Pomalý notebook

Zpráva

MaxDJs · #1 Příspěvek od **MaxDJs** » 13 led 2013 17:29

Zdravím,

poslední dobou mám pomalý notebook. Mohl by mi někdo zkontrolovat log ze RSITu? Děkuji předem

Logfile of random's system information tool 1.08 (written by random/random)
Run by Alda at 2013-01-13 17:12:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 3 GB (3%) free of 102 GB
Total RAM: 2038 MB (8% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:13:01, on 13.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ICQ7M\ICQ.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Asus\Eee Docking\Eee Docking.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe
C:\windows\SysWOW64\javaw.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\Alda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\PROGRA~2\Zend\ZENDST~1.1\toolbars\ZENDIE~1.DLL (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\windows\AsScrPro.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files (x86)\ASUS\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files (x86)\ASUS\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files (x86)\ASUS\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files (x86)\ASUS\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [Eee Docking] C:\Program Files (x86)\ASUS\Eee Docking\Eee Docking.exe autorun
O4 - HKLM\..\Run: [OOBESetup] C:\Program Files (x86)\asus\OOBERegBackup\OOBERegBackup.exe /restore -"C:\Program Files (x86)\asus\OOBERegBackup\OOBEReg.ini"
O4 - HKLM\..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Google Update] "C:\Users\Alda\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: hamachi.lnk = C:\Program Files (x86)\Hamachi\hamachi.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: PrivateTunnel.lnk = C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.exe
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zend Studio Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~2\Zend\ZENDST~1.1\toolbars\ZENDIE~1.DLL (file missing)
O9 - Extra 'Tools' menuitem: Zend Studio - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~2\Zend\ZENDST~1.1\toolbars\ZENDIE~1.DLL (file missing)
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apache2.2 - Unknown owner - C:\dev\prog\Apache2.2\bin\httpd.exe (file missing)
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\windows\SysWOW64\AsusService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL51 - Unknown owner - C:\dev\prog\MySQL\MySQL.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: OpenVPN Access Client (OpenVPNAccessClient) - Unknown owner - C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14184 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 27853744
\??\C:\windows\system32\conhost.exe "4122905041013321628-1006984167-384251518-2019721569-1631466408-18117286981999651691
C:\windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\windows\SysWOW64\AsusService.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files\Trend Micro\Titanium\TiMiniService.exe"
"C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
\??\C:\windows\system32\conhost.exe "-1374615079887545250593323380840541717-863029015-1216589298-1334744805-2027438171
WLIDSvcM.exe 1888
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000006a8
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Asus\LiveUpdate\LiveUpdate.exe" auto
"C:\Windows\System32\igfxtray.exe"
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\MagicDisc\MagicDisc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\Asus\Eee Docking\Eee Docking.exe" autorun
"C:\Program Files (x86)\ASUS\HotkeyService\HotKeyMon.exe"
"C:\Program Files (x86)\ASUS\CapsHook\CapsHook.exe"
"C:\Program Files (x86)\ASUS\SHE\SuperHybridEngine.exe"
C:\windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe"
"C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe" -AU_LAUNCH_MODE=1 -AU_DISPLAY_LANG=en_US -AU_LAUNCH_APPID=reader9rdr-MUI
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"taskhost.exe"
"C:\Program Files (x86)\ASUS\HotkeyService\HotkeyService.exe"
"C:\Program Files\GIMP 2\bin\gimp-2.8.exe"
"C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\script-fu.exe" -gimp 5 4 -run 0
javaw -Xms512m -Xmx1024m -Dsun.java2d.noddraw=true -Dsun.java2d.d3d=false -Dsun.java2d.opengl=false -Dsun.java2d.pmoffscreen=false -classpath /C:/Users/Alda/AppData/Local/Temp/e4j27DF.tmp_dir/MinecraftSP.jar net.minecraft.LauncherFrame
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Users\Alda\AppData\Local\Opera\Opera\temporary_downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2391572428-923789495-1877703783-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2391572428-923789495-1877703783-1001UA.job
C:\windows\tasks\SDMsgUpdate (TE).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17 235344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-21 537576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-12-13 6304016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll [2010-09-17 264528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-21 193512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll [2010-09-17 185680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
uTorrentControl_v2 Toolbar - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-30 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-12-13 4527888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17 234832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-30 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7473b6bd-4691-4744-a82b-7854eb3d70b6} - uTorrentControl_v2 Toolbar - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]
{95188727-288F-4581-A48D-EAB3BD027314} - Zend Studio - C:\PROGRA~2\Zend\ZENDST~1.1\toolbars\ZENDIE~1.DLL []
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-19 1886504]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-11-19 92456]
"LiveUpdate"=AsusSender.exe C:\Program Files (x86)\Asus\LiveUpdate\LiveUpdate.exe auto []
"VizorHtmlDialog.exe"=C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [2010-10-08 1123664]
"Trend Micro Client Framework"=C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [2010-10-12 192520]
"Trend Micro Titanium"=C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [2010-10-20 321872]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-11-01 165912]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-11-01 385560]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-11-01 364056]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-08-24 11447912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"ICQ"=C:\Program Files (x86)\ICQ7M\ICQ.exe [2012-09-23 127040]
"Google Update"=C:\Users\Alda\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-01 116648]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUS Screen Saver Protector"=C:\windows\AsScrPro.exe [2011-04-29 3058304]
"UCam_Menu"=C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
"HotkeyMon"=AsusSender.exe C:\Program Files (x86)\ASUS\HotkeyService\HotKeyMon.exe []
"HotkeyService"=AsusSender.exe C:\Program Files (x86)\ASUS\HotkeyService\HotkeyService.exe []
"SuperHybridEngine"=AsusSender.exe C:\Program Files (x86)\ASUS\SHE\SuperHybridEngine.exe []
"CapsHook"=AsusSender.exe C:\Program Files (x86)\ASUS\CapsHook\CapsHook.exe []
"Eee Docking"=C:\Program Files (x86)\ASUS\Eee Docking\Eee Docking.exe [2011-01-06 414384]
"OOBESetup"=C:\Program Files (x86)\asus\OOBERegBackup\OOBERegBackup.exe [2011-01-04 345088]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-04-29 2018032]
"SafeQ Client"=C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2010-03-31 249856]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [2011-07-29 737104]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2012-12-11 384800]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PrivateTunnel.lnk - C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.exe

