virus v sieti?

Zpráva

.3o. · #1 Příspěvek od **.3o.** » 20 črc 2012 11:44

Ahojte...uz par dni mi nejde net na ntb a dnes mi jeden chlapik to bol pozret a vravi ze je to virus..neda sa mi ani len napingovat rooter ani sa dostat do jeho nastaveni priste nic
preto sa chcme spytat ci uz mal niekto skusenost s takym virom
eset mi ho nevie najst tak neviete mi poradit dake ine riesenie?

#2 Příspěvek od **Rudy** » 20 črc 2012 17:21

Zdravím!
Můžeme prověřit, zda nemáte vir v NB. Dejte log RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 .

.3o. · #3 Příspěvek od **.3o.** » 21 črc 2012 09:16

Logfile of random's system information tool 1.09 (written by random/random)
Run by ASUS at 2012-07-21 09:37:38
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 27 GB (35%) free of 76 GB
Total RAM: 4061 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:37:43, on 21. 7. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\trend micro\ASUS.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\prxtbfree.dll
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: free-downloads.net - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\prxtbfree.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\prxtbfree.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{DF11DE23-31BA-441B-AFF4-355660273674}: NameServer = 195.146.128.60,195.146.132.59
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - D:\matove\Programi\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10040 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2b8
C:\Windows\system32\svchost.exe -k LocalService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {69A6951F-7D9E-4B65-8B76-D237DF7C390C}
"taskhost.exe"
C:\Windows\System32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
taskeng.exe {CE4D4C55-67BC-4F80-B9CE-AF18393FE39C}
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
Atouch64.exe
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe"
"C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe"
"D:\matove\Programi\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e1a7cd5b-a1a7-4532-824b-80e35dcf0bce -SystemEventPortName:HostProcess-9e98ef1f-2b92-4a88-8e26-efd9bad90369 -IoCancelEventPortName:HostProcess-70ee78e9-86de-464b-b780-507163e85504 -NonStateChangingEventPortName:HostProcess-17418714-9fbe-4c7c-85cd-9b622ec16772 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:99814906-929c-4272-8992-150722ec7976
C:\Windows\servicing\TrustedInstaller.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\ASUS\Desktop\RSITx64 - kópia.exe"
C:\Windows\system32\wbem\wmiprvse.exe
wmiadap.exe /R /T

