VIRY.CZ

Hezký večer.

Můj problém spočívá v tom, že se mi samovolně klidně i 5x denně vypne wifi a pomůže jen restart mého NTB. Začne se chovat jako by tam nebyli žádné ovladače a NTB síť WIFI neznal.
plus... druhý problém je ten, že mi nelze udělat RSIT log.. vypisuje mi chybu " AutoIt Error ... Error: The requested action with this object has failed ".

Takže prosím o radu o zprovoznění logu aby jsme se mohli pohnout dále z místa

Děkuji pěkně .

Zdravim

Zkuste spustit RSIT v nouzovem rezimu

Logfile of random's system information tool 1.09 (written by random/random)
Run by LEJLLINKA at 2013-03-30 10:44:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 80 GB (28%) free of 286 GB
Total RAM: 4001 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:44:33, on 30.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files\trend micro\LEJLLINKA.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.com.tr/?win=46&clid=1921951
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Visual bookmarks - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
O3 - Toolbar: Yandex.Bar - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9562 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\LEJLLINKA\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2012-10-01 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2013-02-22 2325624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2013-01-15 139344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C93F72A2-2162-4BBA-A07A-F13663C297A6}]
Visual bookmarks - C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll [2012-02-14 2773816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL [2013-02-22 1722976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]
{7473b6bd-4691-4744-a82b-7854eb3d70b6}
{91397D20-1446-11D4-8AF4-0040CA1127B6} - Yandex.Bar - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll [2012-03-05 8921400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-05-21 440128]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-05-21 170304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-05-21 398656]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 649608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-09-14 895376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
c:\program files (x86)\common files\adobe\cs5servicemanager\cs5servicemanager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6]
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2012-09-24 490880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Chat]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe [2007-06-29 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
c:\program files (x86)\daemon tools lite\dtlite.exe [2012-08-28 3671904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-09-14 895376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray.exe]
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [2012-08-15 104088]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-05-21 436224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"MSVideo"=vfwwdm32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-30 10:42:39 ----D---- C:\Program Files\trend micro
2013-03-30 10:40:59 ----A---- C:\Windows\ntbtlog.txt
2013-03-29 20:51:09 ----D---- C:\rsit
2013-03-29 14:33:52 ----D---- C:\ImperiaMU EX700
2013-03-28 01:53:51 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-03-26 10:21:53 ----D---- C:\Windows\SYSWOW64\ScreenShots
2013-03-26 04:12:11 ----D---- C:\Windows\pss
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-03-22 15:02:04 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\wininet.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\wextract.exe
2013-03-22 15:02:04 ----A---- C:\Windows\system32\webcheck.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\vbscript.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\urlmon.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\url.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-03-22 15:02:04 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-03-22 15:02:04 ----A---- C:\Windows\system32\pngfilt.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\occache.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-03-22 15:02:04 ----A---- C:\Windows\system32\msrating.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\msls31.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\mshtmler.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\mshtml.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\mshta.exe
2013-03-22 15:02:04 ----A---- C:\Windows\system32\msfeedssync.exe
2013-03-22 15:02:04 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\licmgr10.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\jscript9.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\jscript.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\inseng.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\imgutil.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\iexpress.exe
2013-03-22 15:02:04 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-22 15:02:04 ----A---- C:\Windows\system32\ieui.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\iesysprep.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\iesetup.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\iertutil.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\iernonce.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\iepeers.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\ieframe.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\iedkcs32.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\ieapfltr.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\ieapfltr.dat
2013-03-22 15:02:04 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\ie4uinit.exe
2013-03-22 15:02:04 ----A---- C:\Windows\system32\icardie.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\elshyph.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\dxtrans.dll