C:\Users\Alda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
hamachi.lnk - C:\Program Files (x86)\Hamachi\hamachi.exe
MagicDisc.lnk - C:\Program Files (x86)\MagicDisc\MagicDisc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-10-24 261120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-01-13 17:12:29 ----D---- C:\rsit
2013-01-13 11:26:52 ----D---- C:\Users\Alda\AppData\Roaming\HomeSheepHome2
2013-01-13 11:16:34 ----D---- C:\Program Files (x86)\Home Sheep Home 2
2013-01-12 01:27:12 ----D---- C:\Users\Alda\AppData\Roaming\FunnyGames
2013-01-09 12:48:53 ----A---- C:\windows\SYSWOW64\win32spl.dll
2013-01-09 12:48:53 ----A---- C:\windows\system32\win32spl.dll
2013-01-09 12:48:20 ----A---- C:\windows\system32\msxml6.dll
2013-01-09 12:48:19 ----A---- C:\windows\system32\msxml3.dll
2013-01-09 12:48:18 ----A---- C:\windows\SYSWOW64\msxml6.dll
2013-01-09 12:48:18 ----A---- C:\windows\SYSWOW64\msxml3.dll
2013-01-09 12:48:15 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2013-01-09 12:48:15 ----A---- C:\windows\system32\ncrypt.dll
2013-01-09 12:48:13 ----A---- C:\windows\SYSWOW64\usp10.dll
2013-01-09 12:48:13 ----A---- C:\windows\system32\usp10.dll
2013-01-09 12:48:00 ----A---- C:\windows\system32\Wpc.dll
2013-01-09 12:47:59 ----A---- C:\windows\SYSWOW64\Wpc.dll
2013-01-09 12:47:59 ----A---- C:\windows\SYSWOW64\gameux.dll
2013-01-09 12:47:59 ----A---- C:\windows\system32\gameux.dll
2013-01-09 12:46:12 ----A---- C:\windows\system32\KernelBase.dll
2013-01-09 12:46:10 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2013-01-09 12:46:10 ----A---- C:\windows\system32\kernel32.dll
2013-01-09 12:46:09 ----A---- C:\windows\SYSWOW64\kernel32.dll
2013-01-09 12:46:08 ----A---- C:\windows\SYSWOW64\wow32.dll
2013-01-09 12:46:08 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2013-01-09 12:46:08 ----A---- C:\windows\system32\wow64win.dll
2013-01-09 12:46:08 ----A---- C:\windows\system32\wow64cpu.dll
2013-01-09 12:46:08 ----A---- C:\windows\system32\wow64.dll
2013-01-09 12:46:08 ----A---- C:\windows\system32\winsrv.dll
2013-01-09 12:46:08 ----A---- C:\windows\system32\ntvdm64.dll
2013-01-09 12:46:08 ----A---- C:\windows\system32\conhost.exe
2013-01-09 12:46:07 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 12:46:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-09 12:46:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 12:46:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 12:46:06 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 12:46:06 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 12:46:06 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 12:46:06 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 12:46:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 12:46:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 12:46:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-09 12:46:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 12:46:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 12:46:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 12:46:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 12:46:05 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 12:46:05 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 12:46:05 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 12:46:05 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 12:46:05 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 12:46:05 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 12:46:05 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 12:46:05 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 12:46:05 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 12:46:04 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 12:46:03 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-09 12:46:03 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 12:46:03 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-09 12:46:03 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 12:46:03 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 12:46:03 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 12:46:03 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 12:46:03 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 12:46:03 ----A---- C:\windows\SYSWOW64\setup16.exe
2013-01-09 12:46:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 12:46:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-09 12:46:02 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 12:46:02 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 12:46:02 ----A---- C:\windows\SYSWOW64\instnm.exe
2013-01-09 12:46:01 ----A---- C:\windows\SYSWOW64\user.exe
2013-01-09 12:44:29 ----A---- C:\windows\system32\taskhost.exe
2013-01-09 12:44:27 ----A---- C:\windows\system32\win32k.sys
2013-01-07 10:20:08 ----A---- C:\windows\system32\drivers\tap0901.sys
2013-01-07 10:20:07 ----D---- C:\Program Files\n2n Gui
2013-01-07 08:58:13 ----D---- C:\Users\Alda\AppData\Roaming\TS3Client
2013-01-07 08:56:19 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client
2013-01-07 01:31:36 ----D---- C:\Program Files (x86)\OpenVPN
2013-01-07 01:11:41 ----D---- C:\Users\Alda\AppData\Roaming\PrivateTunnel
2013-01-07 01:10:22 ----D---- C:\Program Files (x86)\OpenVPN Technologies
2013-01-06 00:21:58 ----D---- C:\ProgramData\AVS4YOU
2013-01-06 00:21:19 ----D---- C:\Users\Alda\AppData\Roaming\AVS4YOU
2013-01-06 00:14:43 ----A---- C:\windows\SYSWOW64\libmfxsw32.dll
2013-01-06 00:14:15 ----A---- C:\windows\SYSWOW64\GdiPlus.dll
2013-01-06 00:14:14 ----A---- C:\windows\SYSWOW64\msxml3a.dll
2013-01-06 00:14:12 ----D---- C:\Program Files (x86)\AVS4YOU
2013-01-05 16:32:04 ----D---- C:\Users\Alda\AppData\Roaming\Publish Providers
2013-01-04 16:43:31 ----D---- C:\windows\rescache
2012-12-26 00:50:42 ----D---- C:\Users\Alda\AppData\Roaming\Greyfirst
2012-12-26 00:46:35 ----D---- C:\Program Files (x86)\Celtx
2012-12-23 10:30:19 ----D---- C:\Users\Alda\AppData\Roaming\CorsixTH
2012-12-23 10:30:18 ----D---- C:\Program Files\CorsixTH
2012-12-22 17:58:39 ----D---- C:\Users\Alda\AppData\Roaming\xm1
2012-12-22 17:54:11 ----D---- C:\Program Files (x86)\Texmaker
2012-12-22 12:54:25 ----D---- C:\Users\Alda\AppData\Roaming\MiKTeX
2012-12-22 12:44:37 ----D---- C:\ProgramData\MiKTeX
2012-12-22 12:36:45 ----D---- C:\Program Files (x86)\MiKTeX 2.9
2012-12-22 04:22:10 ----A---- C:\windows\SYSWOW64\atmlib.dll
2012-12-22 04:22:10 ----A---- C:\windows\system32\atmlib.dll
2012-12-22 04:22:09 ----A---- C:\windows\system32\atmfd.dll
2012-12-22 04:22:08 ----A---- C:\windows\SYSWOW64\atmfd.dll
2012-12-20 20:55:37 ----D---- C:\Program Files (x86)\IDOS
2012-12-19 00:50:59 ----D---- C:\Users\Alda\AppData\Roaming\Activision
2012-12-19 00:50:59 ----D---- C:\ProgramData\Activision
2012-12-19 00:38:11 ----A---- C:\windows\SYSWOW64\XAudio2_1.dll
2012-12-19 00:38:11 ----A---- C:\windows\SYSWOW64\XAPOFX1_0.dll
2012-12-19 00:38:11 ----A---- C:\windows\system32\XAudio2_1.dll
2012-12-19 00:38:11 ----A---- C:\windows\system32\XAPOFX1_0.dll
2012-12-19 00:38:09 ----A---- C:\windows\SYSWOW64\xactengine3_1.dll
2012-12-19 00:38:09 ----A---- C:\windows\system32\xactengine3_1.dll
2012-12-19 00:38:07 ----A---- C:\windows\SYSWOW64\X3DAudio1_4.dll
2012-12-19 00:38:07 ----A---- C:\windows\system32\X3DAudio1_4.dll
2012-12-19 00:38:06 ----A---- C:\windows\SYSWOW64\d3dx10_38.dll
2012-12-19 00:38:06 ----A---- C:\windows\SYSWOW64\D3DCompiler_38.dll
2012-12-19 00:38:06 ----A---- C:\windows\system32\d3dx10_38.dll
2012-12-19 00:38:06 ----A---- C:\windows\system32\D3DCompiler_38.dll
2012-12-19 00:38:04 ----A---- C:\windows\SYSWOW64\D3DX9_38.dll
2012-12-19 00:38:04 ----A---- C:\windows\system32\D3DX9_38.dll
2012-12-19 00:38:02 ----A---- C:\windows\SYSWOW64\XAudio2_0.dll
2012-12-19 00:38:02 ----A---- C:\windows\system32\XAudio2_0.dll
2012-12-19 00:38:00 ----A---- C:\windows\SYSWOW64\xactengine3_0.dll
2012-12-19 00:38:00 ----A---- C:\windows\system32\xactengine3_0.dll
2012-12-19 00:37:59 ----A---- C:\windows\SYSWOW64\X3DAudio1_3.dll
2012-12-19 00:37:59 ----A---- C:\windows\system32\X3DAudio1_3.dll
2012-12-19 00:37:58 ----A---- C:\windows\SYSWOW64\d3dx10_37.dll
2012-12-19 00:37:58 ----A---- C:\windows\SYSWOW64\D3DCompiler_37.dll
2012-12-19 00:37:58 ----A---- C:\windows\system32\d3dx10_37.dll
2012-12-19 00:37:58 ----A---- C:\windows\system32\D3DCompiler_37.dll
2012-12-19 00:37:56 ----A---- C:\windows\SYSWOW64\D3DX9_37.dll
2012-12-19 00:37:56 ----A---- C:\windows\system32\D3DX9_37.dll
2012-12-19 00:37:54 ----A---- C:\windows\SYSWOW64\xactengine2_10.dll
2012-12-19 00:37:54 ----A---- C:\windows\system32\xactengine2_10.dll
2012-12-19 00:37:51 ----A---- C:\windows\SYSWOW64\d3dx10_36.dll
2012-12-19 00:37:51 ----A---- C:\windows\SYSWOW64\D3DCompiler_36.dll
2012-12-19 00:37:51 ----A---- C:\windows\system32\d3dx10_36.dll
2012-12-19 00:37:51 ----A---- C:\windows\system32\D3DCompiler_36.dll
2012-12-19 00:37:49 ----A---- C:\windows\SYSWOW64\d3dx9_36.dll
2012-12-19 00:37:49 ----A---- C:\windows\system32\d3dx9_36.dll
2012-12-19 00:37:46 ----A---- C:\windows\SYSWOW64\xactengine2_9.dll
2012-12-19 00:37:46 ----A---- C:\windows\system32\xactengine2_9.dll
2012-12-19 00:37:44 ----A---- C:\windows\SYSWOW64\d3dx10_35.dll
2012-12-19 00:37:44 ----A---- C:\windows\SYSWOW64\D3DCompiler_35.dll
2012-12-19 00:37:44 ----A---- C:\windows\system32\d3dx10_35.dll
2012-12-19 00:37:44 ----A---- C:\windows\system32\D3DCompiler_35.dll
2012-12-19 00:37:43 ----A---- C:\windows\SYSWOW64\d3dx9_35.dll
2012-12-19 00:37:43 ----A---- C:\windows\system32\d3dx9_35.dll
2012-12-19 00:37:41 ----A---- C:\windows\SYSWOW64\xactengine2_8.dll
2012-12-19 00:37:41 ----A---- C:\windows\SYSWOW64\X3DAudio1_2.dll
2012-12-19 00:37:41 ----A---- C:\windows\system32\xactengine2_8.dll
2012-12-19 00:37:41 ----A---- C:\windows\system32\X3DAudio1_2.dll
2012-12-19 00:37:39 ----A---- C:\windows\SYSWOW64\d3dx10_34.dll
2012-12-19 00:37:39 ----A---- C:\windows\SYSWOW64\D3DCompiler_34.dll
2012-12-19 00:37:39 ----A---- C:\windows\system32\d3dx10_34.dll
2012-12-19 00:37:39 ----A---- C:\windows\system32\D3DCompiler_34.dll
2012-12-19 00:37:37 ----A---- C:\windows\SYSWOW64\d3dx9_34.dll
2012-12-19 00:37:37 ----A---- C:\windows\system32\d3dx9_34.dll
2012-12-19 00:37:36 ----A---- C:\windows\system32\xinput1_3.dll
2012-12-19 00:37:34 ----A---- C:\windows\SYSWOW64\xactengine2_7.dll
2012-12-19 00:37:34 ----A---- C:\windows\system32\xactengine2_7.dll
2012-12-19 00:37:32 ----A---- C:\windows\system32\d3dx10_33.dll
2012-12-19 00:37:32 ----A---- C:\windows\system32\D3DCompiler_33.dll
2012-12-19 00:37:30 ----A---- C:\windows\system32\d3dx9_33.dll
2012-12-19 00:37:28 ----A---- C:\windows\SYSWOW64\xactengine2_6.dll
2012-12-19 00:37:28 ----A---- C:\windows\system32\xactengine2_6.dll
2012-12-19 00:37:26 ----A---- C:\windows\SYSWOW64\xactengine2_5.dll
2012-12-19 00:37:26 ----A---- C:\windows\system32\xactengine2_5.dll
2012-12-19 00:37:25 ----A---- C:\windows\SYSWOW64\d3dx10.dll
2012-12-19 00:37:25 ----A---- C:\windows\system32\d3dx10.dll
2012-12-19 00:37:21 ----A---- C:\windows\SYSWOW64\xactengine2_4.dll
2012-12-19 00:37:21 ----A---- C:\windows\SYSWOW64\x3daudio1_1.dll
2012-12-19 00:37:21 ----A---- C:\windows\system32\xactengine2_4.dll
2012-12-19 00:37:21 ----A---- C:\windows\system32\x3daudio1_1.dll
2012-12-19 00:37:19 ----A---- C:\windows\SYSWOW64\d3dx9_31.dll
2012-12-19 00:37:19 ----A---- C:\windows\system32\d3dx9_31.dll
2012-12-19 00:37:17 ----A---- C:\windows\SYSWOW64\xactengine2_3.dll
2012-12-19 00:37:17 ----A---- C:\windows\system32\xactengine2_3.dll
2012-12-19 00:37:16 ----A---- C:\windows\SYSWOW64\xinput1_2.dll
2012-12-19 00:37:16 ----A---- C:\windows\system32\xinput1_2.dll
2012-12-19 00:35:47 ----A---- C:\windows\SYSWOW64\xinput1_3.dll
2012-12-19 00:35:46 ----A---- C:\windows\SYSWOW64\d3dx10_33.dll
2012-12-19 00:35:46 ----A---- C:\windows\SYSWOW64\D3DCompiler_33.dll
2012-12-19 00:35:45 ----A---- C:\windows\SYSWOW64\d3dx9_33.dll
2012-12-19 00:35:25 ----D---- C:\windows\SYSWOW64\xlive
2012-12-18 23:57:29 ----D---- C:\Program Files (x86)\Activision
2012-12-14 22:43:11 ----D---- C:\Program Files (x86)\Mozilla Thunderbird