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3555248299-2386077507-1566747029-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3555248299-2386077507-1566747029-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
free-downloads.net Toolbar - C:\Program Files (x86)\free-downloads.net\prxtbfree.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2011-08-01 1536320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2011-08-01 1000768]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
{ecdee021-0d17-467f-a1ff-c7a115230949} - free-downloads.net Toolbar - C:\Program Files (x86)\free-downloads.net\prxtbfree.dll [2011-05-09 176936]
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EeeStorageBackup"=C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe [2009-08-25 947472]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-06-12 619392]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-29 2716216]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 4]
D:\matove\Programi\Advanced SystemCare 4\ASCTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
D:\matove\Programi\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\ASUS\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7M\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
D:\matove\Programi\Torrent\uTorrent.exe [2012-05-09 879984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\INSTAL~1\{60D66~1\_DCE9A~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ASUS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PowerStrip.lnk]
C:\PROGRA~2\POWERS~1\PStrip.exe [2012-06-14 743104]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 2244096]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-07-07 8493624]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
C:\Windows\AsScrProlog.exe [2009-10-31 72248]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-10-31 3054136]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-07-20 16:28:53 ----A---- C:\Windows\system32\FNTCACHE.DAT
2012-07-15 11:25:29 ----D---- C:\Users\ASUS\AppData\Roaming\Malwarebytes
2012-07-15 11:25:12 ----D---- C:\ProgramData\Malwarebytes
2012-07-13 15:23:55 ----A---- C:\Users\ASUS\AppData\Roaming\PStrip.bak
2012-07-13 15:23:28 ----A---- C:\Users\ASUS\AppData\Roaming\PStrip.ini
2012-07-13 15:18:58 ----A---- C:\Windows\wininit.ini
2012-07-13 15:18:40 ----A---- C:\Windows\system32\drivers\pstrip64.sys
2012-07-13 15:18:35 ----D---- C:\Program Files (x86)\PowerStrip
2012-07-11 21:50:00 ----D---- C:\Users\ASUS\AppData\Roaming\ICQ Search
2012-07-11 21:49:54 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2012-07-11 21:49:48 ----D---- C:\ProgramData\ICQ
2012-07-11 21:49:31 ----D---- C:\Users\ASUS\AppData\Roaming\ICQ
2012-07-11 16:08:45 ----A---- C:\Windows\system32\win32k.sys
2012-07-11 16:01:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-07-11 16:01:28 ----A---- C:\Windows\system32\mshtmled.dll
2012-07-11 16:01:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-07-11 16:01:26 ----A---- C:\Windows\SYSWOW64\url.dll
2012-07-11 16:01:26 ----A---- C:\Windows\system32\urlmon.dll
2012-07-11 16:01:26 ----A---- C:\Windows\system32\url.dll
2012-07-11 16:01:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-07-11 16:01:25 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-07-11 16:01:25 ----A---- C:\Windows\system32\ieui.dll
2012-07-11 16:01:25 ----A---- C:\Windows\system32\iertutil.dll
2012-07-11 16:01:24 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-07-11 16:01:24 ----A---- C:\Windows\system32\ieUnatt.exe
2012-07-11 16:01:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-07-11 16:01:23 ----A---- C:\Windows\system32\wininet.dll
2012-07-11 16:01:23 ----A---- C:\Windows\system32\jsproxy.dll
2012-07-11 16:01:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-07-11 16:01:21 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-07-11 16:01:21 ----A---- C:\Windows\system32\jscript9.dll
2012-07-11 16:01:21 ----A---- C:\Windows\system32\jscript.dll
2012-07-11 16:01:20 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-07-11 16:01:19 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-07-11 16:01:17 ----A---- C:\Windows\system32\mshtml.dll
2012-07-11 16:01:16 ----A---- C:\Windows\system32\ieframe.dll
2012-07-11 16:01:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-07-11 12:36:42 ----A---- C:\Windows\system32\msxml6.dll
2012-07-11 12:36:42 ----A---- C:\Windows\system32\msxml3.dll
2012-07-11 12:36:41 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-07-11 12:36:40 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-07-11 12:36:40 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-07-11 12:36:40 ----A---- C:\Windows\system32\msxml3r.dll
2012-07-11 12:36:38 ----A---- C:\Windows\system32\shell32.dll
2012-07-11 12:36:32 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-07-11 12:36:28 ----A---- C:\Windows\system32\schannel.dll
2012-07-11 12:36:28 ----A---- C:\Windows\system32\ncrypt.dll
2012-07-11 12:36:28 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-07-11 12:36:28 ----A---- C:\Windows\system32\drivers\cng.sys
2012-07-11 12:36:27 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-07-11 12:36:27 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-07-11 12:36:26 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-07-11 12:36:26 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-07-11 12:36:26 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-07-11 12:36:23 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-07-11 12:36:20 ----A---- C:\Windows\system32\cdosys.dll
2012-06-29 15:51:36 ----D---- C:\wamp
2012-06-24 09:25:10 ----A---- C:\Windows\system32\perfh01B.dat
2012-06-24 09:25:10 ----A---- C:\Windows\system32\perfc01B.dat
2012-06-24 09:24:49 ----D---- C:\Windows\SYSWOW64\BestPractices
2012-06-24 09:24:48 ----D---- C:\Windows\system32\BestPractices
2012-06-24 09:24:48 ----D---- C:\inetpub
2012-06-24 08:44:55 ----A---- C:\Windows\system32\wups2.dll
2012-06-24 08:44:55 ----A---- C:\Windows\system32\wucltux.dll
2012-06-24 08:44:55 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-24 08:44:55 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-24 08:44:37 ----A---- C:\Windows\system32\wups.dll
2012-06-24 08:44:37 ----A---- C:\Windows\system32\wudriver.dll
2012-06-24 08:44:37 ----A---- C:\Windows\system32\wuapi.dll
2012-06-24 08:44:23 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-24 08:44:23 ----A---- C:\Windows\system32\wuapp.exe
2012-06-22 13:13:57 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-06-22 13:13:57 ----A---- C:\Windows\system32\qdvd.dll
2012-06-22 12:54:15 ----D---- C:\ProgramData\InstallMate