2013-03-22 15:02:04 ----A---- C:\Windows\system32\dxtmsft.dll
2013-03-22 15:01:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-22 15:01:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-22 15:01:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-22 15:01:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-22 15:01:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-22 15:01:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-22 15:01:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-22 15:01:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-22 15:01:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-22 15:01:11 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-22 15:01:11 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-22 15:01:11 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-22 15:01:11 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-22 15:01:11 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-22 15:01:11 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-22 15:01:11 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-22 15:01:11 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-22 15:01:11 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-22 15:01:11 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-03-22 15:01:11 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-03-22 15:01:11 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-03-22 15:01:11 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-03-22 15:01:11 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-03-22 15:01:11 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-03-22 15:01:11 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-03-22 15:01:11 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-03-22 15:01:11 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-03-22 15:01:11 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-03-22 15:01:11 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-03-22 15:01:11 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-03-22 15:01:11 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-03-22 15:01:11 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-03-22 15:01:11 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-03-22 15:01:11 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-03-22 15:01:11 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-03-22 15:01:11 ----A---- C:\Windows\system32\XpsPrint.dll
2013-03-22 15:01:11 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-03-22 15:01:11 ----A---- C:\Windows\system32\WMPhoto.dll
2013-03-22 15:01:11 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-03-22 15:01:11 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-03-22 15:01:11 ----A---- C:\Windows\system32\UIAnimation.dll
2013-03-22 15:01:11 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-03-22 15:01:11 ----A---- C:\Windows\system32\FntCache.dll
2013-03-22 15:01:11 ----A---- C:\Windows\system32\dxgi.dll
2013-03-22 15:01:11 ----A---- C:\Windows\system32\DWrite.dll
2013-03-22 15:01:11 ----A---- C:\Windows\system32\d3d11.dll
2013-03-22 15:01:11 ----A---- C:\Windows\system32\d3d10warp.dll
2013-03-22 15:01:11 ----A---- C:\Windows\system32\d3d10level9.dll
2013-03-22 15:01:11 ----A---- C:\Windows\system32\d3d10core.dll
2013-03-22 15:01:11 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-03-22 15:01:11 ----A---- C:\Windows\system32\d3d10_1.dll
2013-03-22 15:01:11 ----A---- C:\Windows\system32\d3d10.dll
2013-03-22 15:01:11 ----A---- C:\Windows\system32\d2d1.dll
2013-03-14 23:03:59 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-14 01:39:57 ----SH---- C:\Windows\SYSWOW64\devil.dll
2013-03-14 01:39:57 ----SH---- C:\Windows\SYSWOW64\avisynth.dll
2013-03-14 01:39:56 ----SH---- C:\Windows\SYSWOW64\yv12vfw.dll
2013-03-14 01:39:56 ----SH---- C:\Windows\SYSWOW64\AVSredirect.dll
2013-03-14 01:39:55 ----SH---- C:\Windows\SYSWOW64\i420vfw.dll
2013-03-14 01:39:52 ----D---- C:\Program Files (x86)\AviSynth 2.5
2013-03-14 01:30:36 ----D---- C:\ProgramData\BrowserProtect
2013-03-14 01:30:15 ----RASH---- C:\Windows\SYSWOW64\winDCE32.dll
2013-03-14 01:30:15 ----RASH---- C:\Windows\SYSWOW64\nbDX.dll
2013-03-14 01:30:15 ----RASH---- C:\Windows\SYSWOW64\msfDX.dll
2013-03-14 01:30:15 ----RASH---- C:\Windows\SYSWOW64\flvDX.dll
2013-03-14 01:30:15 ----A---- C:\Windows\SYSWOW64\pncrt.dll
2013-03-14 01:30:15 ----A---- C:\Windows\SYSWOW64\drvc.dll
2013-03-14 01:30:14 ----RASH---- C:\Windows\SYSWOW64\TAKDSDecoder.dll
2013-03-14 01:30:02 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\Babylon
2013-03-14 01:30:02 ----D---- C:\ProgramData\Babylon
2013-03-14 01:28:57 ----D---- C:\Program Files (x86)\eRightSoft
2013-03-10 10:33:10 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\VMware
2013-03-10 10:31:08 ----A---- C:\Windows\SYSWOW64\vsocklib.dll
2013-03-10 10:31:08 ----A---- C:\Windows\system32\vsocklib.dll
2013-03-10 10:31:07 ----A---- C:\Windows\system32\drivers\vsock.sys
2013-03-10 10:30:11 ----A---- C:\Windows\system32\drivers\vmx86.sys
2013-03-10 10:29:17 ----A---- C:\Windows\SYSWOW64\vmnetdhcp.exe
2013-03-10 10:29:12 ----A---- C:\Windows\SYSWOW64\vmnat.exe
2013-03-10 10:29:10 ----A---- C:\Windows\system32\drivers\vmnetuserif.sys
2013-03-10 10:28:46 ----A---- C:\Windows\system32\vnetlib64.dll
2013-03-10 10:28:17 ----A---- C:\Windows\system32\drivers\hcmon.sys
2013-03-10 10:27:33 ----D---- C:\Program Files\Common Files\VMware
2013-03-10 10:26:58 ----D---- C:\ProgramData\VMware
2013-03-10 10:26:58 ----D---- C:\Program Files (x86)\VMware
2013-03-08 13:38:58 ----A---- C:\Imperia MU Online.lnk
2013-03-05 22:49:45 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\MagicIndie
2013-03-04 13:10:28 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\AlawarEntertainment
2013-03-01 19:16:00 ----D---- C:\ProgramData\McAfee