======List of files/folders modified in the last 1 months======

2013-01-13 17:13:01 ----D---- C:\Program Files\Trend Micro
2013-01-13 17:12:42 ----D---- C:\windows\Temp
2013-01-13 16:51:20 ----D---- C:\Users\Alda\AppData\Roaming\.minecraft
2013-01-13 16:40:09 ----D---- C:\Users\Alda\AppData\Roaming\Skype
2013-01-13 16:39:20 ----D---- C:\windows\tracing
2013-01-13 15:42:16 ----D---- C:\Users\Alda\AppData\Roaming\uTorrent
2013-01-13 11:17:26 ----D---- C:\windows\system32\config
2013-01-13 11:16:34 ----RD---- C:\Program Files (x86)
2013-01-12 14:50:43 ----D---- C:\windows\Microsoft.NET
2013-01-12 14:50:35 ----RSD---- C:\windows\assembly
2013-01-11 17:14:29 ----D---- C:\Users\Alda\AppData\Roaming\vlc
2013-01-10 13:14:36 ----SHD---- C:\System Volume Information
2013-01-10 13:08:01 ----D---- C:\Users\Alda\AppData\Roaming\ICQ
2013-01-10 13:07:31 ----D---- C:\Users\Alda\AppData\Roaming\Hamachi
2013-01-10 13:05:46 ----D---- C:\windows\winsxs
2013-01-10 13:05:01 ----D---- C:\ProgramData\NVIDIA
2013-01-10 13:02:53 ----D---- C:\windows\SysWOW64
2013-01-10 13:02:53 ----D---- C:\windows\System32
2013-01-10 13:02:46 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-01-10 13:02:45 ----D---- C:\windows\system32\cs-CZ
2013-01-10 13:02:33 ----D---- C:\windows\AppPatch
2013-01-10 03:31:47 ----SHD---- C:\windows\Installer
2013-01-10 03:31:46 ----SHD---- C:\Config.Msi
2013-01-10 03:17:12 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-01-10 03:17:11 ----D---- C:\windows\inf
2013-01-10 03:06:37 ----A---- C:\windows\system32\MRT.exe
2013-01-09 12:44:10 ----D---- C:\windows\system32\catroot2
2013-01-09 12:44:10 ----D---- C:\windows\system32\catroot
2013-01-08 23:23:37 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-01-08 20:37:23 ----D---- C:\Windows
2013-01-07 10:24:06 ----AD---- C:\windows\system32\drivers
2013-01-07 10:23:48 ----D---- C:\windows\system32\DriverStore
2013-01-07 10:20:07 ----RD---- C:\Program Files
2013-01-07 08:12:39 ----D---- C:\MC10demo
2013-01-06 05:05:05 ----SD---- C:\Users\Alda\AppData\Roaming\Microsoft
2013-01-06 00:21:58 ----HD---- C:\ProgramData
2013-01-06 00:15:50 ----RSD---- C:\windows\Fonts
2013-01-06 00:14:32 ----D---- C:\Program Files (x86)\Common Files
2013-01-05 16:32:24 ----D---- C:\Users\Alda\AppData\Roaming\NVIDIA
2013-01-04 06:31:18 ----D---- C:\Users\Alda\AppData\Roaming\Microchip
2013-01-01 22:59:17 ----D---- C:\ProgramData\TrackMania
2012-12-27 17:12:49 ----D---- C:\windows\Prefetch
2012-12-27 17:09:54 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-12-27 17:09:53 ----D---- C:\Program Files\Windows Sidebar
2012-12-27 17:09:53 ----D---- C:\Program Files\Windows Mail
2012-12-27 17:09:53 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-12-27 17:09:53 ----D---- C:\Program Files (x86)\Windows Media Player
2012-12-27 17:09:53 ----D---- C:\Program Files (x86)\Windows Mail
2012-12-27 17:09:53 ----D---- C:\Program Files (x86)\Windows Defender
2012-12-27 17:09:52 ----D---- C:\Program Files\Windows Media Player
2012-12-27 17:09:52 ----D---- C:\Program Files\Windows Journal
2012-12-27 17:09:51 ----D---- C:\windows\servicing
2012-12-27 17:09:51 ----D---- C:\Program Files\Windows Photo Viewer
2012-12-27 17:09:51 ----D---- C:\Program Files\Windows Defender
2012-12-27 17:09:51 ----D---- C:\Program Files\Common Files\System
2012-12-27 17:09:50 ----D---- C:\windows\SYSWOW64\winrm
2012-12-27 17:09:50 ----D---- C:\windows\SYSWOW64\slmgr
2012-12-27 17:09:50 ----D---- C:\windows\SYSWOW64\sk-SK
2012-12-27 17:09:50 ----D---- C:\windows\SYSWOW64\migwiz
2012-12-27 17:09:50 ----D---- C:\windows\SYSWOW64\en
2012-12-27 17:09:50 ----D---- C:\windows\ehome
2012-12-27 17:09:42 ----D---- C:\windows\SYSWOW64\en-US
2012-12-27 17:09:42 ----D---- C:\windows\SYSWOW64\drivers\en-US
2012-12-27 17:09:42 ----D---- C:\windows\SYSWOW64\drivers
2012-12-27 17:09:33 ----D---- C:\windows\SYSWOW64\WCN
2012-12-27 17:09:33 ----D---- C:\windows\SYSWOW64\Printing_Admin_Scripts
2012-12-27 17:09:33 ----D---- C:\windows\SYSWOW64\DriverStore
2012-12-27 17:09:33 ----D---- C:\windows\SYSWOW64\Dism
2012-12-27 17:09:32 ----D---- C:\windows\en-US
2012-12-27 17:09:31 ----D---- C:\windows\system32\winrm
2012-12-27 17:09:31 ----D---- C:\windows\system32\sysprep
2012-12-27 17:09:31 ----D---- C:\windows\system32\slmgr
2012-12-27 17:09:31 ----D---- C:\windows\system32\sk-SK
2012-12-27 17:09:31 ----D---- C:\windows\system32\oobe
2012-12-27 17:09:31 ----D---- C:\windows\system32\migwiz
2012-12-27 17:09:31 ----D---- C:\windows\system32\en
2012-12-27 17:09:31 ----D---- C:\windows\system32\Boot
2012-12-27 17:09:22 ----D---- C:\windows\system32\en-US
2012-12-27 17:09:13 ----D---- C:\windows\system32\drivers\en-US
2012-12-27 17:09:12 ----D---- C:\windows\system32\WCN
2012-12-27 17:09:12 ----D---- C:\windows\system32\Dism
2012-12-27 17:09:07 ----D---- C:\windows\system32\Printing_Admin_Scripts
2012-12-27 17:08:25 ----D---- C:\windows\SYSWOW64\XPSViewer
2012-12-27 17:08:25 ----D---- C:\windows\SYSWOW64\MUI
2012-12-27 17:08:25 ----D---- C:\windows\SYSWOW64\migration
2012-12-27 17:08:24 ----D---- C:\windows\SYSWOW64\pl-PL
2012-12-27 17:08:03 ----D---- C:\windows\SYSWOW64\com
2012-12-27 17:08:03 ----D---- C:\windows\IME
2012-12-27 17:08:00 ----D---- C:\windows\system32\migration
2012-12-27 17:07:59 ----D---- C:\windows\system32\MUI
2012-12-27 17:07:59 ----D---- C:\windows\system32\drivers\UMDF
2012-12-27 17:07:53 ----D---- C:\windows\system32\pl-PL
2012-12-27 17:07:24 ----D---- C:\windows\system32\com
2012-12-27 17:07:15 ----D---- C:\windows\SYSWOW64\hu-HU
2012-12-27 17:07:14 ----D---- C:\windows\system32\hu-HU
2012-12-27 17:07:07 ----D---- C:\windows\Speech
2012-12-26 23:12:22 ----AD---- C:\ProgramData\Temp
2012-12-23 09:23:00 ----D---- C:\Program Files (x86)\Opera
2012-12-23 09:16:57 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-12-21 10:38:04 ----D---- C:\Program Files (x86)\Mozilla Thunderbird.bak
2012-12-20 18:30:05 ----D---- C:\windows\system32\NDF
2012-12-19 00:34:19 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-12-18 22:11:39 ----D---- C:\ProgramData\Skype
2012-12-14 07:55:27 ----D---- C:\Program Files (x86)\Internet Explorer
2012-12-14 07:55:24 ----D---- C:\Program Files\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\drivers\iaStor.sys [2010-06-08 540696]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 AsIO;AsIO; C:\windows\SysWow64\drivers\AsIO.sys [2010-06-28 13440]
R1 AsUpIO;AsUpIO; C:\windows\SysWow64\drivers\AsUpIO.sys [2010-08-03 14464]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2012-12-11 129216]
R1 avkmgr;avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [2012-09-24 27800]
R1 tmactmon;tmactmon; C:\windows\system32\DRIVERS\tmactmon.sys [2010-09-17 90704]
R1 tmcomm;tmcomm; C:\windows\system32\DRIVERS\tmcomm.sys [2010-09-17 144464]
R1 tmevtmgr;tmevtmgr; C:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2012-12-11 99912]
R2 NPF;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2009-10-20 47632]
R2 tmtdi;Trend Micro TDI Driver; C:\windows\system32\DRIVERS\tmtdi.sys [2010-09-17 105552]
R2 XilinxPC4Driver;XilinxPC4Driver; C:\windows\System32\drivers\xpc4drvr.sys [2012-07-10 27384]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2010-05-08 3063360]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\windows\system32\drivers\btwampfl.sys [2010-05-21 341032]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-05-21 102440]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2010-05-21 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-05-21 39464]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-05-21 21544]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-10-24 6180480]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-08-24 2472680]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-07-29 76912]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-11-19 299568]
R3 tap0901;TAP-Win32 Adapter V9; C:\windows\system32\DRIVERS\tap0901.sys [2010-08-20 30720]
R3 tapoas;TAP-Win32 Adapter OAS; C:\windows\system32\DRIVERS\tapoas.sys [2012-07-15 30720]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinDriver6;WinDriver6; C:\windows\system32\drivers\windrvr6.sys [2012-07-10 254976]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2012-09-12 57856]
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2012-12-08 33344]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista; C:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys []
S4 DETECT PS2: ;DETECT PS2: ; \??\C:\Program Files (x86)\ASUS\LiveUpdate\DetectSys.sys [2010-05-27 6144]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-12-11 109344]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-11 85280]
R2 AsusService;Asus Launcher Service; C:\windows\SysWOW64\AsusService.exe [2010-12-07 224680]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-05-21 947488]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2012-10-02 891240]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-11-29 3463080]
R2 TiMiniService;TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
S2 Apache2.2;Apache2.2; C:\dev\prog\Apache2.2\bin\httpd.exe -k runservice []
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 MySQL51;MySQL51; C:\dev\prog\MySQL\MySQL Server 5.1\bin\mysqld --defaults-file=C:\dev\prog\MySQL\MySQL Server 5.1\my.ini MySQL51 []
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-08 1258856]
S2 OpenVPNAccessClient;OpenVPN Access Client; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe [2012-10-12 24064]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-08 251400]
S3 Amsp;Trend Micro Solution Platform; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2010-09-17 267480]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-12-14 115168]
S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2011-07-01 14848]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe [2012-05-13 18432]
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [2012-04-19 8177664]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-09-23 1255736]