======List of files/folders modified in the last 1 month======

2012-07-21 09:37:41 ----D---- C:\Program Files\trend micro
2012-07-21 09:37:39 ----HD---- C:\Windows\Temp
2012-07-21 09:35:11 ----D---- C:\Program Files (x86)
2012-07-21 09:35:10 ----D---- C:\Windows\system32\config
2012-07-21 09:34:11 ----SHD---- C:\Config.Msi
2012-07-20 16:43:46 ----D---- C:\Windows\system32\NDF
2012-07-20 16:34:05 ----SHD---- C:\Windows\Installer
2012-07-20 16:33:53 ----SHD---- C:\System Volume Information
2012-07-20 16:32:42 ----D---- C:\Windows\SoftwareDistribution
2012-07-20 16:31:54 ----D---- C:\Windows
2012-07-20 16:29:54 ----A---- C:\Windows\system32\acovcnt.exe
2012-07-20 16:28:53 ----D---- C:\Windows\System32
2012-07-20 13:16:08 ----D---- C:\Windows\inf
2012-07-20 10:37:25 ----D---- C:\Windows\winsxs
2012-07-20 10:26:23 ----D---- C:\Windows\system32\wfp
2012-07-20 10:26:21 ----D---- C:\Windows\system32\wbem
2012-07-20 10:25:39 ----D---- C:\Windows\Tasks
2012-07-20 10:25:39 ----D---- C:\Windows\SYSWOW64\Fast Boot
2012-07-20 10:25:39 ----D---- C:\Windows\system32\Tasks
2012-07-20 10:25:39 ----D---- C:\Windows\system32\DriverStore
2012-07-20 10:25:38 ----D---- C:\Windows\system32\drivers
2012-07-20 10:25:38 ----D---- C:\Windows\system32\CodeIntegrity
2012-07-20 10:25:37 ----D---- C:\Windows\system32\catroot2
2012-07-20 10:25:37 ----D---- C:\Windows\pss
2012-07-20 10:25:35 ----D---- C:\Users\ASUS\AppData\Roaming\vlc
2012-07-20 10:25:34 ----HD---- C:\ProgramData
2012-07-20 10:25:34 ----D---- C:\ProgramData\P4G
2012-07-20 10:25:32 ----D---- C:\Windows\registration
2012-07-15 11:20:39 ----D---- C:\Windows\ERDNT
2012-07-14 09:45:13 ----A---- C:\Windows\system32\AutoRunFilter.ini
2012-07-13 20:53:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-07-13 15:18:40 ----D---- C:\Windows\SYSWOW64\drivers
2012-07-13 09:40:55 ----D---- C:\Windows\debug
2012-07-12 13:11:42 ----D---- C:\Windows\SysWOW64
2012-07-12 13:11:38 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-07-12 12:34:52 ----A---- C:\Windows\system32\ServiceFilter.ini
2012-07-11 22:42:19 ----D---- C:\Program Files (x86)\Internet Explorer
2012-07-11 22:42:18 ----D---- C:\Windows\SYSWOW64\migration
2012-07-11 22:42:18 ----D---- C:\Windows\system32\migration
2012-07-11 22:42:17 ----D---- C:\Program Files\Internet Explorer
2012-07-11 21:49:51 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-07-11 16:09:02 ----D---- C:\Windows\system32\catroot
2012-07-11 16:08:34 ----D---- C:\ProgramData\Microsoft Help
2012-07-11 16:08:16 ----A---- C:\Windows\win.ini
2012-07-11 16:03:30 ----A---- C:\Windows\system32\MRT.exe
2012-07-01 16:54:27 ----SD---- C:\Users\ASUS\AppData\Roaming\Microsoft
2012-06-28 09:33:17 ----D---- C:\Windows\Microsoft.NET
2012-06-28 09:33:16 ----RSD---- C:\Windows\assembly
2012-06-27 21:19:33 ----D---- C:\Users\ASUS\AppData\Roaming\uTorrent
2012-06-26 16:51:40 ----D---- C:\ProgramData\Skype
2012-06-26 16:51:34 ----D---- C:\Users\ASUS\AppData\Roaming\Skype
2012-06-25 13:53:22 ----RD---- C:\Users
2012-06-25 13:51:47 ----RD---- C:\Program Files
2012-06-25 13:38:14 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-06-25 13:15:29 ----D---- C:\Program Files\Microsoft SQL Server
2012-06-25 07:51:34 ----D---- C:\Windows\system32\sk-SK
2012-06-24 09:24:50 ----D---- C:\Windows\SYSWOW64\inetsrv
2012-06-24 09:24:49 ----D---- C:\Windows\SYSWOW64\en-US
2012-06-24 09:24:49 ----D---- C:\Windows\system32\inetsrv
2012-06-24 09:24:48 ----D---- C:\Windows\system32\en-US

