----D---- C:\Windows\Minidump
2012-11-06 18:55:24 ----RSD---- C:\Windows\assembly
2012-11-06 17:36:47 ----D---- C:\Windows\Downloaded Program Files
2012-11-06 17:34:39 ----D---- C:\Windows\system32\DriverStore
2012-11-06 17:34:39 ----D---- C:\Windows\system32\catroot
2012-11-06 16:45:51 ----D---- C:\Windows\system32\NDF
2012-11-06 12:50:35 ----D---- C:\Program Files (x86)\WebcamMax
2012-11-06 11:40:40 ----D---- C:\Windows\Microsoft.NET
2012-11-05 13:49:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-05 13:48:31 ----D---- C:\Windows\system32\config
2012-11-05 13:37:25 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-13 214096]
R0 SscRdBus;RamDisk bus enumerator; C:\Windows\system32\DRIVERS\SscRdBus.sys [2012-03-08 93928]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-13 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-26 283200]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-08-23 126944]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2012-09-28 33344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-23 6180832]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2008-12-26 1590048]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 PAC7302;iLook 300; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 532480]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2012-11-01 40712]
S1 PQNTDrv;PQNTDrv; C:\Windows\system32\drivers\PQNTDrv.sys []
S2 WCMVCAM;WebcamMax, WDM Video Capture; C:\Windows\system32\DRIVERS\wcmvcam64.sys [2012-04-15 1071032]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2012-06-27 36328]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-13 95232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-13 95232]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-10 44928]
S3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2012-10-10 29696]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-13 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-13 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-13 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2012-06-27 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2012-06-27 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2012-06-27 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2012-06-27 146920]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-13 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-13 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-13 21760]
S3 X6va011;X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-13 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-29 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-13 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-29 116648]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-13 27136]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-13 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-27 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
A vy se divite, ze to mate zavirovane, kdyz tam nemate ani antivir? Hlavne ze tam mate uTorrent. Stahujete kdovi co ale zabezpeceni zadne 
Fakt idealni kombinace 