-----------------EOF-----------------

MaxDJs · #2 Příspěvek od **MaxDJs** » 13 led 2013 17:30

info.txt logfile of random's system information tool 1.08 2013-01-13 17:14:24

======Uninstall list======

µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 11 ActiveX-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_Plugin.exe -maintain plugin
Adobe Reader 9.1 MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-A91000000001}
Aktualizace NVIDIA 1.10.8-->"C:\windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL",UninstallPackage Display.Update
Asmedia ASM104x USB 3.0 Host Controller Driver-->MsiExec.exe /X{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}
ASUS WebStorage-->C:\Program Files (x86)\ASUS\ASUS WebStorage\uninst.exe
ASUSUpdate for Eee PC-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0x9
AsusVibe2.0-->C:\Program Files (x86)\Asus\AsusVibe\unins000.exe
Atheros Client Installation Program-->C:\Program Files (x86)\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x0009 -removeonly
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0009 -removeonly
Avira Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE
AVS Screen Capture version 2.0.2-->"C:\Program Files (x86)\AVS4YOU\AVSScreenCapture\unins000.exe"
AVS Update Manager 1.0-->"C:\Program Files (x86)\AVS4YOU\AVSUpdateManager\unins000.exe"
AVS Video Editor 6-->"C:\Program Files (x86)\AVS4YOU\AVSVideoEditor\unins000.exe"
AVS Video Recorder 2.5-->"C:\Program Files (x86)\AVS4YOU\AVSVideoRecorder\unins000.exe"
AVS4YOU Software Navigator 1.4-->"C:\Program Files (x86)\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
BatteryBar (remove only)-->"C:\Program Files\BatteryBar\Uninstall.exe"
Bing Bar-->MsiExec.exe /X{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Broadcom Wireless Network Adapter-->C:\Program Files (x86)\InstallShield Installation Information\{4FCBCF89-1823-4D97-A6F2-0E8DD66E273A}\setup.exe -runfromtemp -l0x0009 -removeonly
bwin Poker 1.0.0-->"C:\bwinPoker\unins000.exe"
CapsHook-->"C:\Program Files (x86)\InstallShield Installation Information\{4B5092B6-F231-4D18-83BC-2618B729CA45}\setup.exe" -runfromtemp -l0x0409 -removeonly
Celtx (2.9.7)-->C:\Program Files (x86)\Celtx\uninstall\helper.exe
CorsixTH 0.11-->C:\Program Files\CorsixTH\Uninstall.exe
CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Digilent Software-->"C:\Program Files (x86)\Digilent\uninstall.exe"
Eee Docking 3.8.3-->"C:\Program Files (x86)\ASUS\Eee Docking\unins000.exe"
ffdshow [rev 3154] [2009-12-09]-->"C:\Program Files (x86)\ffdshow\unins000.exe"
FontResizer-->"C:\Program Files (x86)\InstallShield Installation Information\{17780F99-A9DF-450B-81B3-6781B20A17A8}\setup.exe" -runfromtemp -l0x0409 -removeonly
FontResizer-->MsiExec.exe /X{17780F99-A9DF-450B-81B3-6781B20A17A8}
Fotogaléria-->MsiExec.exe /X{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}
Fotogalerie-->MsiExec.exe /X{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}
Fotótár-->MsiExec.exe /X{E50E3DBC-46AA-4827-B2A6-F995D81DF526}
Foxit PDF Editor-->C:\Program Files\Foxit Software\PDF Editor\uninstall.exe
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
Galeria fotografii-->MsiExec.exe /X{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}
Game Park Console-->"C:\Program Files (x86)\Asus\Game Park\GameConsole\unins000.exe"
GIMP 2.8.2-->"C:\Program Files\GIMP 2\uninst\unins000.exe"
GlassFish Server Open Source Edition 3.1.2.2-->"C:\Program Files\glassfish-3.1.2.2\uninstall.exe"
GPL Ghostscript-->"C:\Program Files (x86)\gs\gs9.06\uninstgs.exe"
GTA San Andreas HD 1.00-->C:\Program Files (x86)\GTA San Andreas HD\Uninstall.exe
Hamachi 1.0.2.5-->C:\Program Files (x86)\Hamachi\uninstall.exe
Hotkey Service-->"C:\Program Files (x86)\InstallShield Installation Information\{71C0E38E-09F2-4386-9977-404D4F6640CD}\setup.exe" -runfromtemp -l0x0409 -removeonly
Chicken Invaders 2-->"C:\Program Files (x86)\Asus\Game Park\Chicken Invaders 2\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Chicken Invaders 2\install.log"
ICQ7M-->"C:\Program Files (x86)\InstallShield Installation Information\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
IDA Pro Free v5.0-->"C:\Program Files (x86)\IDA Free\unins000.exe"
InstantOn-->MsiExec.exe /I{749F674B-2674-47E8-879C-5626A06B2A91}
Intel(R) Graphics Media Accelerator Driver-->C:\windows\SysWOW64\igxpun.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Java 7 Update 7 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86417007FF}
Java 7 Update 7-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217007FF}
Java SE Development Kit 7 Update 7 (64-bit)-->MsiExec.exe /I{64A3A4F4-B792-11D6-A78A-00B0D0170070}
Junk Mail filter update-->MsiExec.exe /I{400C31E4-796F-4E86-8FDC-C3C4FACC6847}
Karnaugh Map Minimizer 0.4-->C:\Program Files (x86)\Karnaugh Map Minimizer\uninst.exe
Karnaugh Minimizer 2.0-->C:\Program Files (x86)\ShurikSoft\Karnaugh Minimizer\uninst.exe
LiveUpdate-->MsiExec.exe /I{38E5A3B1-ADF1-47E0-8024-76310A30EB36}
Mafia Game-->C:\windows\system32\MafiaSetup.exe
MagicDisc 2.7.106-->C:\PROGRA~2\MAGICD~1\UNWISE.EXE C:\PROGRA~2\MAGICD~1\INSTALL.LOG
Maple 9.5-->"C:\Program Files (x86)\Maple 9.5\Uninstall_Maple 9.5\Uninstall Maple 9.5.exe"
Mathematica Extras 8.0 (2063897)-->"C:\ProgramData\Mathematica\Applications\Extras\UninstallFiles\Windows\unins000.exe"
Micro-Cap 10 Evaluation-->"C:\Program Files (x86)\InstallShield Installation Information\{D9EB0916-F277-4C54-830A-772833FD20A4}\setup.exe" -runfromtemp -l0x0409 -uninst -removeonly
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
MiKTeX 2.9-->"C:\Program Files (x86)\MiKTeX 2.9\miktex/bin/internal\copystart_admin.exe" "C:\Program Files (x86)\MiKTeX 2.9\miktex/bin/internal\uninstall_admin.exe"
Movie Maker-->MsiExec.exe /X{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}
Movie Maker-->MsiExec.exe /X{5BABDA39-61CF-41EE-992D-4054B6649A9B}
Movie Maker-->MsiExec.exe /X{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}
Movie Maker-->MsiExec.exe /X{A035950F-15BA-41C0-9D8F-165FC0536012}
Movie Maker-->MsiExec.exe /X{A47EA9D4-BB87-415E-9239-28860434E5A0}
Movie Maker-->MsiExec.exe /X{ED6C77F9-4D7E-447C-9EC0-9A212D075535}
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Mozilla Thunderbird 17.0 (x86 cs)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
MPLAB Tools v8.88-->"C:\Program Files (x86)\InstallShield Installation Information\{F4637AFF-768B-4949-8C7F-1A05892C93E4}\setup.exe" -runfromtemp -l0x0409 -removeonly
MPLAB Tools v8.88-->MsiExec.exe /I{F4637AFF-768B-4949-8C7F-1A05892C93E4}
MSVCRT Redists-->MsiExec.exe /I{AB085680-FE98-11E1-A232-F04DA23A5C58}
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSVCRT110_amd64-->MsiExec.exe /I{E9FA781F-3E80-4399-825A-AD3E11C28C77}
MSVCRT110-->MsiExec.exe /I{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
n2n Gui 0.41-->"C:\Program Files\n2n Gui\unins000.exe"
Need for Speed Most Wanted-->D:\HRY\Need for Speed Most Wanted\Uninstall.exe
Need for Speed™ Most Wanted-->D:\HRY\Need for Speed Most Wanted\Uninstall.exe
NetBeans IDE 7.2-->"C:\Program Files\NetBeans 7.2\uninstall.exe"
NVIDIA HD Audio Driver 1.2.19.0-->"C:\windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladač 3D Vision 306.97-->"C:\windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladače grafiky 306.97-->"C:\windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
Nvu 1.0-->C:\Program Files (x86)\Nvu\uninst.exe
OOBERegBackup-->"C:\Program Files (x86)\asus\OOBERegBackup\unins000.exe"
OpenOffice.org 3.4.1-->MsiExec.exe /I{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}
OpenVPN 2.2.1-->C:\Program Files (x86)\OpenVPN\Uninstall.exe
Opera 12.12-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall
PDF Editor 3-->C:\windows\cadkasdeinst01e.exe "C:\Program Files (x86)\PDF Editor 3\"
Photo Common-->MsiExec.exe /X{0DF95460-2887-4011-9344-1959CDF18ADC}
Photo Common-->MsiExec.exe /X{AA82E5EF-70C2-41CB-8432-309078304CBB}
Photo Common-->MsiExec.exe /X{C67BC332-A59A-4D40-977F-664F60AB21D8}
Photo Common-->MsiExec.exe /X{D888F114-7537-4D48-AF03-5DA9C82D7540}
Photo Common-->MsiExec.exe /X{EB91007A-0110-42A6-B869-2709955A9B2A}