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-01-28 530488]
R1 PStrip64;PStrip64; C:\Windows\system32\drivers\pstrip64.sys [2006-09-30 13008]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2011-04-18 230352]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-09-29 144824]
R2 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-09-29 136584]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-09-29 123200]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-31 270912]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 GGSAFERDriver;GGSAFER Driver; \??\D:\matove\Programi\WinRAR 3.70CZ (Original version)\cs-ko 1.6\GARENA\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2009-11-19 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2009-11-19 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2009-11-19 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2009-11-19 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2009-11-19 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2009-11-19 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2009-11-19 158320]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-15 359552]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-09-29 735960]
R2 FastBootAgent;FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
R2 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
R2 StarWindServiceAE;StarWind AE Service; D:\matove\Programi\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-17 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-29 23296]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-11-13 654848]
S3 fsssvc;Bezpečnosť rodiny v službe Windows Live; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-17 136176]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe [2012-05-13 22016]
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [2012-04-19 9693696]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-17 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#4 Příspěvek od **Rudy** » 21 črc 2012 11:06

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\free-downloads.net
C:\Program Files (x86)\uTorrentControl2
C:\Program Files (x86)\Microsoft\BingBar
C:\Program Files (x86)\SweetIM
C:\Program Files (x86)\DAEMON Tools Toolbar
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3555248299-2386077507-1566747029-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3555248299-2386077507-1566747029-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Users\ASUS\AppData\Local\Facebook\Update

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]

:commands
[Purity]
[Emptytemp]
[Empytflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

.3o. · #5 Příspěvek od **.3o.** » 22 črc 2012 20:52

takze takto spravil som toto co ste mi poradili davam sem log y toho:

All processes killed
========== FILES ==========
File/Folder C:\Program Files (x86)\free-downloads.net not found.
File/Folder C:\Program Files (x86)\uTorrentControl2 not found.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\it-it folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\id-id folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\hu-hu folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\hr-hr folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\hi-in folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\he-il folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\gu-in folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\fr-fr folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\fr-ch folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\fr-ca folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\fr-be folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\fr-145 folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\fi-fi folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\eu-es folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\et-ee folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\es-us folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\es-mx folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\es-es folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\es-cl folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\es-ar folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\es-419 folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\es-001 folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\en-za folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\en-us folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\en-sg folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\en-ph folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\en-nz folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\en-my folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\en-in folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\en-ie folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\en-id folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\en-gb folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\en-ca folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\en-au folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\en-145 folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\en-001 folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\el-gr folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\de-de folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\de-ch folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\de-at folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\da-dk folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\cs-cz folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\ca-es folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\bg-bg folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\ar-sa folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\ar-ploc-sa folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc\ar-145 folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\loc folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\js folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\images\notifications folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\images\buttons folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\images folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\footer folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850\css folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook\7.0.850 folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\facebook folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\zh-tw folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\zh-hk folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\zh-cn folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\vi-vn folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\uk-ua folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\tr-tr folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\th-th folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\te-in folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\ta-in folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\sv-se folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\sr-latn-cs folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\sr-cyrl-cs folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\sl-si folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\sk-sk folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\ru-ru folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\ro-ro folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\pt-pt folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\pt-br folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\pl-pl folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\nl-nl folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\nl-be folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\nb-no folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\ms-my folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\mr-in folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\ml-in folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\lv-lv folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\lt-lt folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\ko-kr folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\kn-in folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\ja-ploc-jp folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\ja-jp folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\it-it folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\id-id folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\hu-hu folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\hr-hr folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\hi-in folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\he-il folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\gu-in folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\fr-fr folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\fr-ch folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\fr-ca folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\fr-be folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\fr-145 folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\fi-fi folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\eu-es folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\et-ee folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\es-us folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\es-mx folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\es-es folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\es-cl folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\es-ar folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\es-419 folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\es-001 folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\en-za folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\en-us folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\en-sg folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\en-ph folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\en-nz folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\en-my folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\en-in folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\en-ie folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\en-id folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\en-gb folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\en-ca folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\en-au folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\en-145 folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\en-001 folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\el-gr folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\de-de folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\de-ch folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\de-at folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\da-dk folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\cs-cz folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\ca-es folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\bg-bg folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\ar-sa folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\ar-ploc-sa folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc\ar-145 folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\loc folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\js folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\images folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\footer folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850\css folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error\7.0.850 folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps\error folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar\apps folder moved successfully.
C:\Program Files (x86)\Microsoft\BingBar folder moved successfully.
File/Folder C:\Program Files (x86)\SweetIM not found.
C:\Program Files (x86)\DAEMON Tools Toolbar\Resources folder moved successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar folder moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3555248299-2386077507-1566747029-1000Core.job moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3555248299-2386077507-1566747029-1000UA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Users\ASUS\AppData\Local\Facebook\Update\Manifest\Initial folder moved successfully.
C:\Users\ASUS\AppData\Local\Facebook\Update\Manifest folder moved successfully.
C:\Users\ASUS\AppData\Local\Facebook\Update\1.2.205.0 folder moved successfully.
C:\Users\ASUS\AppData\Local\Facebook\Update folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecdee021-0d17-467f-a1ff-c7a115230949}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: ASUS
->Temp folder emptied: 1057916 bytes
->Temporary Internet Files folder emptied: 402514 bytes
->Google Chrome cache emptied: 303662359 bytes
->Apple Safari cache emptied: 14336 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 762 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: DefaultAppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 18422 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 38134 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50453 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 291.00 mb