======List of files/folders modified in the last 1 month======

2013-03-30 10:44:32 ----D---- C:\Windows\Temp
2013-03-30 10:42:39 ----RD---- C:\Program Files
2013-03-30 10:40:59 ----D---- C:\Windows
2013-03-30 10:39:55 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\uTorrent
2013-03-30 10:39:43 ----D---- C:\Windows\system32\Tasks
2013-03-30 10:34:54 ----D---- C:\Windows\Prefetch
2013-03-29 18:49:50 ----D---- C:\Windows\system32\config
2013-03-29 14:36:49 ----D---- C:\ProgramData\PMB Files
2013-03-29 11:10:56 ----D---- C:\Imperia MU Online
2013-03-28 02:11:40 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-28 01:56:21 ----SHD---- C:\Windows\Installer
2013-03-28 01:56:21 ----SHD---- C:\Config.Msi
2013-03-28 01:56:01 ----D---- C:\ProgramData\Microsoft Help
2013-03-28 01:55:21 ----RSD---- C:\Windows\assembly
2013-03-28 01:55:14 ----SHD---- C:\System Volume Information
2013-03-28 01:53:51 ----RD---- C:\Program Files (x86)
2013-03-28 01:51:06 ----A---- C:\Windows\win.ini
2013-03-26 22:53:42 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\TS3Client
2013-03-26 10:22:09 ----D---- C:\Windows\SysWOW64
2013-03-26 04:06:04 ----D---- C:\Windows\system32\wdi
2013-03-23 00:11:07 ----D---- C:\Windows\system32\FxsTmp
2013-03-22 22:19:09 ----D---- C:\Windows\rescache
2013-03-22 15:14:47 ----D---- C:\Windows\inf
2013-03-22 15:14:18 ----D---- C:\Windows\winsxs
2013-03-22 15:13:25 ----D---- C:\Windows\Panther
2013-03-22 15:11:36 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-22 15:11:36 ----D---- C:\Windows\system32\cs-CZ
2013-03-22 15:11:36 ----D---- C:\Program Files\Internet Explorer
2013-03-22 15:11:36 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-22 15:11:35 ----D---- C:\Windows\SYSWOW64\migration
2013-03-22 15:11:34 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-22 15:11:33 ----D---- C:\Windows\system32\migration
2013-03-22 15:11:33 ----D---- C:\Windows\PolicyDefinitions
2013-03-22 15:11:32 ----D---- C:\Windows\system32\en-US
2013-03-22 15:11:32 ----D---- C:\Windows\System32
2013-03-22 15:11:30 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-03-22 15:11:30 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-03-22 15:11:30 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-03-22 15:11:30 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-03-22 15:11:30 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-03-22 15:11:30 ----D---- C:\Windows\SYSWOW64\it-IT
2013-03-22 15:11:30 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-03-22 15:11:30 ----D---- C:\Windows\SYSWOW64\el-GR
2013-03-22 15:11:29 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-03-22 15:11:29 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-03-22 15:11:29 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-03-22 15:11:29 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-03-22 15:11:29 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-03-22 15:11:29 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-03-22 15:11:29 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-03-22 15:11:29 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-03-22 15:11:29 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-03-22 15:11:29 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-03-22 15:11:29 ----D---- C:\Windows\SYSWOW64\es-ES
2013-03-22 15:11:29 ----D---- C:\Windows\SYSWOW64\de-DE
2013-03-22 15:11:29 ----D---- C:\Windows\SYSWOW64\da-DK
2013-03-22 15:11:28 ----D---- C:\Windows\system32\zh-HK
2013-03-22 15:11:28 ----D---- C:\Windows\system32\pt-PT
2013-03-22 15:11:28 ----D---- C:\Windows\system32\pt-BR
2013-03-22 15:11:28 ----D---- C:\Windows\system32\pl-PL
2013-03-22 15:11:28 ----D---- C:\Windows\system32\nl-NL
2013-03-22 15:11:28 ----D---- C:\Windows\system32\ko-KR
2013-03-22 15:11:28 ----D---- C:\Windows\system32\it-IT
2013-03-22 15:11:28 ----D---- C:\Windows\system32\hu-HU
2013-03-22 15:11:28 ----D---- C:\Windows\system32\fr-FR
2013-03-22 15:11:28 ----D---- C:\Windows\system32\el-GR
2013-03-22 15:11:27 ----D---- C:\Windows\system32\tr-TR
2013-03-22 15:11:27 ----D---- C:\Windows\system32\sv-SE
2013-03-22 15:11:27 ----D---- C:\Windows\system32\fi-FI
2013-03-22 15:11:27 ----D---- C:\Windows\system32\es-ES
2013-03-22 15:11:26 ----D---- C:\Windows\system32\zh-TW
2013-03-22 15:11:26 ----D---- C:\Windows\system32\zh-CN
2013-03-22 15:11:26 ----D---- C:\Windows\system32\ja-JP
2013-03-22 15:11:26 ----D---- C:\Windows\system32\de-DE
2013-03-22 15:11:26 ----D---- C:\Windows\system32\catroot2
2013-03-22 15:11:25 ----D---- C:\Windows\system32\ru-RU
2013-03-22 15:11:25 ----D---- C:\Windows\system32\nb-NO
2013-03-22 15:11:25 ----D---- C:\Windows\system32\da-DK
2013-03-22 15:11:22 ----D---- C:\Windows\system32\drivers