Photo Gallery-->MsiExec.exe /X{30F99474-EBE3-4134-A02B-F6CD38CFE243}
Photo Gallery-->MsiExec.exe /X{FC6C7107-7D72-41A1-A031-3CE751159BAB}
Poczta usługi Windows Live-->MsiExec.exe /I{4E55905B-849D-4633-9267-3EC77E24221A}
Podstawowe programy Windows Live-->MsiExec.exe /I{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}
Portal 1 CZ 1.00-->D:\HRY\Portal 1 CZ\Uninstall.exe
PrivateTunnel-->MsiExec.exe /I{DC38FE17-7627-40B8-8206-7C31043022A1}
ProfiCAD 7.1.1-->"C:\Program Files (x86)\ProfiCAD\unins000.exe"
PSPad editor-->"C:\Program Files (x86)\PSPad editor\Uninst\unins000.exe"
Quantum of Solace(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{CDF29D6C-AA05-49F9-A55A-89C2F8F4F46E}\setup.exe -runfromtemp -l0x0409
Ralink RT2860 Wireless LAN Card-->C:\Program Files (x86)\InstallShield Installation Information\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
ScreenSaverPatch-->"C:\Program Files (x86)\asus\ScreenSaverPatch\unins000.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.10-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
SmartDraw 2013-->C:\PROGRA~2\SMARTD~1\UNWISE.EXE C:\PROGRA~2\SMARTD~1\INSTALL.LOG
Super Hybrid Engine-->"C:\Program Files (x86)\InstallShield Installation Information\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}\setup.exe" -runfromtemp -l0x0409 -removeonly
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
syncables desktop SE-->MsiExec.exe /X{341697D8-9923-445E-B42A-529E5A99CB7A}
System Requirements Lab CYRI-->MsiExec.exe /I{943A8D28-80D6-41DC-AE94-81FEB42041BF}
TeamSpeak 3 Client-->"C:\Program Files (x86)\TeamSpeak 3 Client\uninstall.exe"
TeamViewer 8-->C:\Program Files (x86)\TeamViewer\Version8\uninstall.exe
Texmaker-->C:\Program Files (x86)\Texmaker\uninstall.exe
TmNationsForever-->"C:\Program Files (x86)\TmNationsForever\unins000.exe"
Total Commander 64-bit (Remove or Repair)-->c:\totalcmd\tcunin64.exe
Trend Micro Titanium-->C:\Program Files\Trend Micro\Titanium\Remove.exe
Trend Micro Titanium-->MsiExec.exe /X{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
uTorrentControl_v2 Toolbar-->C:\Program Files (x86)\uTorrentControl_v2\uninstall.exe toolbar
VLC media player 2.0.3-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
WampServer 2.2-->"c:\wamp\unins000.exe"
WIDCOMM Bluetooth Software-->MsiExec.exe /X{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}
Windows Live Communications Platform-->MsiExec.exe /I{0454BB9A-2A7A-4214-BDFF-937F7A711A44}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}
Windows Live Essentials-->MsiExec.exe /I{857BC375-BCFB-474E-9BD9-7EBB18EC55E0}
Windows Live Essentials-->MsiExec.exe /I{C034A6F9-6569-491B-B3BF-F5D15221A708}
Windows Live Essentials-->MsiExec.exe /I{C4D82144-B2D5-4A0E-A470-16F13EBC5BCB}
Windows Live Family Safety-->MsiExec.exe /I{76E62ACD-1536-4AC7-9A2E-B7DB4F2ACE5E}
Windows Live Family Safety-->MsiExec.exe /I{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}
Windows Live Family Safety-->MsiExec.exe /I{8502F597-4852-48BB-99E5-824AC4C057F0}
Windows Live Family Safety-->MsiExec.exe /I{95D78710-DEE9-4577-9FC6-35BE431898DC}
Windows Live Family Safety-->MsiExec.exe /I{B474FC1C-4619-4C99-8ECE-382D71627CCA}
Windows Live Family Safety-->MsiExec.exe /X{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{CE52672C-A0E9-4450-8875-88A221D5CD50}
Windows Live Installer-->MsiExec.exe /I{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}
Windows Live Mail-->MsiExec.exe /I{00476F3E-3C4D-4E02-B8BB-125350157EB9}
Windows Live Mail-->MsiExec.exe /I{03426ED9-9D9C-4F71-B293-BBE6493367A2}
Windows Live Mail-->MsiExec.exe /I{50849B2C-097E-47A5-A076-6F11A939E093}
Windows Live Mail-->MsiExec.exe /I{70854FE6-3BF1-4C69-94D0-BEB821102E34}
Windows Live Mail-->MsiExec.exe /I{B80D3EA9-A252-4AE5-AC51-81729F5C586F}
Windows Live Messenger-->MsiExec.exe /X{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}
Windows Live Messenger-->MsiExec.exe /X{37FDD121-C443-4FD3-A213-2449B397C068}
Windows Live Messenger-->MsiExec.exe /X{66DB6D91-BF91-480B-933D-7CB8B1E64D74}
Windows Live Messenger-->MsiExec.exe /X{8146445E-B14D-4CBA-AB9A-728CF166DAC9}
Windows Live Messenger-->MsiExec.exe /X{CE44687E-BC21-4B69-B0AE-6BDFD6B5C327}
Windows Live Messenger-->MsiExec.exe /X{F2235E5E-7881-4293-9B6F-04B2609FBFF0}
Windows Live MIME IFilter-->MsiExec.exe /I{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}
Windows Live Photo Common-->MsiExec.exe /X{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}
Windows Live PIMT Platform-->MsiExec.exe /I{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}
Windows Live SOXE Definitions-->MsiExec.exe /I{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}
Windows Live SOXE-->MsiExec.exe /I{FE7C0B3D-50B9-4951-BE78-A321CBF86552}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{18272881-CFC0-434D-A975-E5BE44206AA0}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{56232E3D-7EA9-45E0-A371-26CD80510AF7}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{7E9A63B3-8572-4A4B-9F87-3C2A873BBC55}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{E18F981B-401C-4D90-BC57-D8903564D558}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}
Windows Live UX Platform-->MsiExec.exe /I{4CCBD1F4-CEEC-452A-9CB8-46564B501315}
Windows Live Writer Resources-->MsiExec.exe /X{23A3E560-069F-4CFC-8F6C-1B526EC735FC}
Windows Live Writer Resources-->MsiExec.exe /X{3A9ECD64-DE00-4779-A89E-C878513B2B37}
Windows Live Writer Resources-->MsiExec.exe /X{7211F448-F865-4D37-B905-24D84E6C3E5E}
Windows Live Writer Resources-->MsiExec.exe /X{96361BC7-B7C8-4594-AD89-813C371F4246}
Windows Live Writer Resources-->MsiExec.exe /X{E800ADC4-F459-42F5-89A2-E754634B010A}
Windows Live Writer-->MsiExec.exe /X{1026DF85-1C0F-4839-888E-EB9D5B73CF46}
Windows Live Writer-->MsiExec.exe /X{254F7574-53A7-43D1-BC4D-B1E894AEE175}
Windows Live Writer-->MsiExec.exe /X{42B6C7E0-0DAE-488D-8DAF-838898102F19}
Windows Live Writer-->MsiExec.exe /X{86C40513-B5A4-476E-9EAB-EC118DCF4502}
Windows Live Writer-->MsiExec.exe /X{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}
Windows Live Writer-->MsiExec.exe /X{D2C146B1-948D-47EF-8387-5D1C6B980F7C}
Windows Live Writer-->MsiExec.exe /X{F29C9CFE-350A-42AC-A7C8-04154D5FE8A9}
WinPcap 4.1.1-->C:\Program Files (x86)\WinPcap\uninstall.exe
WinRAR 4.20 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
Wolfram Mathematica 8 for Students (M-WIN-G 8.0.1 2063988)-->"C:\Program Files\Wolfram Research\Mathematica\8.0\SystemFiles\UninstallFiles\Windows\unins000.exe"
Xilinx Design Tools (C:\Xilinx\14.2\ISE_DS)-->C:\Xilinx\14.2\ISE_DS/settings64.bat C:\Xilinx\14.2\ISE_DS\common/bin/nt64/xsetup.exe -uninstall

======System event log======

Computer Name: WIN-JAGL2NRDI3U
Event Code: 7036
Message: Stav služby Windows Search byl změněn na: stopped
Record Number: 2118
Source Name: Service Control Manager
Time Written: 20110429151104.031015-000
Event Type: Informace
User:

Computer Name: WIN-JAGL2NRDI3U
Event Code: 7040
Message: Režim spuštění služby Windows Search byl změněn z auto start na disabled.
Record Number: 2117
Source Name: Service Control Manager
Time Written: 20110429151102.315012-000
Event Type: Informace
User:

Computer Name: WIN-JAGL2NRDI3U
Event Code: 104
Message: Byl vymazán soubor protokolu Setup.
Record Number: 2116
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110429151051.223393-000
Event Type: Informace
User:

Computer Name: WIN-JAGL2NRDI3U
Event Code: 104
Message: Byl vymazán soubor protokolu Application.
Record Number: 2115
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110429151051.192193-000
Event Type: Informace
User:

Computer Name: WIN-JAGL2NRDI3U
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 2114
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110429151051.176593-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: WIN-JAGL2NRDI3U
Event Code: 1
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.
Record Number: 1193
Source Name: SecurityCenter
Time Written: 20110429151141.000000-000
Event Type: Informace
User:

Computer Name: WIN-JAGL2NRDI3U
Event Code: 900
Message: Služba Ochrana softwaru se spouští.