OTM by OldTimer - Version 3.1.21.0 log created on 07222012_103138

Files moved on Reboot...
C:\Users\ASUS\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

a bol by som rad keby ste mi zbezne popisali co co je nech niesom ako dmnt v takychto logoch popripade ak mate niaky navod
log z RSIT asi nebude potrebny pretoze hned nato jak sa doresetol pc sme s bratrancom chytili a preinstalovali windows a zformatovali cely disk...som aj rad pretoze mi ide internet este rychlejsie, mam lepsi win, a hlavne mam cisty pc

este by som sa chcel spytat ktory antivirus je podla vas najlepsi popripade aky pouzivate Vy

#6 Příspěvek od **Rudy** » 22 črc 2012 21:49

Převážně se jednalo o zbytečnosti. Po restartu se stav nezlepšil, nebo proč jste reinstaloval systém?

.3o. · #7 Příspěvek od **.3o.** » 22 črc 2012 22:15

Po restartu mi stale blokovalo tu sietovu kartu ale odstranilo sa par drobnosti iba...no a tych 230mb vymazanych boli vlastne tie zbytocnosti ano? A co ten AV?

.3o. · #8 Příspěvek od **.3o.** » 22 črc 2012 22:17

A na 100% som si isty ze to bol daky rootkyt pretoze problemy kazdym dnom narastali, napr. Sa mi vytvarali cudne priecinky na disku a tak

#9 Příspěvek od **Rudy** » 23 črc 2012 19:06

Možné to je. Na to bychom přišli teprve dalšími testy. RSIT je primární, na jeho základě se pak postupuje k dalším utilitám. Systém bylo nutné ale vyčistit od zbytečností.

.3o. · #10 Příspěvek od **.3o.** » 23 črc 2012 19:58

ahaaa...skontrolujes mi tento log pls? a este by som sa na ten antivirus opytat chcel..ktory je podla teba najlepsi?