2013-03-22 15:11:20 ----D---- C:\Windows\system32\DriverStore
2013-03-22 15:09:42 ----D---- C:\Windows\debug
2013-03-22 15:07:17 ----D---- C:\Windows\Logs
2013-03-22 15:06:37 ----D---- C:\Windows\system32\catroot
2013-03-21 00:08:06 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\Media Player Classic
2013-03-20 23:17:16 ----SHD---- C:\Boot
2013-03-20 22:50:47 ----D---- C:\ProgramData\Tunngle
2013-03-20 22:50:46 ----D---- C:\ProgramData\Atheros
2013-03-20 22:40:29 ----D---- C:\Games
2013-03-15 23:59:33 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\Xfire
2013-03-15 12:36:28 ----D---- C:\Windows\system32\NDF
2013-03-14 01:30:36 ----HD---- C:\ProgramData
2013-03-14 01:30:29 ----RSD---- C:\Windows\Fonts
2013-03-13 19:41:36 ----D---- C:\ProgramData\Xfire
2013-03-13 16:58:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-13 13:54:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-13 13:45:55 ----D---- C:\Windows\AppPatch
2013-03-13 13:41:50 ----A---- C:\Windows\system32\MRT.exe
2013-03-10 10:27:49 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-03-10 10:27:33 ----D---- C:\Program Files\Common Files
2013-03-10 10:27:16 ----D---- C:\Windows\SYSWOW64\drivers
2013-03-10 10:26:58 ----D---- C:\Program Files (x86)\Common Files
2013-03-08 13:44:13 ----SHD---- C:\$Recycle.Bin
2013-03-08 13:44:08 ----RD---- C:\Users
2013-03-06 12:02:47 ----D---- C:\Program Files (x86)\Evil Warrior
2013-03-04 12:45:15 ----SD---- C:\Users\LEJLLINKA\AppData\Roaming\Microsoft
2013-03-02 14:17:14 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\DAEMON Tools Lite
2013-03-01 19:17:22 ----D---- C:\ProgramData\Adobe
2013-03-01 19:16:33 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\Adobe
2013-03-01 19:15:36 ----D---- C:\Program Files (x86)\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-08-30 30056]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2012-07-06 85104]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2012-07-06 70256]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 54072]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-14 283200]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-01-10 2801664]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2012-08-15 20120]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 984144]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 370288]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 59728]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 25232]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2012-08-01 52376]
S2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2012-08-15 45720]
S2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2012-08-15 30360]
S2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2012-08-15 67224]
S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared); C:\Windows\SysWOW64\drivers\vstor2-mntapi10-shared.sys [2011-07-12 33392]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-05-21 14759520]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 lvpepf64;Volume Adapter; C:\Windows\system32\DRIVERS\lv302a64.sys [2008-07-26 15768]
S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2008-07-26 790424]
S3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V64.SYS [2008-07-26 2624408]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-27 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-10-27 57856]
S3 vmusb;VMware USB Client Driver; C:\Windows\System32\Drivers\vmusb.sys [2012-08-01 37680]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-12 1026432]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
S2 BrowserProtect;BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-02-21 2561488]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-13 136176]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-08-30 891240]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-30 1258856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2012-08-15 79872]
S2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2012-08-15 357016]
S2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-08-01 917656]
S2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2012-08-15 435864]
S2 VMwareHostd;VMware Workstation Server; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-08-15 15680000]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-05-21 276288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-13 136176]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-07-19 738152]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-14 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Odinstalujte Advanced SystemCare a pripadne vse dalsi od IObit. Tento program dokaze nadelat vic skody nez uzitku!


Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

# AdwCleaner v2.115 - Log vytvooen 30/03/2013 v 14:01:16
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : LEJLLINKA - LEJLLINKA-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\LEJLLINKA\Desktop\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****

Nalezeno : BrowserProtect

***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files (x86)\Conduit
Složka Nalezeno : C:\Program Files (x86)\uTorrentControl_v2
Složka Nalezeno : C:\ProgramData\Babylon
Složka Nalezeno : C:\ProgramData\BrowserProtect
Složka Nalezeno : C:\ProgramData\Trymedia
Složka Nalezeno : C:\Users\LEJLLINKA\AppData\Local\Conduit
Složka Nalezeno : C:\Users\LEJLLINKA\AppData\LocalLow\Conduit
Složka Nalezeno : C:\Users\LEJLLINKA\AppData\LocalLow\uTorrentControl_v2
Složka Nalezeno : C:\Users\LEJLLINKA\AppData\Roaming\Babylon
Složka Nalezeno : C:\Users\LEJLLINKA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Složka Nalezeno : C:\Users\LEJLLINKA\AppData\Roaming\OpenCandy
Soubor Nalezeno : C:\Users\LEJLLINKA\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences

***** [Registry] *****

Data Nalezeno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Klíe Nalezeno : HKCU\Software\AppDataLow\Toolbar
Klíe Nalezeno : HKCU\Software\BabylonToolbar
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\DataMngr
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Klíe Nalezeno : HKCU\Software\5853dd8db13fea46
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\Software\DataMngr
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Klíe Nalezeno : HKLM\Software\uTorrentControl_v2
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\5853dd8db13fea46
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{06D15EE6-B610-46ED-8011-E1FA94C7F29C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2950F2D7-0AD8-4ED4-B917-D6637BD2A657}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Klíe Nalezeno : HKU\S-1-5-21-2071892548-2898469267-266200642-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Registry jsou eisté.

-\\ Google Chrome v26.0.1410.43

Soubor : C:\Users\LEJLLINKA\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

Soubor : C:\Users\ejhaaa\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

-\\ Chromium vw_on_all_tabs:true}

Soubor : C:\Users\LEJLLINKA\AppData\Local\Chromium\User Data\Default\Preferences

[OK] Soubor je eistý.

-\\ Opera v [Nemohu získat verzi]

Soubor : C:\Users\LEJLLINKA\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [4452 octets] - [30/03/2013 14:01:16]

########## EOF - C:\AdwCleaner[R1].txt - [4512 octets] ##########

Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Smazat
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner [S1].txt ). Ten mi sem zase zkopirujte.


Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

# AdwCleaner v2.115 - Log vytvooen 30/03/2013 v 21:07:02
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : LEJLLINKA - LEJLLINKA-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\LEJLLINKA\Desktop\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****

Zastaveno & vymazáno : BrowserProtect

***** [Soubory / Složky] *****

Složka Vymazáno : C:\Program Files (x86)\Conduit
Složka Vymazáno : C:\Program Files (x86)\uTorrentControl_v2
Složka Vymazáno : C:\ProgramData\Babylon
Složka Vymazáno : C:\ProgramData\Trymedia
Složka Vymazáno : C:\Users\LEJLLINKA\AppData\Local\Conduit
Složka Vymazáno : C:\Users\LEJLLINKA\AppData\LocalLow\Conduit
Složka Vymazáno : C:\Users\LEJLLINKA\AppData\LocalLow\uTorrentControl_v2
Složka Vymazáno : C:\Users\LEJLLINKA\AppData\Roaming\Babylon
Složka Vymazáno : C:\Users\LEJLLINKA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Složka Vymazáno : C:\Users\LEJLLINKA\AppData\Roaming\OpenCandy
Soubor Vymazáno : C:\Users\LEJLLINKA\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Vymazáno poi restartu : C:\ProgramData\BrowserProtect

***** [Registry] *****

Data Vymazáno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Hodnota Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Klíe Vymazáno : HKCU\Software\AppDataLow\Toolbar
Klíe Vymazáno : HKCU\Software\BabylonToolbar
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\DataMngr
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Klíe Vymazáno : HKCU\Software\5853dd8db13fea46
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKLM\Software\Babylon
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\Software\DataMngr
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Klíe Vymazáno : HKLM\Software\uTorrentControl_v2
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\5853dd8db13fea46
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{06D15EE6-B610-46ED-8011-E1FA94C7F29C}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2950F2D7-0AD8-4ED4-B917-D6637BD2A657}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Registry jsou eisté.

