LOG Hijack this

[chlupivnose]

Prosím o kontrolu logu

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:11:48, on 1.1.2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Users\chlupivnose\Downloads\hijackthis.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CS1\Services\Tcpip\..\{1CDB5EED-61F0-4B9A-A92E-077F445DD798}: NameServer = 192.168.240.1,213.180.33.225
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Unknown owner - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8086 bytes

[vyosek]

Zdravim, pekny den preji a vitam Vas u nas na foru

Prectete si prosim pravidla fora

Dejte log z RSIT, je podrobnejsi nez HJT - navod v mem podpise

Jsou s PC nejake problemy

[chlupivnose]

Logfile of random's system information tool 1.08 (written by random/random)
Run by chlupivnose at 2011-01-01 21:32:26
Microsoft Windows 7 Ultimate
System drive C: has 2 GB (3%) free of 60 GB
Total RAM: 3071 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:32:35, on 1.1.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\chlupivnose.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O17 - HKLM\System\CS1\Services\Tcpip\..\{1CDB5EED-61F0-4B9A-A92E-077F445DD798}: NameServer = 192.168.240.1,213.180.33.225
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Unknown owner - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8118 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG10\avgchsva.exe /boot
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe" -s DefaultInstance
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe"
"C:\Program Files (x86)\AVG\AVG10\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG10\avgemca.exe"
\??\C:\Windows\system32\conhost.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe" -s DefaultInstance
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-14e9c9eb-c094-487f-b20d-584a29fb104f -SystemEventPortName:HostProcess-81f216b9-9eb3-4a49-a26f-a038c4257a53 -IoCancelEventPortName:HostProcess-64d98748-c844-4cab-a734-aba78a9cec0b -NonStateChangingEventPortName:HostProcess-f61944b9-2288-45cd-9f46-9785be31f128 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fb2b5071-0f4f-42c2-b68d-3ac17b834ee6
"C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe" -m
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r
"C:\Program Files (x86)\AVG\AVG10\avgtray.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe"
\??\C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe /pipeName=7ceb240d-7b74-4c77-92aa-c868f72fa874 /coreSdkOptions=30 /logConfFile="C:\ProgramData\AVG10\temp\81ced87b-da16-4b23-833d-2b46f2ea500c-a80-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG10\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg10" /tempPath="C:\ProgramData\AVG10\temp\"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=840.b10dc20.961037626 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 840 plugin \\.\pipe\gecko-crash-server-pipe.840
"C:\Users\chlupivnose\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll [2010-11-22 3848032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssie.dll [2010-11-22 2732896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-01-29 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2005-02-17 221184]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
C:\Windows\FixCamera.exe [2007-07-11 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17RunE]
RunDll32 P17RunE.dll,RunDLLEntry []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2010-12-03 14944136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
C:\Windows\vsnpstd3.exe [2007-05-10 835584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"=C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe [2009-05-04 241789]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2010-10-22 2745696]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-25 98304]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"EasyTuneVI"=C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [2007-07-26 20480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-01-01 18:07:48 ----D---- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2011-01-01 17:57:56 ----A---- C:\Windows\isRS-000.tmp
2011-01-01 17:47:20 ----D---- C:\rsit
2011-01-01 17:47:20 ----D---- C:\Program Files\trend micro
2011-01-01 16:52:44 ----D---- C:\Program Files (x86)\UPM
2011-01-01 11:32:55 ----SHD---- C:\Config.Msi
2011-01-01 11:19:37 ----D---- C:\ATI
2010-12-31 18:25:07 ----D---- C:\ProgramData\ATI
2010-12-31 18:20:54 ----D---- C:\Program Files (x86)\ATI Stream
2010-12-31 14:16:31 ----D---- C:\Windows\pss
2010-12-26 11:21:21 ----A---- C:\Windows\vsnpstd3.exe
2010-12-26 11:21:21 ----A---- C:\Windows\tsnpstd3.exe
2010-12-26 11:21:21 ----A---- C:\Windows\system32\vsnpstd3.dll
2010-12-26 11:21:21 ----A---- C:\Windows\system32\drivers\snpstd3.sys
2010-12-26 11:21:21 ----A---- C:\Windows\FixCamera.exe
2010-12-26 11:21:21 ----A---- C:\Windows\amcap.exe
2010-12-26 11:21:20 ----A---- C:\Windows\SYSWOW64\vsnpstd3.dll
2010-12-26 11:21:20 ----A---- C:\Windows\SYSWOW64\rsnpstd3.dll
2010-12-26 11:21:20 ----A---- C:\Windows\SYSWOW64\drivers\snpstd3.sys
2010-12-26 11:21:20 ----A---- C:\Windows\system32\csnpstd3.dll
2010-12-26 11:21:20 ----A---- C:\Windows\snpstd3.ini
2010-12-26 11:21:20 ----A---- C:\Windows\csnpstd3.dll
2010-12-26 11:20:57 ----D---- C:\Users\chlupivnose\AppData\Roaming\InstallShield
2010-12-20 21:56:21 ----D---- C:\Users\chlupivnose\AppData\Roaming\proDAD
2010-12-20 21:56:21 ----D---- C:\Program Files (x86)\proDAD
2010-12-20 21:55:59 ----RA---- C:\Windows\SYSWOW64\qtmlClient.dll
2010-12-20 21:55:59 ----A---- C:\Windows\SYSWOW64\MtxPreview.dll
2010-12-20 21:55:59 ----A---- C:\Windows\SYSWOW64\MtxParhBFXPreview.dll
2010-12-20 21:55:59 ----A---- C:\Windows\SYSWOW64\CvoAPI.dll
2010-12-20 21:55:59 ----A---- C:\Windows\Graffiti5.2Pin.ini
2010-12-20 21:55:44 ----D---- C:\Program Files (x86)\Boris FX, Inc
2010-12-20 21:52:59 ----D---- C:\ProgramData\Pinnacle Studio Ultimate
2010-12-20 21:49:06 ----D---- C:\ProgramData\Studio 12
2010-12-20 21:49:06 ----D---- C:\ProgramData\Pinnacle Studio Plus
2010-12-18 19:47:11 ----D---- C:\Users\chlupivnose\AppData\Roaming\skypePM
2010-12-18 19:43:50 ----RD---- C:\Program Files (x86)\Skype
2010-12-18 19:43:50 ----D---- C:\Users\chlupivnose\AppData\Roaming\Skype
2010-12-18 19:43:47 ----D---- C:\ProgramData\Skype
2010-12-17 07:57:41 ----D---- C:\Program Files (x86)\directx
2010-12-17 07:57:24 ----D---- C:\Program Files (x86)\Rockstar Games
2010-12-15 05:29:41 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2010-12-15 05:21:03 ----A---- C:\Windows\SYSWOW64\tzres.dll
2010-12-15 05:21:03 ----A---- C:\Windows\system32\tzres.dll
2010-12-15 05:21:01 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-15 05:21:00 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2010-12-15 05:21:00 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2010-12-15 05:21:00 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2010-12-15 05:21:00 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2010-12-15 05:21:00 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-15 05:21:00 ----A---- C:\Windows\system32\taskschd.dll
2010-12-15 05:21:00 ----A---- C:\Windows\system32\taskeng.exe
2010-12-15 05:21:00 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-15 05:21:00 ----A---- C:\Windows\system32\schtasks.exe
2010-12-15 05:20:52 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2010-12-15 05:20:52 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2010-12-15 05:20:52 ----A---- C:\Windows\system32\atmlib.dll
2010-12-15 05:20:52 ----A---- C:\Windows\system32\atmfd.dll
2010-12-15 05:20:50 ----A---- C:\Windows\system32\win32k.sys
2010-12-15 05:20:46 ----A---- C:\Windows\SYSWOW64\webio.dll
2010-12-15 05:20:46 ----A---- C:\Windows\system32\webio.dll