Logfile of random's system information tool 1.09 (written by random/random)
Run by ASUS at 2012-07-23 20:57:25
Microsoft Windows 7 Ultimate
System drive C: has 78 GB (78%) free of 100 GB
Total RAM: 4061 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:57:33, on 23. 7. 2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\wamp\wampmanager.exe
C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\ASUS.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.20\AVG Secure Search_toolbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.20\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKCU\..\Run: [Google Update] "C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.3\ViProtocol.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater12.1.3 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.3\ToolbarUpdater.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8939 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /boot
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=87f6da39-0d8a-405d-bca8-987f4ecb356d /coreSdkOptions=286 /logConfFile="C:\ProgramData\AVG2012\temp\63bb5414-96f5-424c-8701-d065a91b6516-158-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.3\ToolbarUpdater.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgemca.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e283c3a4-43f5-4832-b3fe-4c5ad4cacc63 -SystemEventPortName:HostProcess-b271e1a6-d15c-421c-8048-0c29d873a9a5 -IoCancelEventPortName:HostProcess-63ffc82d-46e1-46ad-b202-15055f0271cf -NonStateChangingEventPortName:HostProcess-cfbebc7a-36b4-4cc6-9b2a-d8159113d882 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b967664b-b1a2-46b0-9541-d19d3bbfe48d
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
"C:\wamp\wampmanager.exe"
"c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe" -k runservice
c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe wampmysqld
C:\wamp\bin\apache\apache2.2.22\bin\httpd.exe -d C:/wamp/bin/apache/apache2.2.22
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {2B1D5FC9-3FA7-4612-AFD9-CF805E77A971}
"C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SUGGEST/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight1.0/OmniboxSearchSuggest/0/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="3380.2.1709575700\482070707" /prefetch:3
"C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3380.5.1038571363\2073359301" --ignored=" --type=renderer " /prefetch:12
"C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SUGGEST/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight1.0/OmniboxSearchSuggest/0/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndDynamic/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="3380.9.555807218\460821275" /prefetch:3
"C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SUGGEST/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight1.0/OmniboxSearchSuggest/0/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndDynamic/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="3380.12.1010683728\956785678" /prefetch:3
C:\Windows\system32\rundll32.exe "C:\Users\ASUS\AppData\Local\Google\Chrome\APPLIC~1\200113~1.57\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\ASUS\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll" --lang=sk --channel="3380.13.1536734769\184754408" --flash-broker=4248 /prefetch:4
wmiadap.exe /R /T
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Users\ASUS\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-410267264-3798748311-3344924693-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-410267264-3798748311-3344924693-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll [2012-06-13 1392760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll [2012-06-13 937592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\12.1.0.20\AVG Secure Search_toolbar.dll [2012-07-22 2086496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\12.1.0.20\AVG Secure Search_toolbar.dll [2012-07-22 2086496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-12-20 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-12-20 390680]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-12-20 410136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-22 116648]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-04-05 2587008]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2012-07-22 1147488]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-18 104936]
"P2Go_Menu"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-12-14 268800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-07-23 20:57:26 ----D---- C:\Program Files\trend micro
2012-07-23 20:57:25 ----D---- C:\rsit
2012-07-23 17:10:58 ----D---- C:\wamp
2012-07-23 17:02:44 ----D---- C:\Program Files\Common Files\Intel
2012-07-23 17:02:44 ----D---- C:\Program Files (x86)\Intel
2012-07-23 17:01:30 ----A---- C:\Windows\SYSWOW64\oemdspif.dll
2012-07-23 17:01:29 ----A---- C:\Windows\SYSWOW64\iglhsip32.dll
2012-07-23 17:01:29 ----A---- C:\Windows\SYSWOW64\iglhcp32.dll
2012-07-23 17:01:29 ----A---- C:\Windows\SYSWOW64\igfxdv32.dll
2012-07-23 17:01:29 ----A---- C:\Windows\SYSWOW64\igdumdx32.dll
2012-07-23 17:01:29 ----A---- C:\Windows\system32\iglhsip64.dll
2012-07-23 17:01:29 ----A---- C:\Windows\system32\iglhcp64.dll
2012-07-23 17:01:29 ----A---- C:\Windows\system32\igfxtray.exe
2012-07-23 17:01:29 ----A---- C:\Windows\system32\igfxTMM.dll
2012-07-23 17:01:29 ----A---- C:\Windows\system32\igfxsrvc.exe
2012-07-23 17:01:29 ----A---- C:\Windows\system32\igfxsrvc.dll
2012-07-23 17:01:29 ----A---- C:\Windows\system32\igfxress.dll
2012-07-23 17:01:29 ----A---- C:\Windows\system32\igfxpph.dll
2012-07-23 17:01:29 ----A---- C:\Windows\system32\igfxpers.exe
2012-07-23 17:01:29 ----A---- C:\Windows\system32\igfxext.exe
2012-07-23 17:01:29 ----A---- C:\Windows\system32\igfxexps.dll
2012-07-23 17:01:29 ----A---- C:\Windows\system32\igfxdo.dll
2012-07-23 17:01:29 ----A---- C:\Windows\system32\IGFXDEVLib.dll
2012-07-23 17:01:29 ----A---- C:\Windows\system32\igfxdev.dll
2012-07-23 17:01:29 ----A---- C:\Windows\system32\igfxCoIn_v2021.dll
2012-07-23 17:01:28 ----A---- C:\Windows\SYSWOW64\igd10umd32.dll
2012-07-23 17:01:28 ----A---- C:\Windows\SYSWOW64\ig4icd32.dll
2012-07-23 17:01:28 ----A---- C:\Windows\system32\igdumd64.dll
2012-07-23 17:01:28 ----A---- C:\Windows\system32\ig4icd64.dll
2012-07-23 17:01:28 ----A---- C:\Windows\system32\drivers\igdkmd64.sys
2012-07-23 17:01:27 ----A---- C:\Windows\SYSWOW64\ig4dev32.dll
2012-07-23 17:01:27 ----A---- C:\Windows\system32\ig4dev64.dll
2012-07-23 17:01:27 ----A---- C:\Windows\system32\hkcmd.exe
2012-07-23 17:01:27 ----A---- C:\Windows\system32\hccutils.dll
2012-07-23 17:01:27 ----A---- C:\Windows\system32\GfxUI.exe
2012-07-23 17:01:27 ----A---- C:\Windows\system32\gfxSrvc.dll
2012-07-23 17:01:27 ----A---- C:\Windows\system32\difx64.exe
2012-07-23 11:50:56 ----D---- C:\ProgramData\CyberLink
2012-07-23 11:49:21 ----N---- C:\Windows\SYSWOW64\msvcr71.dll
2012-07-23 11:49:21 ----N---- C:\Windows\SYSWOW64\msvcp71.dll
2012-07-23 11:49:21 ----N---- C:\Windows\SYSWOW64\MFC71u.dll
2012-07-23 11:49:21 ----N---- C:\Windows\SYSWOW64\MFC71.dll
2012-07-23 11:49:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-07-23 11:48:52 ----D---- C:\Program Files (x86)\CyberLink
2012-07-23 11:48:29 ----D---- C:\ProgramData\Temp
2012-07-23 11:30:46 ----D---- C:\Intel
2012-07-22 16:52:53 ----D---- C:\ProgramData\Adobe
2012-07-22 16:52:52 ----D---- C:\Program Files (x86)\Adobe
2012-07-22 13:52:28 ----D---- C:\totalcmd
2012-07-22 13:04:00 ----D---- C:\Users\ASUS\AppData\Roaming\WinRAR
2012-07-22 13:03:57 ----D---- C:\Program Files\WinRAR
2012-07-22 12:52:43 ----D---- C:\Users\ASUS\AppData\Roaming\GHISLER
2012-07-22 12:31:57 ----D---- C:\Users\ASUS\AppData\Roaming\AVG2012
2012-07-22 12:31:08 ----D---- C:\ProgramData\AVG Secure Search
2012-07-22 12:30:59 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2012-07-22 12:30:56 ----D---- C:\Program Files (x86)\AVG Secure Search
2012-07-22 12:29:58 ----D---- C:\Windows\SYSWOW64\drivers\AVG
2012-07-22 12:29:46 ----HD---- C:\$AVG
2012-07-22 12:29:46 ----D---- C:\Windows\system32\drivers\AVG
2012-07-22 12:29:46 ----D---- C:\ProgramData\AVG2012
2012-07-22 12:29:12 ----D---- C:\Program Files (x86)\AVG
2012-07-22 12:25:16 ----D---- C:\Users\ASUS\AppData\Roaming\Macromedia
2012-07-22 12:25:16 ----D---- C:\Users\ASUS\AppData\Roaming\Adobe
2012-07-22 12:23:39 ----D---- C:\Windows\Panther
2012-07-22 12:23:38 ----HD---- C:\ProgramData\Common Files
2012-07-22 12:23:38 ----D---- C:\ProgramData\MFAData
2012-07-22 12:09:31 ----A---- C:\Windows\AutoKMS.ini
2012-07-22 12:02:37 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2012-07-22 12:02:21 ----D---- C:\Windows\PCHEALTH
2012-07-22 12:02:21 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-07-22 12:02:21 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2012-07-22 12:02:21 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-07-22 12:01:12 ----N---- C:\Windows\system32\MpSigStub.exe
2012-07-22 11:59:49 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-07-22 11:59:25 ----D---- C:\Program Files\Microsoft Office
2012-07-22 11:59:15 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2012-07-22 11:59:01 ----D---- C:\ProgramData\Microsoft Help
2012-07-22 11:59:01 ----D---- C:\Program Files (x86)\Microsoft Office
2012-07-22 11:58:56 ----SHD---- C:\Windows\Installer
2012-07-22 11:58:51 ----RHD---- C:\MSOCache
2012-07-22 11:32:29 ----D---- C:\Users\ASUS\AppData\Roaming\Identities
2012-07-22 11:32:05 ----SD---- C:\Users\ASUS\AppData\Roaming\Microsoft
2012-07-22 11:32:05 ----D---- C:\Users\ASUS\AppData\Roaming\Media Center Programs
2012-07-22 11:30:31 ----SHD---- C:\Recovery
2012-07-22 11:27:23 ----D---- C:\Windows\SoftwareDistribution
2012-07-22 11:24:37 ----D---- C:\Windows\Prefetch
2012-07-22 11:24:14 ----ASH---- C:\pagefile.sys
2012-07-22 11:24:13 ----SHD---- C:\System Volume Information
2012-07-22 11:24:13 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 month======