-\\ Google Chrome v26.0.1410.43

Soubor : C:\Users\LEJLLINKA\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

Soubor : C:\Users\ejhaaa\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

-\\ Chromium vw_on_all_tabs:true}

Soubor : C:\Users\LEJLLINKA\AppData\Local\Chromium\User Data\Default\Preferences

[OK] Soubor je eistý.

-\\ Opera v [Nemohu získat verzi]

Soubor : C:\Users\LEJLLINKA\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [4577 octets] - [30/03/2013 14:01:16]
AdwCleaner[S1].txt - [4372 octets] - [30/03/2013 21:07:02]

########## EOF - C:\AdwCleaner[S1].txt - [4432 octets] ##########

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.03.30.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16521
LEJLLINKA :: LEJLLINKA-PC [administrátor]

Ochrana: Povolena

30.3.2013 21:13:11
MBAM-log-2013-03-30 (22-41-58).txt

Typ: Kompletní kontrola (C:\|D:\|E:\|F:\|G:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 601736
Uplynulý čas: 1 hodin, 19 minut, 28 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 9
C:\Imperia MU Online\Launcher.exe (Backdoor.Bot) -> Nebyla provedena žádná instrukce.
C:\Imperia MU Online\main.exe (Backdoor.Bot) -> Nebyla provedena žádná instrukce.
C:\ImperiaMU EX700\Launcher.exe (Backdoor.Bot) -> Nebyla provedena žádná instrukce.
C:\Program Files\Sony\Vegas Pro 12.0\vegas.pro.12.-patch.exe (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Users\LEJLLINKA\Desktop\MU Antiferna PRE S8E1 V1.00.06 [Sin Sonido]\Jugar.exe (Backdoor.Bot) -> Nebyla provedena žádná instrukce.
D:\Programy\Adobe Photoshop CS5 CZ\Crack\adobe_PS_CS5_keygen.exe (Malware.Packer.Gen) -> Nebyla provedena žádná instrukce.
D:\Programy\Extreme Movie Manager 7.2.2.9\Keygen\Keygen.exe (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.
D:\Programy\Sony Vegas Pro 12 Build 367 (64 bit patch-KHG) [ChingLiu]\patch - KHG\vegas.pro.12.-patch.exe (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
D:\Programy\VMware.Workstation.v9.0.0.812388+Keygen[Korke]\keygen.exe (Riskware.Tool.CK) -> Nebyla provedena žádná instrukce.

(konec)

Nalezy nebudu komentovat. Doporucuji je odstranit, klidne mohou byt zavsivene.


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : LEJLLINKA [Práva správce]
Mód : Kontrola -- Datum : 03/31/2013 00:13:39
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9750420AS ATA Device +++++
--- User ---
[MBR] 0ead0c2be44aca3e2cf57b939247a2b7
[BSP] a6dfcef95bdca6f6c690eb797753f4a9 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 286161 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 638488576 | Size: 403641 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_03312013_02d0013.txt >>
RKreport[1]_S_03312013_02d0013.txt

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : LEJLLINKA [Práva správce]
Mód : Odebrat -- Datum : 03/31/2013 10:04:45
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9750420AS ATA Device +++++
--- User ---
[MBR] 0ead0c2be44aca3e2cf57b939247a2b7
[BSP] a6dfcef95bdca6f6c690eb797753f4a9 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 286161 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 638488576 | Size: 403641 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[3]_D_03312013_02d1004.txt >>
RKreport[1]_S_03312013_02d0013.txt ; RKreport[2]_S_03312013_02d1003.txt ; RKreport[3]_D_03312013_02d1004.txt

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : LEJLLINKA [Práva správce]
Mód : Oprava HOSTS -- Datum : 03/31/2013 10:06:08
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4]_H_03312013_02d1006.txt >>
RKreport[1]_S_03312013_02d0013.txt ; RKreport[2]_S_03312013_02d1003.txt ; RKreport[3]_D_03312013_02d1004.txt ; RKreport[4]_H_03312013_02d1006.txt

Dejte novy log z RSIT

Po tomto restartu se mi PC nezvyklo dlouho zapínal... dokonce mi vyběhla tabulka "System Windows neodpovídá (ukončit proces nebo storno)"