Record Number: 1192
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20110429151140.000000-000
Event Type: Informace
User:

Computer Name: WIN-JAGL2NRDI3U
Event Code: 1003
Message: Služba Windows Search byla spuštěna.

Record Number: 1191
Source Name: Microsoft-Windows-Search
Time Written: 20110429151105.000000-000
Event Type: Informace
User:

Computer Name: WIN-JAGL2NRDI3U
Event Code: 1013
Message: Služba Windows Search byla řádně zastavena.

Record Number: 1190
Source Name: Microsoft-Windows-Search
Time Written: 20110429151104.000000-000
Event Type: Informace
User:

Computer Name: WIN-JAGL2NRDI3U
Event Code: 103
Message: Windows (2120) Windows: Databázový stroj zastavil instanci (0).
Record Number: 1189
Source Name: ESENT
Time Written: 20110429151103.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: WIN-JAGL2NRDI3U
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-JAGL2NRDI3U$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x244
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 3483
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110429151107.041821-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-JAGL2NRDI3U
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 3482
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110429151104.561416-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-JAGL2NRDI3U
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-JAGL2NRDI3U$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x244
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 3481
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110429151104.561416-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-JAGL2NRDI3U
Event Code: 4738
Message: Byl změněn uživatelský účet.

Předmět:
ID zabezpečení: S-1-5-21-120752720-208498101-812736008-500
Název účtu: Administrator
Doména účtu: WIN-JAGL2NRDI3U
ID přihlášení: 0x418c2

Cílový účet:
ID zabezpečení: S-1-5-21-120752720-208498101-812736008-500
Název účtu: Administrator
Doména účtu: WIN-JAGL2NRDI3U

Změněné atributy:
Název účtu SAM: -
Zobrazovaný název: -
Zaregistrovaný název uživatele: -
Domovský adresář: -
Domovská jednotka: -
Cesta skriptu: -
Cesta profilu: -
Pracovní stanice uživatele: -
Poslední nastavení hesla: -
Vypršení platnosti účtu: -
ID primární skupiny: -
Povolené delegování: -
Původní hodnota UAC: 0x211
Nová hodnota UAC: 0x211
Řízení účtu uživatele: -
Parametry uživatele: -
Historie identifikátoru zabezpečení: -
Přihlašovací hodiny: -

Další informace:
Oprávnění: -
Record Number: 3480
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110429151100.926610-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-JAGL2NRDI3U
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-120752720-208498101-812736008-500
Název účtu: Administrator
Název domény: WIN-JAGL2NRDI3U
ID přihlášení: 0x418c2
Record Number: 3479
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110429151051.192193-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"configsetroot"=%SystemRoot%\ConfigSetRoot
"EXE4J_JAVA_HOME"=C:\Program Files\Java\jre7\bin\java.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=4
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Trend Micro\AMSP;C:\Program Files\ZendFrameworkCli\bin;C:\wamp\bin\php\php5.4.3;C:\Program Files (x86)\Microchip\MPLAB C32 Suite\bin;C:\Program Files (x86)\MiKTeX 2.9\miktex\bin\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 28 Stepping 10, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=1c0a
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%

-----------------EOF-----------------

#3 Příspěvek od **Roli** » 13 led 2013 22:04

Zdravím, tohle fixni v HJT :

R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\PROGRA~2\Zend\ZENDST~1.1\toolbars\ZENDIE~1.DLL (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Alda\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe
O9 - Extra button: Zend Studio Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~2\Zend\ZENDST~1.1\toolbars\ZENDIE~1.DLL (file missing)
O9 - Extra 'Tools' menuitem: Zend Studio - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~2\Zend\ZENDST~1.1\toolbars\ZENDIE~1.DLL (file missing)

HJT najdeš zde :

C:\Program Files\trend micro\Alda.exe

Fix znamená že spustíš HJT Obrázek

jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.

Přes Start >> Všechny programy >> Příslušenství >> Spustit >> napiš - services.msc >> Enter. Najdi službu :

NVIDIA Update Service Daemon

Skype Updater

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.

Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

V případě nejasností je ZDE obrázkový návod.

MaxDJs · #4 Příspěvek od **MaxDJs** » 14 led 2013 02:24

Už to vypadá docela dobře, dneska ještě spustím ten ComboFix a postnu sem ten log. Ale je to o hodně rychlejší.

#5 Příspěvek od **Roli** » 14 led 2013 22:48

MaxDJs píše:Už to vypadá docela dobře, dneska ještě spustím ten ComboFix a postnu sem ten log. Ale je to o hodně rychlejší.

Tak to má být a na log si počkám

MaxDJs · #6 Příspěvek od **MaxDJs** » 15 led 2013 01:49

Když spustím ComboFix, tak se mi to sekne vždycky ve fázi 48. Už jsem to spustil několikrát od znova a vždy v té fázi 48 se to sekne. Co s tím?

#7 Příspěvek od **Roli** » 15 led 2013 21:28

MaxDJs píše:Když spustím ComboFix, tak se mi to sekne vždycky ve fázi 48. Už jsem to spustil několikrát od znova a vždy v té fázi 48 se to sekne. Co s tím?

Zkus ho spustit v Nouzovém režimu.