2012-07-23 20:57:26 ----RD---- C:\Program Files
2012-07-23 20:56:03 ----D---- C:\Windows\Temp
2012-07-23 17:09:09 ----D---- C:\Windows\System32
2012-07-23 17:09:09 ----D---- C:\Windows\inf
2012-07-23 17:09:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-07-23 17:04:44 ----D---- C:\Windows
2012-07-23 17:03:53 ----D---- C:\Windows\SysWOW64
2012-07-23 17:02:44 ----RD---- C:\Program Files (x86)
2012-07-23 17:02:44 ----D---- C:\Program Files\Common Files
2012-07-23 17:02:43 ----D---- C:\Program Files (x86)\Common Files
2012-07-23 17:02:41 ----D---- C:\Windows\system32\catroot
2012-07-23 17:02:14 ----D---- C:\Windows\system32\drivers
2012-07-23 17:02:07 ----D---- C:\Windows\system32\catroot2
2012-07-23 17:02:05 ----D---- C:\Windows\system32\DriverStore
2012-07-23 12:07:13 ----D---- C:\Windows\Microsoft.NET
2012-07-23 12:06:52 ----RSD---- C:\Windows\assembly
2012-07-23 11:50:56 ----HD---- C:\ProgramData
2012-07-23 11:41:33 ----D---- C:\Windows\system32\LogFiles
2012-07-22 21:59:04 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-07-22 20:43:13 ----D---- C:\Windows\system32\wdi
2012-07-22 17:03:28 ----D---- C:\Windows\system32\config
2012-07-22 16:53:19 ----D---- C:\Windows\winsxs
2012-07-22 12:31:27 ----D---- C:\Windows\system32\Tasks
2012-07-22 12:29:58 ----D---- C:\Windows\SYSWOW64\drivers
2012-07-22 12:23:09 ----D---- C:\Windows\Setup
2012-07-22 12:03:07 ----RSD---- C:\Windows\Fonts
2012-07-22 12:03:02 ----D---- C:\Windows\ShellNew
2012-07-22 12:02:52 ----D---- C:\Program Files (x86)\MSBuild
2012-07-22 12:02:21 ----SD---- C:\ProgramData\Microsoft
2012-07-22 11:59:22 ----A---- C:\Windows\win.ini
2012-07-22 11:58:37 ----D---- C:\Windows\system32\restore
2012-07-22 11:50:56 ----D---- C:\Windows\system32\CodeIntegrity
2012-07-22 11:46:46 ----D---- C:\Windows\Tasks
2012-07-22 11:32:25 ----SHD---- C:\$Recycle.Bin
2012-07-22 11:32:05 ----RD---- C:\Users
2012-07-22 11:31:08 ----D---- C:\Windows\rescache
2012-07-22 11:30:07 ----D---- C:\Windows\debug
2012-07-22 11:27:41 ----D---- C:\Windows\system32\sysprep
2012-07-22 11:26:48 ----D---- C:\Windows\system32\drivers\UMDF
2012-07-22 11:25:04 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2012-07-22 30568]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-12-14 8034368]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-07-04 5160568]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 vToolbarUpdater12.1.3;vToolbarUpdater12.1.3; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.3\ToolbarUpdater.exe [2012-07-22 830048]
R3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe [2012-05-13 22016]
R3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [2012-04-19 9693696]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