Logfile of random's system information tool 1.09 (written by random/random)
Run by LEJLLINKA at 2013-03-31 10:30:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 79 GB (28%) free of 286 GB
Total RAM: 4001 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:30:11, on 31.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files\trend micro\LEJLLINKA.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.com.tr/?win=46&clid=1921951
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Visual bookmarks - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Yandex.Bar - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll c:\windows\syswow64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9435 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Users\LEJLLINKA\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2012-10-01 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2013-02-22 2325624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2013-01-15 139344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C93F72A2-2162-4BBA-A07A-F13663C297A6}]
Visual bookmarks - C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll [2012-02-14 2773816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL [2013-02-22 1722976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]
{91397D20-1446-11D4-8AF4-0040CA1127B6} - Yandex.Bar - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll [2012-03-05 8921400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-05-21 440128]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-05-21 170304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-05-21 398656]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 649608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-09-14 895376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
c:\program files (x86)\common files\adobe\cs5servicemanager\cs5servicemanager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6]
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe /AutoStart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Chat]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe [2007-06-29 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
c:\program files (x86)\daemon tools lite\dtlite.exe [2012-08-28 3671904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-09-14 895376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray.exe]
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [2012-08-15 104088]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-05-21 436224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"MSVideo"=vfwwdm32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-30 22:12:29 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\Malwarebytes
2013-03-30 22:12:22 ----D---- C:\ProgramData\Malwarebytes
2013-03-30 22:12:22 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-30 22:12:22 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-03-30 22:07:02 ----A---- C:\AdwCleaner[S1].txt
2013-03-30 15:01:16 ----A---- C:\AdwCleaner[R1].txt
2013-03-30 14:59:27 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\Apple Computer
2013-03-30 11:42:39 ----D---- C:\Program Files\trend micro
2013-03-30 11:40:59 ----A---- C:\Windows\ntbtlog.txt
2013-03-29 21:51:09 ----D---- C:\rsit
2013-03-29 15:33:52 ----D---- C:\ImperiaMU EX700
2013-03-28 02:53:51 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-03-26 11:21:53 ----D---- C:\Windows\SYSWOW64\ScreenShots
2013-03-26 05:12:11 ----D---- C:\Windows\pss
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-03-22 16:02:04 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\wininet.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\wextract.exe
2013-03-22 16:02:04 ----A---- C:\Windows\system32\webcheck.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\vbscript.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\urlmon.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\url.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-03-22 16:02:04 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-03-22 16:02:04 ----A---- C:\Windows\system32\pngfilt.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\occache.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-03-22 16:02:04 ----A---- C:\Windows\system32\msrating.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\msls31.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\mshtmler.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\mshtml.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\mshta.exe
2013-03-22 16:02:04 ----A---- C:\Windows\system32\msfeedssync.exe
2013-03-22 16:02:04 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\licmgr10.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\jscript9.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\jscript.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\inseng.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\imgutil.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\iexpress.exe
2013-03-22 16:02:04 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-22 16:02:04 ----A---- C:\Windows\system32\ieui.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\iesysprep.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\iesetup.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\iertutil.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\iernonce.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\iepeers.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\ieframe.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\iedkcs32.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\ieapfltr.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\ieapfltr.dat
2013-03-22 16:02:04 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\ie4uinit.exe
2013-03-22 16:02:04 ----A---- C:\Windows\system32\icardie.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\elshyph.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\dxtrans.dll
2013-03-22 16:02:04 ----A---- C:\Windows\system32\dxtmsft.dll
2013-03-22 16:01:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-22 16:01:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-22 16:01:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-22 16:01:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-22 16:01:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-22 16:01:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-22 16:01:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-22 16:01:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-22 16:01:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-22 16:01:11 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-22 16:01:11 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-22 16:01:11 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-22 16:01:11 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-22 16:01:11 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-22 16:01:11 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-22 16:01:11 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-22 16:01:11 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-22 16:01:11 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-22 16:01:11 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-03-22 16:01:11 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-03-22 16:01:11 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-03-22 16:01:11 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-03-22 16:01:11 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-03-22 16:01:11 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-03-22 16:01:11 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-03-22 16:01:11 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-03-22 16:01:11 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-03-22 16:01:11 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-03-22 16:01:11 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-03-22 16:01:11 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-03-22 16:01:11 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-03-22 16:01:11 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-03-22 16:01:11 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-03-22 16:01:11 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-03-22 16:01:11 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-03-22 16:01:11 ----A---- C:\Windows\system32\XpsPrint.dll
2013-03-22 16:01:11 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-03-22 16:01:11 ----A---- C:\Windows\system32\WMPhoto.dll
2013-03-22 16:01:11 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-03-22 16:01:11 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-03-22 16:01:11 ----A---- C:\Windows\system32\UIAnimation.dll
2013-03-22 16:01:11 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-03-22 16:01:11 ----A---- C:\Windows\system32\FntCache.dll
2013-03-22 16:01:11 ----A---- C:\Windows\system32\dxgi.dll
2013-03-22 16:01:11 ----A---- C:\Windows\system32\DWrite.dll
2013-03-22 16:01:11 ----A---- C:\Windows\system32\d3d11.dll
2013-03-22 16:01:11 ----A---- C:\Windows\system32\d3d10warp.dll
2013-03-22 16:01:11 ----A---- C:\Windows\system32\d3d10level9.dll
2013-03-22 16:01:11 ----A---- C:\Windows\system32\d3d10core.dll
2013-03-22 16:01:11 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-03-22 16:01:11 ----A---- C:\Windows\system32\d3d10_1.dll
2013-03-22 16:01:11 ----A---- C:\Windows\system32\d3d10.dll
2013-03-22 16:01:11 ----A---- C:\Windows\system32\d2d1.dll
2013-03-15 00:03:59 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-14 02:39:57 ----SH---- C:\Windows\SYSWOW64\devil.dll
2013-03-14 02:39:57 ----SH---- C:\Windows\SYSWOW64\avisynth.dll
2013-03-14 02:39:56 ----SH---- C:\Windows\SYSWOW64\yv12vfw.dll
2013-03-14 02:39:56 ----SH---- C:\Windows\SYSWOW64\AVSredirect.dll
2013-03-14 02:39:55 ----SH---- C:\Windows\SYSWOW64\i420vfw.dll
2013-03-14 02:39:52 ----D---- C:\Program Files (x86)\AviSynth 2.5
2013-03-14 02:30:15 ----RASH---- C:\Windows\SYSWOW64\winDCE32.dll
2013-03-14 02:30:15 ----RASH---- C:\Windows\SYSWOW64\nbDX.dll
2013-03-14 02:30:15 ----RASH---- C:\Windows\SYSWOW64\msfDX.dll
2013-03-14 02:30:15 ----RASH---- C:\Windows\SYSWOW64\flvDX.dll
2013-03-14 02:30:15 ----A---- C:\Windows\SYSWOW64\pncrt.dll
2013-03-14 02:30:15 ----A---- C:\Windows\SYSWOW64\drvc.dll
2013-03-14 02:30:14 ----RASH---- C:\Windows\SYSWOW64\TAKDSDecoder.dll
2013-03-14 02:28:57 ----D---- C:\Program Files (x86)\eRightSoft
2013-03-10 11:33:10 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\VMware
2013-03-10 11:31:08 ----A---- C:\Windows\SYSWOW64\vsocklib.dll
2013-03-10 11:31:08 ----A---- C:\Windows\system32\vsocklib.dll
2013-03-10 11:31:07 ----A---- C:\Windows\system32\drivers\vsock.sys
2013-03-10 11:30:11 ----A---- C:\Windows\system32\drivers\vmx86.sys
2013-03-10 11:29:17 ----A---- C:\Windows\SYSWOW64\vmnetdhcp.exe
2013-03-10 11:29:12 ----A---- C:\Windows\SYSWOW64\vmnat.exe
2013-03-10 11:29:10 ----A---- C:\Windows\system32\drivers\vmnetuserif.sys
2013-03-10 11:28:46 ----A---- C:\Windows\system32\vnetlib64.dll
2013-03-10 11:28:17 ----A---- C:\Windows\system32\drivers\hcmon.sys
2013-03-10 11:27:33 ----D---- C:\Program Files\Common Files\VMware
2013-03-10 11:26:58 ----D---- C:\ProgramData\VMware
2013-03-10 11:26:58 ----D---- C:\Program Files (x86)\VMware
2013-03-08 14:38:58 ----A---- C:\Imperia MU Online.lnk
2013-03-05 23:49:45 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\MagicIndie
2013-03-04 14:10:28 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\AlawarEntertainment
2013-03-01 20:16:00 ----D---- C:\ProgramData\McAfee