MaxDJs · #8 Příspěvek od **MaxDJs** » 17 led 2013 14:14

ComboFix 13-01-14.01 - Alda 17.01.2013 13:49:32.3.4 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2038.1080 [GMT 1:00]
Spuštěný z: c:\users\Alda\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Trend Micro Titanium *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-17 do 2013-01-17 )))))))))))))))))))))))))))))))
.
.
2013-01-17 13:01 . 2013-01-17 13:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-17 13:01 . 2013-01-17 13:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-14 23:53 . 2013-01-14 23:53 -------- d-----w- c:\users\Alda\AppData\Roaming\BANDISOFT
2013-01-14 23:52 . 2013-01-14 23:52 -------- d-----w- c:\program files (x86)\Bandicam
2013-01-14 23:51 . 2013-01-14 23:52 -------- d-----w- c:\program files (x86)\BandiMPEG1
2013-01-14 23:47 . 2013-01-14 23:47 -------- d-----w- c:\program files (x86)\UnH Solutions
2013-01-14 21:14 . 2013-01-14 21:14 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-01-13 23:23 . 2013-01-13 23:49 -------- d-----w- c:\users\Alda\AppData\Local\Microsoft Games
2013-01-13 21:42 . 2013-01-13 21:42 -------- d-----w- c:\program files\CCleaner
2013-01-13 16:12 . 2013-01-13 16:14 -------- d-----w- C:\rsit
2013-01-13 10:26 . 2013-01-13 10:26 -------- d-----w- c:\users\Alda\AppData\Roaming\HomeSheepHome2
2013-01-13 10:16 . 2013-01-13 10:19 -------- d-----w- c:\program files (x86)\Home Sheep Home 2
2013-01-12 00:27 . 2013-01-12 00:27 -------- d-----w- c:\users\Alda\AppData\Roaming\FunnyGames
2013-01-12 00:27 . 2013-01-12 00:27 -------- d-----w- c:\users\Alda\AppData\Local\FunnyGames
2013-01-09 11:47 . 2012-12-07 13:15 2746368 ----a-w- c:\windows\system32\gameux.dll
2013-01-09 11:47 . 2012-12-07 12:26 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2013-01-09 11:47 . 2012-12-07 12:20 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2013-01-09 11:47 . 2012-12-07 11:20 23552 ----a-w- c:\windows\system32\oflc.rs
2013-01-09 11:47 . 2012-12-07 11:20 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2013-01-09 11:47 . 2012-12-07 11:19 55296 ----a-w- c:\windows\system32\cero.rs
2013-01-09 11:47 . 2012-12-07 11:19 51712 ----a-w- c:\windows\system32\esrb.rs
2013-01-09 11:47 . 2012-12-07 10:46 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2013-01-09 11:47 . 2012-12-07 10:46 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2013-01-09 11:47 . 2012-12-07 10:46 55296 ----a-w- c:\windows\SysWow64\cero.rs
2013-01-09 11:47 . 2012-12-07 10:46 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2013-01-09 11:44 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-09 11:44 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2013-01-07 09:20 . 2010-08-20 21:08 30720 ----a-w- c:\windows\system32\drivers\tap0901.sys
2013-01-07 09:20 . 2013-01-07 09:20 -------- d-----w- c:\program files\n2n Gui
2013-01-07 07:58 . 2013-01-13 23:23 -------- d-----w- c:\users\Alda\AppData\Roaming\TS3Client
2013-01-07 07:56 . 2013-01-07 07:56 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2013-01-07 00:31 . 2013-01-07 00:34 -------- d-----w- c:\program files (x86)\OpenVPN
2013-01-07 00:11 . 2013-01-07 00:16 -------- d-----w- c:\users\Alda\AppData\Roaming\PrivateTunnel
2013-01-07 00:10 . 2013-01-07 00:10 -------- d-----w- c:\program files (x86)\OpenVPN Technologies
2013-01-05 23:21 . 2013-01-05 23:21 -------- d-----w- c:\programdata\AVS4YOU
2013-01-05 23:21 . 2013-01-05 23:21 -------- d-----w- c:\users\Alda\AppData\Roaming\AVS4YOU
2013-01-05 23:14 . 2011-09-16 17:00 11137024 ----a-w- c:\windows\SysWow64\libmfxsw32.dll
2013-01-05 23:14 . 2013-01-05 23:18 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia
2013-01-05 23:14 . 2011-06-23 12:26 1700352 ----a-w- c:\windows\SysWow64\GdiPlus.dll
2013-01-05 23:14 . 2011-06-23 12:25 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll
2013-01-05 23:14 . 2013-01-05 23:18 -------- d-----w- c:\program files (x86)\AVS4YOU
2013-01-05 15:32 . 2013-01-05 15:32 -------- d-----w- c:\users\Alda\AppData\Roaming\Publish Providers
2013-01-05 15:15 . 2013-01-05 15:26 -------- d-----w- c:\program files (x86)\Sony
2013-01-05 15:15 . 2013-01-05 15:15 -------- d-----w- c:\programdata\Sony
2013-01-05 15:15 . 2013-01-05 15:26 -------- d-----w- c:\program files\Sony
2013-01-05 12:04 . 2013-01-05 15:15 -------- d-----w- c:\users\Alda\AppData\Local\Sony
2013-01-05 12:01 . 2013-01-05 15:49 -------- d-----w- c:\users\Alda\AppData\Roaming\Sony
2013-01-04 15:43 . 2013-01-04 15:47 -------- d-----w- c:\windows\rescache
2012-12-26 10:52 . 2013-01-07 18:38 -------- d-----w- c:\users\Alda\sek5
2012-12-25 23:50 . 2012-12-25 23:50 -------- d-----w- c:\users\Alda\AppData\Roaming\Greyfirst
2012-12-25 23:50 . 2012-12-25 23:50 -------- d-----w- c:\users\Alda\AppData\Local\Greyfirst
2012-12-25 23:46 . 2012-12-25 23:47 -------- d-----w- c:\program files (x86)\Celtx
2012-12-23 09:30 . 2012-12-23 09:30 -------- d-----w- c:\users\Alda\AppData\Roaming\CorsixTH
2012-12-23 09:30 . 2012-12-23 09:30 -------- d-----w- c:\program files\CorsixTH
2012-12-22 16:58 . 2012-12-24 15:15 -------- d-----w- c:\users\Alda\AppData\Roaming\xm1
2012-12-22 16:54 . 2012-12-22 16:54 -------- d-----w- c:\program files (x86)\Texmaker
2012-12-22 11:54 . 2012-12-22 11:54 -------- d-----w- c:\users\Alda\AppData\Roaming\MiKTeX
2012-12-22 11:54 . 2012-12-22 11:54 -------- d-----w- c:\users\Alda\AppData\Local\MiKTeX
2012-12-22 11:44 . 2012-12-22 11:44 -------- d-----w- c:\programdata\MiKTeX
2012-12-22 11:36 . 2012-12-22 11:41 -------- d-----w- c:\program files (x86)\MiKTeX 2.9
2012-12-22 03:22 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 03:22 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-22 03:22 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-22 03:22 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-20 19:55 . 2012-12-20 19:55 -------- d-----w- c:\program files (x86)\IDOS
2012-12-18 23:50 . 2012-12-18 23:50 -------- d-----w- c:\users\Alda\AppData\Roaming\Activision
2012-12-18 23:50 . 2012-12-18 23:50 -------- d-----w- c:\programdata\Activision
2012-12-18 23:37 . 2008-03-05 15:00 28168 ----a-w- c:\windows\system32\X3DAudio1_3.dll
2012-12-18 23:35 . 2007-04-04 17:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2012-12-18 23:35 . 2007-03-15 15:57 443752 ----a-w- c:\windows\SysWow64\d3dx10_33.dll
2012-12-18 23:35 . 2007-03-12 15:42 1123696 ----a-w- c:\windows\SysWow64\D3DCompiler_33.dll
2012-12-18 23:35 . 2007-03-12 15:42 3495784 ----a-w- c:\windows\SysWow64\d3dx9_33.dll
2012-12-18 23:35 . 2012-12-18 23:35 -------- d-----w- c:\windows\SysWow64\xlive
2012-12-18 22:57 . 2012-12-18 22:57 -------- d-----w- c:\program files (x86)\Activision
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-14 23:34 . 2012-09-21 21:02 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-14 23:34 . 2012-09-21 21:02 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-10 02:06 . 2012-10-20 09:12 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-11 17:03 . 2012-10-09 18:31 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-12-11 17:03 . 2012-10-09 18:31 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-12-07 23:37 . 2012-12-07 23:37 33344 ----a-w- c:\windows\system32\drivers\hamachi.sys
2012-12-03 22:51 . 2012-12-03 22:51 8282192 ----a-w- c:\programdata\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE
2012-12-03 14:18 . 2012-12-03 14:18 28672 ----a-w- c:\windows\SysWow64\maplec.dll
2012-11-30 04:45 . 2013-01-09 11:46 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-19 07:33 . 2012-11-19 07:33 70264 ----a-w- c:\windows\system32\bdmpega64.acm
2012-11-19 07:33 . 2012-11-19 07:33 69752 ----a-w- c:\windows\system32\bdmpegv64.dll
2012-11-19 07:33 . 2012-11-19 07:33 65656 ----a-w- c:\windows\SysWow64\bdmpega.acm
2012-11-19 07:33 . 2012-11-19 07:33 65656 ----a-w- c:\windows\SysWow64\bdmpegv.dll
2012-11-19 07:33 . 2012-11-19 07:33 25200 ----a-w- c:\windows\system32\bdmjpeg64.dll
2012-11-19 07:33 . 2012-11-19 07:33 22640 ----a-w- c:\windows\SysWow64\bdmjpeg.dll
2012-11-14 07:06 . 2012-12-13 06:53 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-13 06:53 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-13 06:54 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-13 06:54 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-13 06:54 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-13 06:54 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-13 06:54 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-13 06:54 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-13 06:54 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-13 06:54 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-13 06:54 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-13 06:54 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-13 06:54 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-13 06:54 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-13 06:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-13 06:54 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-13 06:54 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-13 06:54 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-13 06:54 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-13 06:54 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-13 06:54 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-13 06:54 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-12 12:42 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 12:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-12 12:41 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-12 12:41 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-10-05 14:59 220632 ----a-w- c:\users\Alda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-10-05 14:59 220632 ----a-w- c:\users\Alda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-10-05 14:59 220632 ----a-w- c:\users\Alda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ICQ"="c:\program files (x86)\ICQ7M\ICQ.exe" [2012-09-23 127040]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2011-04-29 3058304]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"HotkeyMon"="AsusSender.exe" [2011-03-11 34728]
"HotkeyService"="AsusSender.exe" [2011-03-11 34728]
"SuperHybridEngine"="AsusSender.exe" [2011-03-11 34728]
"CapsHook"="AsusSender.exe" [2011-03-11 34728]
"Eee Docking"="c:\program files (x86)\ASUS\Eee Docking\Eee Docking.exe" [2011-01-06 414384]
"OOBESetup"="c:\program files (x86)\asus\OOBERegBackup\OOBERegBackup.exe" [2011-01-04 345088]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-29 2018032]
"SafeQ Client"="c:\program files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe" [2010-03-31 249856]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-11 384800]
.
c:\users\Alda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
hamachi.lnk - c:\program files (x86)\Hamachi\hamachi.exe [2012-12-8 624416]
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2012-9-22 576000]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-5-21 1127712]
PrivateTunnel.lnk - c:\program files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
R1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
R1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-09-24 27800]
R1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-11 85280]
R2 AsusService;Asus Launcher Service;c:\windows\SysWOW64\AsusService.exe [2010-12-07 224680]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 47632]
R2 OpenVPNAccessClient;OpenVPN Access Client;c:\program files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe [2012-10-12 24064]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-11-29 3463080]
R2 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-05-21 341032]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-05-21 39464]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-07-29 76912]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [2012-07-15 30720]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-23 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-21 23:34]
.
2013-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2391572428-923789495-1877703783-1001Core.job
- c:\users\Alda\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-01 09:50]
.
2013-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2391572428-923789495-1877703783-1001UA.job
- c:\users\Alda\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-01 09:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-10-05 14:59 244696 ----a-w- c:\users\Alda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-10-05 14:59 244696 ----a-w- c:\users\Alda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-10-05 14:59 244696 ----a-w- c:\users\Alda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LiveUpdate"="AsusSender.exe" [2010-12-07 34728]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-10-20 321872]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-11-01 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-11-01 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-11-01 364056]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-08-24 11447912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus.msn.com
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
WebBrowser-{7473B6BD-4691-4744-A82B-7854EB3D70B6} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
AddRemove-Mafia Game - c:\windows\system32\MafiaSetup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-01-17 14:06:30
ComboFix-quarantined-files.txt 2013-01-17 13:06
.
Před spuštěním: 3 600 412 672
Po spuštění: 3 455 602 688
.
- - End Of File - - D45B8BE47941FAE7C6ADEB9EBE20F5FD

#9 Příspěvek od **Roli** » 17 led 2013 22:09

Ještě doladíme ale pro jistotu to proveď opět v Nouzovém režimu.