pretoze sa mi zas daco nezda

#11 Příspěvek od **Rudy** » 23 črc 2012 20:48

Tento log vypadá čistý. Osobně používám Aviru: http://www.avira.com/en/avira-free-antivirus . Je free, má solidní detekční schopnost, nízké nároky na syst. prostředky. Nevýhoda - je pouze v AJ.

.3o. · #12 Příspěvek od **.3o.** » 24 črc 2012 07:50

podla teba lepsi aj ako AVG?..ok skusim tento tvoj aj ja

#13 Příspěvek od **Rudy** » 24 črc 2012 19:07

..podla teba lepsi aj ako AVG?

Podle mne určitě.

.3o. · #14 Příspěvek od **.3o.** » 24 črc 2012 22:14

Mam este otazku...kde si sa naucil citat logy?

#15 Příspěvek od **Rudy** » 25 črc 2012 19:09

Základy jsem znal ještě před vstupem na toto fórum (vstoupil jsem sem asi 1/2 rokupo jeho založení) a vše další přinesla praxe.

Softwarový servis není ale pouze čtení logů

VIRY.CZ

virus v sieti?

virus v sieti?

Re: virus v sieti?

Re: virus v sieti?

Re: virus v sieti?

Re: virus v sieti?

Re: virus v sieti?

Re: virus v sieti?

Re: virus v sieti?

Re: virus v sieti?

Re: virus v sieti?

Re: virus v sieti?

Re: virus v sieti?

Re: virus v sieti?

Re: virus v sieti?

Re: virus v sieti?