2010-12-15 05:20:18 ----A---- C:\Windows\system32\consent.exe
2010-12-15 05:20:15 ----A---- C:\Windows\system32\mshtml.dll
2010-12-15 05:20:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-12-15 05:20:14 ----A---- C:\Windows\system32\mstime.dll
2010-12-15 05:20:14 ----A---- C:\Windows\system32\iertutil.dll
2010-12-15 05:20:14 ----A---- C:\Windows\system32\ieframe.dll
2010-12-15 05:20:13 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-12-15 05:20:13 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-12-15 05:20:13 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-12-15 05:20:12 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-12-15 05:20:12 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-12-15 05:20:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2010-12-15 05:20:12 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-12-15 05:20:12 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-12-15 05:20:12 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-12-15 05:20:12 ----A---- C:\Windows\system32\wininet.dll
2010-12-15 05:20:12 ----A---- C:\Windows\system32\urlmon.dll
2010-12-15 05:20:12 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-15 05:20:12 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-15 05:20:12 ----A---- C:\Windows\system32\ieui.dll
2010-12-15 05:20:12 ----A---- C:\Windows\system32\iepeers.dll
2010-12-15 05:20:12 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-15 05:20:11 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2010-12-15 05:20:11 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-12-15 05:20:11 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-12-15 05:20:11 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2010-12-15 05:20:11 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-12-15 05:20:11 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-15 05:20:11 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-15 05:20:11 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-15 05:20:11 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-13 21:42:42 ----D---- C:\Users\chlupivnose\AppData\Roaming\AVG10
2010-12-13 21:41:20 ----HD---- C:\ProgramData\Common Files
2010-12-13 21:40:25 ----D---- C:\Windows\system32\drivers\AVG
2010-12-13 21:40:25 ----D---- C:\ProgramData\AVG10
2010-12-13 21:21:28 ----D---- C:\ProgramData\MFAData
2010-12-13 16:29:50 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2010-12-13 16:29:50 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2010-12-13 16:29:50 ----A---- C:\Windows\system32\XAudio2_7.dll
2010-12-13 16:29:50 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2010-12-13 16:29:49 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2010-12-13 16:29:49 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2010-12-13 16:29:49 ----A---- C:\Windows\system32\xactengine3_7.dll
2010-12-13 16:29:49 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2010-12-13 16:29:48 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2010-12-13 16:29:48 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2010-12-13 16:29:48 ----A---- C:\Windows\system32\d3dx11_43.dll
2010-12-13 16:29:48 ----A---- C:\Windows\system32\d3dcsx_43.dll
2010-12-13 16:29:47 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2010-12-13 16:29:47 ----A---- C:\Windows\system32\d3dx10_43.dll
2010-12-13 16:29:46 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2010-12-13 16:29:46 ----A---- C:\Windows\system32\D3DX9_43.dll
2010-12-10 13:20:20 ----D---- C:\Program Files (x86)\Nox
2010-12-08 20:09:41 ----D---- C:\ProgramData\{6C784BD0-F8BE-4F53-8572-55AF6E559817}
2010-12-08 20:08:42 ----D---- C:\PCSEL40
2010-12-08 09:48:22 ----A---- C:\Windows\WDIRECT.INI
2010-12-08 04:12:36 ----A---- C:\Windows\system32\drivers\avgldx64.sys
2010-12-07 12:17:20 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2010-12-07 12:15:30 ----A---- C:\Windows\system32\OpenCL.dll

======List of files/folders modified in the last 1 months======

2011-01-01 18:20:37 ----D---- C:\Windows\system32\config
2011-01-01 18:18:03 ----D---- C:\Windows\Prefetch
2011-01-01 18:10:22 ----D---- C:\Windows\Temp
2011-01-01 18:08:08 ----D---- C:\Windows\SysWOW64
2011-01-01 18:07:48 ----RD---- C:\Program Files (x86)
2011-01-01 18:07:48 ----D---- C:\Windows
2011-01-01 18:05:49 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-01-01 17:58:00 ----D---- C:\Windows\SYSWOW64\drivers
2011-01-01 17:47:20 ----RD---- C:\Program Files
2011-01-01 17:39:21 ----D---- C:\Windows\system32\Tasks
2011-01-01 11:33:03 ----SHD---- C:\Windows\Installer
2011-01-01 11:20:14 ----D---- C:\Program Files (x86)\ATI Technologies
2011-01-01 11:20:08 ----SHD---- C:\System Volume Information
2010-12-31 18:25:07 ----HD---- C:\ProgramData
2010-12-31 18:22:48 ----D---- C:\Windows\System32
2010-12-31 18:22:03 ----D---- C:\Windows\system32\catroot
2010-12-31 18:20:52 ----D---- C:\Program Files (x86)\ATI
2010-12-31 18:20:46 ----D---- C:\Windows\system32\drivers
2010-12-31 18:20:44 ----D---- C:\Program Files\ATI Technologies
2010-12-31 18:20:13 ----D---- C:\Windows\system32\DriverStore
2010-12-31 18:20:13 ----D---- C:\Windows\inf
2010-12-29 15:22:04 ----D---- C:\Windows\Minidump
2010-12-29 15:21:41 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-12-28 19:11:40 ----D---- C:\Windows\system32\catroot2
2010-12-28 15:05:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-27 21:32:21 ----D---- C:\Users\chlupivnose\AppData\Roaming\uTorrent
2010-12-26 20:54:01 ----D---- C:\Program Files (x86)\Pinnacle
2010-12-26 11:21:52 ----D---- C:\ProgramData\InstallShield
2010-12-26 11:21:21 ----D---- C:\Windows\twain_32
2010-12-26 11:21:21 ----A---- C:\Windows\win.ini
2010-12-26 11:21:20 ----D---- C:\Program Files (x86)\Common Files
2010-12-20 21:53:32 ----SD---- C:\Users\chlupivnose\AppData\Roaming\Microsoft
2010-12-20 21:52:30 ----D---- C:\Windows\winsxs
2010-12-20 21:49:06 ----D---- C:\ProgramData\Pinnacle
2010-12-15 12:52:48 ----D---- C:\Windows\rescache
2010-12-15 05:31:06 ----D---- C:\Windows\SYSWOW64\sk-SK
2010-12-15 05:31:05 ----D---- C:\Windows\SYSWOW64\en-US
2010-12-15 05:31:05 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-12-15 05:31:05 ----D---- C:\Windows\system32\sk-SK
2010-12-15 05:31:05 ----D---- C:\Windows\system32\en-US
2010-12-15 05:31:05 ----D---- C:\Windows\system32\cs-CZ
2010-12-15 05:31:04 ----D---- C:\Windows\SYSWOW64\migration
2010-12-15 05:31:04 ----D---- C:\Program Files\Windows Mail
2010-12-15 05:31:04 ----D---- C:\Program Files\Internet Explorer
2010-12-15 05:31:04 ----D---- C:\Program Files (x86)\Windows Mail
2010-12-15 05:31:04 ----D---- C:\Program Files (x86)\Internet Explorer
2010-12-15 05:31:03 ----D---- C:\Windows\system32\migration
2010-12-15 05:27:47 ----A---- C:\Windows\system32\MRT.exe
2010-12-13 21:41:11 ----D---- C:\Windows\SYSWOW64\drivers\avg
2010-12-13 21:32:23 ----D---- C:\ProgramData\avg9
2010-12-13 21:30:59 ----D---- C:\Program Files (x86)\AVG
2010-12-11 05:43:49 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-12-05 15:14:54 ----D---- C:\Windows\system32\wdi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 27216]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2010-09-07 30288]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-16 834544]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2010-12-08 308304]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2010-09-07 41040]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2010-11-12 382032]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-06-04 314016]
R2 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x64.sys [2009-03-27 19432]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-06-04 43680]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-11-26 289792]
R3 AODDriver;AODDriver; \??\C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [2010-03-12 52280]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 157264]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 35920]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2011-01-01 25640]
R3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2011-01-01 30528]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
R3 P17;SB Audigy; C:\Windows\system32\drivers\P17.sys [2009-04-21 1288192]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-01-17 82816]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-07-14 60288]
S3 ahs3k40x;ahs3k40x; C:\Windows\system32\drivers\ahs3k40x.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 cpuz130;cpuz130; \??\C:\Users\CHLUPI~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys []
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-04-22 12744]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2010-12-26 25640]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 33856]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP4\WNt500x64\Sandra.sys []
S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\Windows\system32\DRIVERS\snpstd3.sys [2007-10-16 10693120]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-11-26 203776]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-23 6128208]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe [2009-02-28 81920]
R2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
R2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe [2009-02-28 2732032]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-25 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-01-23 79360]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-03-29 332720]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

[chlupivnose]

Děkuji a přidávám lok z RSIT
S poočítačem sou problémy při startu a vypínání
Trvá to moc dlouho do určité doby startoval do 40sec ,teď mu to trvá třeba 5min
A vypínání to samé.

[vyosek]

Uvolnete volne misto alespon na 8 giga, jinak se Vam Windows uplne udusi

Doporucuji zmenu antiviru - AVG nepatri mezi nami doporucovane a oblibene - velke naroky na PC, slabsi detekce - doporucuji Avast nebo Aviru

Doporucuji odinstalovat Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

• Nahrady za Spybota:
  • Spyware Terminator - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=44730
  • SuperAntiSpyare - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=51359
• Samozrejme pouzivejte jen jeden z nich
• Osobne doporucuji SuperAntiSpyware

Stahnete OTM (viz muj podpis)

• Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
• Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

• Kód: Vybrat vše

  :reg
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "DAEMON Tools Lite"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17RunE]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
  
  :services
  gupdate
  
  :files
  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp /s
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Kliknete na cervene tlacitko MoveIt!
• Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte

[chlupivnose]

All processes killed
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17RunE\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ not found.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP folder moved successfully.
C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7F4E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP827B.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9C4F.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE234.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\Windows\Installer\MSIB3D8.tmp moved successfully.
C:\Windows\Temp\CR_1DC1.tmp folder moved successfully.
C:\Windows\Temp\CR_86DB.tmp folder moved successfully.
C:\Windows\Temp\CR_97AC.tmp folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: chlupivnose
->Temp folder emptied: 35063593 bytes
->Temporary Internet Files folder emptied: 60182749 bytes
->Java cache emptied: 3054716 bytes
->FireFox cache emptied: 63615611 bytes
->Google Chrome cache emptied: 5952115 bytes
->Flash cache emptied: 126810 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 70208 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67911 bytes
RecycleBin emptied: 834 bytes

Total Files Cleaned = 160,00 mb


OTM by OldTimer - Version 3.1.17.2 log created on 01012011_221500

Files moved on Reboot...
C:\Users\chlupivnose\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

[vyosek]

Jdeme dale

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Doporucuji provest defragmentaci disku

• Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
  • Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
  • prepnete se do zalozky Nastroje
  • Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
  • Toto provedte se vsemi disky
• Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
  • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
  • Kliknete na Analyzovat
  • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
  • Postup provedte se vsemi disky
• Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
  • Vyhodou programku je, ze se neinstaluje
  • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
  • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
  • Probehne analyza disku a nasledne i defragmentace

Napiste jak se chova PC

[chlupivnose]

Děkuji za pomoc ,něco se smázlo,defragmentace šla celou noc.
A nyní zatím všechno běží jak má ,tak uvidíme

[vyosek]

Nemate zac, rad jsem pomohl