======List of files/folders modified in the last 1 month======

2013-03-31 10:05:06 ----D---- C:\Windows\Prefetch
2013-03-31 10:02:50 ----D---- C:\Windows\Temp
2013-03-31 10:02:35 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\uTorrent
2013-03-31 02:53:20 ----D---- C:\ProgramData\PMB Files
2013-03-31 01:05:36 ----D---- C:\Imperia MU Online
2013-03-30 22:12:22 ----RD---- C:\Program Files (x86)
2013-03-30 22:12:22 ----HD---- C:\ProgramData
2013-03-30 22:12:22 ----D---- C:\Windows\system32\drivers
2013-03-30 22:10:52 ----D---- C:\Windows
2013-03-30 18:48:44 ----D---- C:\Windows\system32\Tasks
2013-03-30 11:42:39 ----RD---- C:\Program Files
2013-03-29 19:49:50 ----D---- C:\Windows\system32\config
2013-03-28 03:11:40 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-28 02:56:21 ----SHD---- C:\Windows\Installer
2013-03-28 02:56:21 ----SHD---- C:\Config.Msi
2013-03-28 02:56:01 ----D---- C:\ProgramData\Microsoft Help
2013-03-28 02:55:21 ----RSD---- C:\Windows\assembly
2013-03-28 02:55:14 ----SHD---- C:\System Volume Information
2013-03-28 02:51:06 ----A---- C:\Windows\win.ini
2013-03-26 23:53:42 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\TS3Client
2013-03-26 11:22:09 ----D---- C:\Windows\SysWOW64
2013-03-26 05:06:04 ----D---- C:\Windows\system32\wdi
2013-03-23 01:11:07 ----D---- C:\Windows\system32\FxsTmp
2013-03-22 23:19:09 ----D---- C:\Windows\rescache
2013-03-22 16:14:47 ----D---- C:\Windows\inf
2013-03-22 16:14:18 ----D---- C:\Windows\winsxs
2013-03-22 16:13:25 ----D---- C:\Windows\Panther
2013-03-22 16:11:36 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-22 16:11:36 ----D---- C:\Windows\system32\cs-CZ
2013-03-22 16:11:36 ----D---- C:\Program Files\Internet Explorer
2013-03-22 16:11:36 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-22 16:11:35 ----D---- C:\Windows\SYSWOW64\migration
2013-03-22 16:11:34 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-22 16:11:33 ----D---- C:\Windows\system32\migration
2013-03-22 16:11:33 ----D---- C:\Windows\PolicyDefinitions
2013-03-22 16:11:32 ----D---- C:\Windows\system32\en-US
2013-03-22 16:11:32 ----D---- C:\Windows\System32
2013-03-22 16:11:30 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-03-22 16:11:30 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-03-22 16:11:30 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-03-22 16:11:30 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-03-22 16:11:30 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-03-22 16:11:30 ----D---- C:\Windows\SYSWOW64\it-IT
2013-03-22 16:11:30 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-03-22 16:11:30 ----D---- C:\Windows\SYSWOW64\el-GR
2013-03-22 16:11:29 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-03-22 16:11:29 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-03-22 16:11:29 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-03-22 16:11:29 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-03-22 16:11:29 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-03-22 16:11:29 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-03-22 16:11:29 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-03-22 16:11:29 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-03-22 16:11:29 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-03-22 16:11:29 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-03-22 16:11:29 ----D---- C:\Windows\SYSWOW64\es-ES
2013-03-22 16:11:29 ----D---- C:\Windows\SYSWOW64\de-DE
2013-03-22 16:11:29 ----D---- C:\Windows\SYSWOW64\da-DK
2013-03-22 16:11:28 ----D---- C:\Windows\system32\zh-HK
2013-03-22 16:11:28 ----D---- C:\Windows\system32\pt-PT
2013-03-22 16:11:28 ----D---- C:\Windows\system32\pt-BR
2013-03-22 16:11:28 ----D---- C:\Windows\system32\pl-PL
2013-03-22 16:11:28 ----D---- C:\Windows\system32\nl-NL
2013-03-22 16:11:28 ----D---- C:\Windows\system32\ko-KR
2013-03-22 16:11:28 ----D---- C:\Windows\system32\it-IT
2013-03-22 16:11:28 ----D---- C:\Windows\system32\hu-HU
2013-03-22 16:11:28 ----D---- C:\Windows\system32\fr-FR
2013-03-22 16:11:28 ----D---- C:\Windows\system32\el-GR
2013-03-22 16:11:27 ----D---- C:\Windows\system32\tr-TR
2013-03-22 16:11:27 ----D---- C:\Windows\system32\sv-SE
2013-03-22 16:11:27 ----D---- C:\Windows\system32\fi-FI
2013-03-22 16:11:27 ----D---- C:\Windows\system32\es-ES
2013-03-22 16:11:26 ----D---- C:\Windows\system32\zh-TW
2013-03-22 16:11:26 ----D---- C:\Windows\system32\zh-CN
2013-03-22 16:11:26 ----D---- C:\Windows\system32\ja-JP
2013-03-22 16:11:26 ----D---- C:\Windows\system32\de-DE
2013-03-22 16:11:26 ----D---- C:\Windows\system32\catroot2
2013-03-22 16:11:25 ----D---- C:\Windows\system32\ru-RU
2013-03-22 16:11:25 ----D---- C:\Windows\system32\nb-NO
2013-03-22 16:11:25 ----D---- C:\Windows\system32\da-DK
2013-03-22 16:11:20 ----D---- C:\Windows\system32\DriverStore
2013-03-22 16:09:42 ----D---- C:\Windows\debug
2013-03-22 16:07:17 ----D---- C:\Windows\Logs
2013-03-22 16:06:37 ----D---- C:\Windows\system32\catroot
2013-03-21 01:08:06 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\Media Player Classic
2013-03-21 00:17:16 ----SHD---- C:\Boot
2013-03-20 23:50:47 ----D---- C:\ProgramData\Tunngle
2013-03-20 23:50:46 ----D---- C:\ProgramData\Atheros
2013-03-20 23:40:29 ----D---- C:\Games
2013-03-16 00:59:33 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\Xfire
2013-03-15 13:36:28 ----D---- C:\Windows\system32\NDF
2013-03-14 02:30:29 ----RSD---- C:\Windows\Fonts
2013-03-13 20:41:36 ----D---- C:\ProgramData\Xfire
2013-03-13 17:58:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-13 14:54:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-13 14:45:55 ----D---- C:\Windows\AppPatch
2013-03-13 14:41:50 ----A---- C:\Windows\system32\MRT.exe
2013-03-10 11:27:49 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-03-10 11:27:33 ----D---- C:\Program Files\Common Files
2013-03-10 11:27:16 ----D---- C:\Windows\SYSWOW64\drivers
2013-03-10 11:26:58 ----D---- C:\Program Files (x86)\Common Files
2013-03-08 14:44:13 ----SHD---- C:\$Recycle.Bin
2013-03-08 14:44:08 ----RD---- C:\Users
2013-03-06 13:02:47 ----D---- C:\Program Files (x86)\Evil Warrior
2013-03-04 13:45:15 ----SD---- C:\Users\LEJLLINKA\AppData\Roaming\Microsoft
2013-03-02 15:17:14 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\DAEMON Tools Lite
2013-03-01 20:17:22 ----D---- C:\ProgramData\Adobe
2013-03-01 20:16:33 ----D---- C:\Users\LEJLLINKA\AppData\Roaming\Adobe
2013-03-01 20:15:36 ----D---- C:\Program Files (x86)\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-08-30 30056]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2012-07-06 85104]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2012-07-06 70256]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 54072]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-14 283200]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-01-10 2801664]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2012-08-15 20120]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-31 984144]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-31 370288]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-31 59728]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-31 25232]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-31 71600]
S2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2012-08-01 52376]
S2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2012-08-15 45720]
S2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2012-08-15 30360]
S2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2012-08-15 67224]
S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared); C:\Windows\SysWOW64\drivers\vstor2-mntapi10-shared.sys [2011-07-12 33392]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-05-21 14759520]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 lvpepf64;Volume Adapter; C:\Windows\system32\DRIVERS\lv302a64.sys [2008-07-26 15768]
S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2008-07-26 790424]
S3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V64.SYS [2008-07-26 2624408]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-27 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-10-27 57856]
S3 vmusb;VMware USB Client Driver; C:\Windows\System32\Drivers\vmusb.sys [2012-08-01 37680]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-13 136176]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-08-30 891240]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-30 1258856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2012-08-15 79872]
S2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2012-08-15 357016]
S2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-08-01 917656]
S2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2012-08-15 435864]
S2 VMwareHostd;VMware Workstation Server; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-08-15 15680000]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-05-21 276288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-13 136176]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-07-19 738152]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-14 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------