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

RegLock::  
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

MaxDJs · #10 Příspěvek od **MaxDJs** » 18 led 2013 13:26

ComboFix 13-01-14.01 - Alda 18.01.2013 12:45:38.4.4 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2038.1056 [GMT 1:00]
Spuštěný z: c:\users\Alda\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Alda\Desktop\CFScript.txt
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Trend Micro Titanium *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-18 do 2013-01-18 )))))))))))))))))))))))))))))))
.
.
2013-01-18 11:56 . 2013-01-18 11:56 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-18 11:56 . 2013-01-18 11:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-15 20:34 . 2013-01-18 11:23 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2013-01-14 23:53 . 2013-01-14 23:53 -------- d-----w- c:\users\Alda\AppData\Roaming\BANDISOFT
2013-01-14 23:52 . 2013-01-14 23:52 -------- d-----w- c:\program files (x86)\Bandicam
2013-01-14 23:51 . 2013-01-14 23:52 -------- d-----w- c:\program files (x86)\BandiMPEG1
2013-01-14 23:47 . 2013-01-14 23:47 -------- d-----w- c:\program files (x86)\UnH Solutions
2013-01-14 21:14 . 2013-01-14 21:14 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-01-13 23:23 . 2013-01-13 23:49 -------- d-----w- c:\users\Alda\AppData\Local\Microsoft Games
2013-01-13 21:42 . 2013-01-13 21:42 -------- d-----w- c:\program files\CCleaner
2013-01-13 16:12 . 2013-01-13 16:14 -------- d-----w- C:\rsit
2013-01-13 10:26 . 2013-01-13 10:26 -------- d-----w- c:\users\Alda\AppData\Roaming\HomeSheepHome2
2013-01-13 10:16 . 2013-01-13 10:19 -------- d-----w- c:\program files (x86)\Home Sheep Home 2
2013-01-12 00:27 . 2013-01-12 00:27 -------- d-----w- c:\users\Alda\AppData\Roaming\FunnyGames
2013-01-12 00:27 . 2013-01-12 00:27 -------- d-----w- c:\users\Alda\AppData\Local\FunnyGames
2013-01-09 11:47 . 2012-12-07 13:15 2746368 ----a-w- c:\windows\system32\gameux.dll
2013-01-09 11:47 . 2012-12-07 12:26 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2013-01-09 11:47 . 2012-12-07 12:20 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2013-01-09 11:47 . 2012-12-07 11:20 23552 ----a-w- c:\windows\system32\oflc.rs
2013-01-09 11:47 . 2012-12-07 11:20 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2013-01-09 11:47 . 2012-12-07 11:19 55296 ----a-w- c:\windows\system32\cero.rs
2013-01-09 11:47 . 2012-12-07 11:19 51712 ----a-w- c:\windows\system32\esrb.rs
2013-01-09 11:47 . 2012-12-07 10:46 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2013-01-09 11:47 . 2012-12-07 10:46 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2013-01-09 11:47 . 2012-12-07 10:46 55296 ----a-w- c:\windows\SysWow64\cero.rs
2013-01-09 11:47 . 2012-12-07 10:46 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2013-01-09 11:44 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-09 11:44 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2013-01-07 09:20 . 2010-08-20 21:08 30720 ----a-w- c:\windows\system32\drivers\tap0901.sys
2013-01-07 09:20 . 2013-01-07 09:20 -------- d-----w- c:\program files\n2n Gui
2013-01-07 07:58 . 2013-01-13 23:23 -------- d-----w- c:\users\Alda\AppData\Roaming\TS3Client
2013-01-07 07:56 . 2013-01-07 07:56 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2013-01-07 00:31 . 2013-01-07 00:34 -------- d-----w- c:\program files (x86)\OpenVPN
2013-01-07 00:11 . 2013-01-07 00:16 -------- d-----w- c:\users\Alda\AppData\Roaming\PrivateTunnel
2013-01-07 00:10 . 2013-01-07 00:10 -------- d-----w- c:\program files (x86)\OpenVPN Technologies
2013-01-05 23:21 . 2013-01-05 23:21 -------- d-----w- c:\programdata\AVS4YOU
2013-01-05 23:21 . 2013-01-05 23:21 -------- d-----w- c:\users\Alda\AppData\Roaming\AVS4YOU
2013-01-05 23:14 . 2011-09-16 17:00 11137024 ----a-w- c:\windows\SysWow64\libmfxsw32.dll
2013-01-05 23:14 . 2013-01-05 23:18 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia
2013-01-05 23:14 . 2011-06-23 12:26 1700352 ----a-w- c:\windows\SysWow64\GdiPlus.dll
2013-01-05 23:14 . 2011-06-23 12:25 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll
2013-01-05 23:14 . 2013-01-05 23:18 -------- d-----w- c:\program files (x86)\AVS4YOU
2013-01-05 15:32 . 2013-01-05 15:32 -------- d-----w- c:\users\Alda\AppData\Roaming\Publish Providers
2013-01-05 15:15 . 2013-01-05 15:26 -------- d-----w- c:\program files (x86)\Sony
2013-01-05 15:15 . 2013-01-05 15:15 -------- d-----w- c:\programdata\Sony
2013-01-05 15:15 . 2013-01-05 15:26 -------- d-----w- c:\program files\Sony
2013-01-05 12:04 . 2013-01-05 15:15 -------- d-----w- c:\users\Alda\AppData\Local\Sony
2013-01-05 12:01 . 2013-01-05 15:49 -------- d-----w- c:\users\Alda\AppData\Roaming\Sony
2013-01-04 15:43 . 2013-01-04 15:47 -------- d-----w- c:\windows\rescache
2012-12-26 10:52 . 2013-01-07 18:38 -------- d-----w- c:\users\Alda\sek5
2012-12-25 23:50 . 2012-12-25 23:50 -------- d-----w- c:\users\Alda\AppData\Roaming\Greyfirst
2012-12-25 23:50 . 2012-12-25 23:50 -------- d-----w- c:\users\Alda\AppData\Local\Greyfirst
2012-12-25 23:46 . 2012-12-25 23:47 -------- d-----w- c:\program files (x86)\Celtx
2012-12-23 09:30 . 2012-12-23 09:30 -------- d-----w- c:\users\Alda\AppData\Roaming\CorsixTH
2012-12-23 09:30 . 2012-12-23 09:30 -------- d-----w- c:\program files\CorsixTH
2012-12-22 16:58 . 2012-12-24 15:15 -------- d-----w- c:\users\Alda\AppData\Roaming\xm1
2012-12-22 16:54 . 2012-12-22 16:54 -------- d-----w- c:\program files (x86)\Texmaker
2012-12-22 11:54 . 2012-12-22 11:54 -------- d-----w- c:\users\Alda\AppData\Roaming\MiKTeX
2012-12-22 11:54 . 2012-12-22 11:54 -------- d-----w- c:\users\Alda\AppData\Local\MiKTeX
2012-12-22 11:44 . 2012-12-22 11:44 -------- d-----w- c:\programdata\MiKTeX
2012-12-22 11:36 . 2012-12-22 11:41 -------- d-----w- c:\program files (x86)\MiKTeX 2.9
2012-12-22 03:22 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 03:22 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-22 03:22 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-22 03:22 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-20 19:55 . 2012-12-20 19:55 -------- d-----w- c:\program files (x86)\IDOS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-14 23:34 . 2012-09-21 21:02 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-14 23:34 . 2012-09-21 21:02 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-10 02:06 . 2012-10-20 09:12 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-11 17:03 . 2012-10-09 18:31 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-12-11 17:03 . 2012-10-09 18:31 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-12-07 23:37 . 2012-12-07 23:37 33344 ----a-w- c:\windows\system32\drivers\hamachi.sys
2012-12-03 22:51 . 2012-12-03 22:51 8282192 ----a-w- c:\programdata\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE
2012-12-03 14:18 . 2012-12-03 14:18 28672 ----a-w- c:\windows\SysWow64\maplec.dll
2012-11-30 04:45 . 2013-01-09 11:46 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-19 07:33 . 2012-11-19 07:33 70264 ----a-w- c:\windows\system32\bdmpega64.acm
2012-11-19 07:33 . 2012-11-19 07:33 69752 ----a-w- c:\windows\system32\bdmpegv64.dll
2012-11-19 07:33 . 2012-11-19 07:33 65656 ----a-w- c:\windows\SysWow64\bdmpega.acm
2012-11-19 07:33 . 2012-11-19 07:33 65656 ----a-w- c:\windows\SysWow64\bdmpegv.dll
2012-11-19 07:33 . 2012-11-19 07:33 25200 ----a-w- c:\windows\system32\bdmjpeg64.dll
2012-11-19 07:33 . 2012-11-19 07:33 22640 ----a-w- c:\windows\SysWow64\bdmjpeg.dll
2012-11-14 07:06 . 2012-12-13 06:53 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-13 06:53 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-13 06:54 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-13 06:54 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-13 06:54 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-13 06:54 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-13 06:54 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-13 06:54 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-13 06:54 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-13 06:54 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-13 06:54 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-13 06:54 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-13 06:54 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-13 06:54 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-13 06:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-13 06:54 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-13 06:54 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-13 06:54 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-13 06:54 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-13 06:54 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-13 06:54 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-13 06:54 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-12 12:42 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 12:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-12 12:41 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-12 12:41 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-10-05 14:59 220632 ----a-w- c:\users\Alda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-10-05 14:59 220632 ----a-w- c:\users\Alda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-10-05 14:59 220632 ----a-w- c:\users\Alda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ICQ"="c:\program files (x86)\ICQ7M\ICQ.exe" [2012-09-23 127040]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2011-04-29 3058304]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"HotkeyMon"="AsusSender.exe" [2011-03-11 34728]
"HotkeyService"="AsusSender.exe" [2011-03-11 34728]
"SuperHybridEngine"="AsusSender.exe" [2011-03-11 34728]
"CapsHook"="AsusSender.exe" [2011-03-11 34728]
"Eee Docking"="c:\program files (x86)\ASUS\Eee Docking\Eee Docking.exe" [2011-01-06 414384]
"OOBESetup"="c:\program files (x86)\asus\OOBERegBackup\OOBERegBackup.exe" [2011-01-04 345088]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-29 2018032]
"SafeQ Client"="c:\program files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe" [2010-03-31 249856]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-11 384800]
.
c:\users\Alda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
hamachi.lnk - c:\program files (x86)\Hamachi\hamachi.exe [2012-12-8 624416]
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2012-9-22 576000]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-5-21 1127712]
PrivateTunnel.lnk - c:\program files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
R1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
R1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-09-24 27800]
R1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-11 85280]
R2 AsusService;Asus Launcher Service;c:\windows\SysWOW64\AsusService.exe [2010-12-07 224680]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 47632]
R2 OpenVPNAccessClient;OpenVPN Access Client;c:\program files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe [2012-10-12 24064]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-11-29 3463080]
R2 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-05-21 341032]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-05-21 39464]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-07-29 76912]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [2012-07-15 30720]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-23 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-21 23:34]
.
2013-01-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2391572428-923789495-1877703783-1001Core.job
- c:\users\Alda\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-01 09:50]
.
2013-01-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2391572428-923789495-1877703783-1001UA.job
- c:\users\Alda\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-01 09:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-10-05 14:59 244696 ----a-w- c:\users\Alda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-10-05 14:59 244696 ----a-w- c:\users\Alda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-10-05 14:59 244696 ----a-w- c:\users\Alda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SynAsusAcpi"="c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe" [BU]
"LiveUpdate"="AsusSender.exe" [2010-12-07 34728]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-10-20 321872]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-11-01 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-11-01 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-11-01 364056]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-08-24 11447912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus.msn.com
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{7473B6BD-4691-4744-A82B-7854EB3D70B6} - (no file)
AddRemove-Mafia Game - c:\windows\system32\MafiaSetup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
Celkový čas: 2013-01-18 13:01:23
ComboFix-quarantined-files.txt 2013-01-18 12:01
ComboFix2.txt 2013-01-17 13:06
.
Před spuštěním: 5 591 080 960
Po spuštění: 5 588 389 888
.
- - End Of File - - A4B74E6743E3A6F125EC6814230EF294

#11 Příspěvek od **Roli** » 18 led 2013 22:14

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.

Pak dej vědět jaký je stav PC.

MaxDJs · #12 Příspěvek od **MaxDJs** » 19 led 2013 15:31

Notebook je viditelně rychlejší. Díky moc za vyřešení problému.

#13 Příspěvek od **Roli** » 19 led 2013 23:01

Není zač a

VIRY.CZ

Pomalý notebook

Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook