Poškodené služby po štarte a problém s ESETom

[Budovi]

Tak a teraz potrebujem zas pomoc ja...

Niečo vyvolalo chybu v programe ESS a ten sa nebol schopný nespustiť po štarte, a tak spôsoboval okamžité zamrznutie notebooku po prihlásení. Kým som došiel na to, čím to je, som sa snažil zisťovať kde je chyba, možno vtedy som to trochu tiež pokašlal ale proste mám zjavný bordel v registroch, ESS som msuel manuálne odmazať v núdzovom režime

• nenabieha plocha (pozadie) ako má
• problém s widgetmi (sidebar.exe)
• nejde spustiť Win Defender ani Firewall (to bol pokus, asi idem skúsiť KIS medzitým to ale chcem opraviť)

// mám pocit že každým reštartom sa dokašle čosi ďalšie, už mi zmizol aj profil Firefoxu, boh vie čo s tým všetko je, divné, ovládače niektoré som musel reinštalovať a aj tak nejdú korektne a HDD je OK

Vopred ďakujem za pomoc

Log z RSIT
Logfile of random's system information tool 1.08 (written by random/random)
Run by Budo at 2011-07-08 22:42:58
WIN_7 Service Pack 1
System drive C: has 184 GB (67%) free of 275 GB
Total RAM: 4008 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:43:02, on 8. 7. 2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Budo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-1554982330-1077266817-2899125201-1001\..\Run: [] (User '?')
O4 - HKUS\S-1-5-21-1554982330-1077266817-2899125201-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-1554982330-1077266817-2899125201-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - Global Startup: SRS PC Sound.lnk = C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: DriveClone Network Client IBP - Unknown owner - C:\Program Files\Time Stamp\IBP\fsloader.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (file missing)
O23 - Service: ESET SHA Service (ESHASRV) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EShaSrv.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8668 bytes

======Listing Processes======


======Scheduled tasks folder======

C:\windows\tasks\Core Temp startup task.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-02-12 6718864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-23 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EFEED92A-A33D-4873-BA8F-32BAA631E54D}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"fspuip"=C:\Program Files\FSP\fspuip.exe [2011-03-11 4059136]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2010-12-14 316032]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-03-26 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-03-26 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-03-26 418840]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-06-29 966712]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SRS PC Sound.lnk - C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-03-26 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\wpdshserviceobj.dll [2010-11-20 115200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-02-12 6718864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-07-08 16:58:25 ----A---- C:\windows\ntbtlog.txt
2011-07-04 12:56:34 ----D---- C:\Users\Budo\AppData\Roaming\Nokia Ovi Suite
2011-07-04 12:56:33 ----D---- C:\Users\Budo\AppData\Roaming\Nokia
2011-07-04 12:52:10 ----D---- C:\ProgramData\PC Suite
2011-07-04 12:52:09 ----D---- C:\Users\Budo\AppData\Roaming\PC Suite
2011-07-04 12:49:41 ----D---- C:\Program Files\DIFX
2011-07-04 12:49:41 ----A---- C:\windows\system32\drivers\pccsmcfdx64.sys
2011-07-04 12:49:37 ----DC---- C:\windows\system32\DRVSTORE
2011-07-04 12:49:27 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2011-07-04 12:46:48 ----D---- C:\ProgramData\NokiaInstallerCache
2011-06-29 08:32:18 ----A---- C:\windows\system32\tquery.dll
2011-06-29 08:32:18 ----A---- C:\windows\system32\SearchIndexer.exe
2011-06-29 08:32:18 ----A---- C:\windows\system32\mssrch.dll
2011-06-29 08:32:17 ----A---- C:\windows\SYSWOW64\tquery.dll
2011-06-29 08:32:17 ----A---- C:\windows\SYSWOW64\mssrch.dll
2011-06-29 08:32:17 ----A---- C:\windows\system32\SearchProtocolHost.exe
2011-06-29 08:32:16 ----A---- C:\windows\SYSWOW64\SearchProtocolHost.exe
2011-06-29 08:32:16 ----A---- C:\windows\SYSWOW64\SearchIndexer.exe
2011-06-29 08:32:16 ----A---- C:\windows\SYSWOW64\mssph.dll
2011-06-29 08:32:16 ----A---- C:\windows\system32\SearchFilterHost.exe
2011-06-29 08:32:16 ----A---- C:\windows\system32\mssvp.dll
2011-06-29 08:32:16 ----A---- C:\windows\system32\mssphtb.dll
2011-06-29 08:32:16 ----A---- C:\windows\system32\mssph.dll
2011-06-29 08:32:15 ----A---- C:\windows\SYSWOW64\SearchFilterHost.exe
2011-06-29 08:32:15 ----A---- C:\windows\SYSWOW64\mssvp.dll
2011-06-29 08:32:15 ----A---- C:\windows\SYSWOW64\mssphtb.dll
2011-06-29 08:32:15 ----A---- C:\windows\SYSWOW64\msscntrs.dll
2011-06-29 08:32:15 ----A---- C:\windows\system32\msscntrs.dll
2011-06-29 08:32:14 ----A---- C:\windows\SYSWOW64\drvinst.exe
2011-06-29 08:32:14 ----A---- C:\windows\SYSWOW64\devrtl.dll
2011-06-29 08:32:14 ----A---- C:\windows\SYSWOW64\devobj.dll
2011-06-29 08:32:14 ----A---- C:\windows\SYSWOW64\cfgmgr32.dll
2011-06-29 08:32:14 ----A---- C:\windows\system32\umpnpmgr.dll
2011-06-25 23:37:08 ----A---- C:\Users\Budo\AppData\Roaming\Battery Meter_Settings.ini
2011-06-25 23:34:32 ----A---- C:\Users\Budo\AppData\Roaming\Drives Meter_Settings.ini
2011-06-25 23:31:35 ----A---- C:\Users\Budo\AppData\Roaming\Network Meter_Settings.ini
2011-06-25 23:15:14 ----A---- C:\Users\Budo\AppData\Roaming\All CPU Meter_Settings.ini
2011-06-25 09:28:15 ----D---- C:\ProgramData\3DVIA
2011-06-25 09:28:14 ----A---- C:\windows\SYSWOW64\d3dx9_35.dll
2011-06-25 09:28:14 ----A---- C:\windows\SYSWOW64\d3dx9_31.dll
2011-06-25 09:28:12 ----D---- C:\Program Files (x86)\Virtools
2011-06-22 13:43:55 ----D---- C:\Users\Budo\AppData\Roaming\NVIDIA
2011-06-22 13:35:59 ----D---- C:\ProgramData\Futuremark
2011-06-22 13:24:32 ----A---- C:\windows\SYSWOW64\d3dx10_43.dll
2011-06-22 13:24:32 ----A---- C:\windows\SYSWOW64\D3DCompiler_43.dll
2011-06-20 18:00:31 ----D---- C:\Program Files\Defraggler
2011-06-19 23:48:14 ----D---- C:\Users\Budo\AppData\Roaming\Malwarebytes
2011-06-19 23:48:05 ----A---- C:\windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-06-19 23:48:04 ----D---- C:\ProgramData\Malwarebytes
2011-06-19 23:48:01 ----A---- C:\windows\system32\drivers\mbam.sys
2011-06-19 22:56:37 ----D---- C:\ProgramData\Nokia
2011-06-19 22:52:46 ----D---- C:\Program Files (x86)\Nokia
2011-06-19 22:52:46 ----A---- C:\windows\system32\nmwcdclsX64.dll
2011-06-19 21:12:32 ----D---- C:\Users\Budo\AppData\Roaming\Skype
2011-06-19 21:12:20 ----D---- C:\ProgramData\Skype
2011-06-18 14:17:46 ----A---- C:\windows\system32\drivers\VvBackd5.sys
2011-06-18 14:17:46 ----A---- C:\windows\system32\drivers\HCDisk.sys
2011-06-18 14:16:57 ----D---- C:\Program Files\Time Stamp
2011-06-18 11:00:42 ----D---- C:\windows\system32\catroot2
2011-06-18 10:57:10 ----D---- C:\windows\SoftwareDistribution
2011-06-17 14:04:25 ----D---- C:\Users\Budo\AppData\Roaming\Atari
2011-06-17 14:01:05 ----D---- C:\Users\Budo\AppData\Roaming\Leadertech
2011-06-16 23:01:59 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2011-06-16 23:01:59 ----A---- C:\windows\system32\inetcomm.dll
2011-06-16 23:01:35 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2011-06-16 23:01:35 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2011-06-16 23:01:35 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2011-06-16 23:01:11 ----A---- C:\windows\system32\drivers\srvnet.sys
2011-06-16 23:01:10 ----A---- C:\windows\system32\drivers\srv2.sys
2011-06-16 23:01:10 ----A---- C:\windows\system32\drivers\srv.sys
2011-06-16 23:00:37 ----A---- C:\windows\system32\win32k.sys
2011-06-16 22:56:16 ----A---- C:\windows\system32\drivers\tcpip.sys
2011-06-16 22:56:16 ----A---- C:\windows\system32\drivers\afd.sys
2011-06-16 22:51:57 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2011-06-16 22:51:57 ----A---- C:\windows\system32\oleaut32.dll
2011-06-16 21:19:00 ----D---- C:\rsit
2011-06-16 21:19:00 ----D---- C:\Program Files\trend micro
2011-06-16 18:57:01 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2011-06-16 18:57:01 ----A---- C:\windows\system32\mshtmled.dll
2011-06-16 18:57:00 ----A---- C:\windows\SYSWOW64\ieui.dll
2011-06-16 18:57:00 ----A---- C:\windows\SYSWOW64\iertutil.dll
2011-06-16 18:57:00 ----A---- C:\windows\system32\iertutil.dll
2011-06-16 18:56:59 ----A---- C:\windows\system32\jscript9.dll
2011-06-16 18:56:59 ----A---- C:\windows\system32\ieui.dll
2011-06-16 18:56:58 ----A---- C:\windows\SYSWOW64\jscript9.dll
2011-06-16 18:56:58 ----A---- C:\windows\SYSWOW64\jscript.dll
2011-06-16 18:56:57 ----A---- C:\windows\system32\jscript.dll
2011-06-16 18:56:56 ----A---- C:\windows\SYSWOW64\urlmon.dll
2011-06-16 18:56:56 ----A---- C:\windows\system32\urlmon.dll
2011-06-16 18:56:55 ----A---- C:\windows\SYSWOW64\mshtml.dll
2011-06-16 18:56:51 ----A---- C:\windows\SYSWOW64\ieframe.dll
2011-06-16 18:56:51 ----A---- C:\windows\system32\mshtml.dll
2011-06-16 18:56:51 ----A---- C:\windows\system32\ieframe.dll
2011-06-16 18:43:49 ----D---- C:\Program Files\Common Files\DESIGNER
2011-06-16 18:40:18 ----D---- C:\Program Files\Microsoft Office
2011-06-16 18:40:04 ----RHD---- C:\MSOCache
2011-06-16 17:30:14 ----D---- C:\Program Files (x86)\Adobe

======List of files/folders modified in the last 1 months======

2011-07-08 22:40:01 ----D---- C:\windows\Prefetch
2011-07-08 22:35:27 ----A---- C:\windows\SYSWOW64\log.txt
2011-07-08 22:33:38 ----D---- C:\windows\TEMP
2011-07-08 22:33:35 ----D---- C:\windows\system32\config
2011-07-08 22:33:25 ----D---- C:\ProgramData\NVIDIA
2011-07-08 22:32:11 ----D---- C:\Program Files (x86)\PHotkey
2011-07-08 22:32:10 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-07-08 22:02:55 ----D---- C:\Windows
2011-07-08 17:00:07 ----D---- C:\windows\system32\LogFiles
2011-07-08 16:48:20 ----D---- C:\Program Files\CCleaner
2011-07-08 16:06:18 ----D---- C:\windows\system32
2011-07-08 16:06:18 ----D---- C:\windows\inf
2011-07-08 16:06:18 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-07-08 16:06:11 ----D---- C:\windows\system32\wbem
2011-07-07 20:44:01 ----D---- C:\Users\Budo\AppData\Roaming\FileZilla
2011-07-07 20:43:47 ----D---- C:\Users\Budo\AppData\Roaming\.purple
2011-07-06 21:59:43 ----D---- C:\Users\Budo\AppData\Roaming\Dropbox
2011-07-06 19:24:04 ----D---- C:\ProgramData\Adobe
2011-07-04 17:06:02 ----D---- C:\windows\SysWOW64
2011-07-04 17:05:46 ----SHD---- C:\windows\Installer
2011-07-04 16:59:51 ----RD---- C:\Program Files (x86)
2011-07-04 16:23:25 ----D---- C:\Users\Budo\AppData\Roaming\uTorrent
2011-07-04 16:08:13 ----D---- C:\windows\system32\DriverStore
2011-07-04 16:08:13 ----D---- C:\windows\system32\catroot
2011-07-04 16:08:05 ----D---- C:\windows\winsxs
2011-07-04 13:14:59 ----D---- C:\windows\system32\drivers
2011-07-04 13:07:13 ----D---- C:\windows\system32\Tasks
2011-07-04 12:54:18 ----D---- C:\windows\system32\drivers\UMDF
2011-07-04 12:52:10 ----HD---- C:\ProgramData
2011-07-04 12:50:10 ----D---- C:\Program Files (x86)\Common Files
2011-07-04 12:49:41 ----RD---- C:\Program Files
2011-07-03 17:13:37 ----D---- C:\Users\Budo\AppData\Roaming\gtk-2.0
2011-07-02 22:05:36 ----D---- C:\Users\Budo\AppData\Roaming\vlc
2011-06-30 20:16:40 ----D---- C:\windows\Tasks
2011-06-30 18:37:42 ----D---- C:\windows\system32\NDF
2011-06-30 18:03:39 ----D---- C:\windows\Microsoft.NET
2011-06-30 18:03:30 ----RSD---- C:\windows\assembly
2011-06-30 17:44:53 ----D---- C:\ProgramData\Microsoft Help
2011-06-29 11:20:19 ----RSD---- C:\windows\Fonts
2011-06-28 11:20:53 ----D---- C:\Program Files (x86)\Opera
2011-06-27 08:52:07 ----D---- C:\windows\Logs
2011-06-25 09:28:16 ----SD---- C:\Users\Budo\AppData\Roaming\Microsoft
2011-06-22 13:30:17 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2011-06-21 17:55:58 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-06-19 23:49:15 ----D---- C:\windows\debug
2011-06-19 23:48:05 ----D---- C:\windows\SYSWOW64\drivers
2011-06-18 10:47:31 ----D---- C:\Program Files (x86)\MSBuild
2011-06-17 09:48:41 ----D---- C:\windows\SYSWOW64\NV
2011-06-17 09:48:41 ----D---- C:\windows\system32\NV
2011-06-17 09:08:28 ----D---- C:\Users\Budo\AppData\Roaming\Adobe
2011-06-16 19:04:41 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-06-16 19:03:25 ----D---- C:\Program Files\Internet Explorer
2011-06-16 19:03:25 ----D---- C:\Program Files (x86)\Internet Explorer
2011-06-16 19:01:16 ----A---- C:\windows\system32\MRT.exe
2011-06-16 18:58:42 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-06-16 18:43:49 ----D---- C:\Program Files\Common Files
2011-06-16 18:40:39 ----D---- C:\windows\ShellNew
2011-06-16 18:40:18 ----SD---- C:\ProgramData\Microsoft
2011-06-16 17:37:59 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-06-16 17:18:14 ----D---- C:\windows\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2011-04-20 56304]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-12 439320]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2010-12-24 25960]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2011-05-08 867824]
R0 VVBackd5;VVBackd5; C:\windows\system32\drivers\VVBackd5.sys [2010-01-05 151128]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-05-02 254528]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2011-04-20 146432]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2011-04-20 34704]
R1 StarPortLite;StarPort Storage Controller (Lite); C:\windows\system32\DRIVERS\StarPortLite.sys [2009-03-02 118888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2011-04-27 199992]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2011-04-20 182976]
R2 HCDisk;HCDisk; C:\windows\system32\drivers\HCDisk.sys [2011-01-05 66136]
R2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\PHotkey\PEGAGFN.sys [2010-12-10 14344]
R3 acpials;ALS Sensor Filter; C:\windows\system32\DRIVERS\acpials.sys [2009-07-14 9728]
R3 ALSysIO;ALSysIO; \??\C:\Users\Budo\AppData\Local\Temp\ALSysIO64.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2010-11-23 1579520]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2011-01-28 1581184]
R3 fspad_win764;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_win764; C:\windows\system32\DRIVERS\fspad_win764.sys [2011-03-11 67072]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-03-26 12262336]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-11-08 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-07-27 78848]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-07-27 180224]
S3 AmUStor;AM USB Stroage Driver; C:\windows\system32\drivers\AmUStor.SYS []
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
S3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2010-11-20 552448]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2010-11-20 80384]
S3 cpuz135;cpuz135; \??\C:\windows\TEMP\cpuz135\cpuz135_x64.sys []
S3 FARMNTIO;FARMNTIO; \??\c:\windows\system32\drivers\farmntio.sys [2010-06-03 24152]
S3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64; C:\windows\system32\DRIVERS\fspad_wlh64.sys [2010-11-08 68608]
S3 MGHwCtrl;MGHwCtrl; \??\c:\Utility\Silent\MGHwCtrl.sys []
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\msi\Live Update 5\msibios64_100507.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2011-05-18 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2011-05-18 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsucx64.sys [2011-05-18 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsux64.sys [2011-05-18 171008]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\msi\Live Update 5\NTIOLib_X64.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-05-18 9216]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-05-18 9216]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\windows\System32\DRIVERS\vserial.sys []
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [2010-12-10 104968]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2010-12-17 198784]
R2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [2010-12-10 159752]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvvsvc.exe [2010-12-23 993896]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-12-24 1997416]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-12-23 378984]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe []
S3 DriveClone Network Client IBP;DriveClone Network Client IBP; C:\Program Files\Time Stamp\IBP\fsloader.exe [2009-08-18 126976]
S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Smart Security\EShaSrv.exe []
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-12-28 51727736]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-05-03 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S4 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]

-----------------EOF-----------------

[Budovi]

info.txt logfile of random's system information tool 1.08 2011-06-16 21:19:13

======Uninstall list======

-->C:\Program Files\Conexant\CxAudMsg\SETUP64.EXE -U -ICxAudMsg
-->C:\Program Files\Conexant\SAII\SETUP64.EXE -U -ISAII -SM=SmartAudio.EXE,1801
µTorrent-->"D:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
7-Zip 9.20 (x64 edition)-->MsiExec.exe /I{23170F69-40C1-2702-0920-000001000000}
Adobe Flash Player 10 ActiveX-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil10t_Plugin.exe -maintain plugin
Adobe Reader X (10.1.0) - Slovak-->MsiExec.exe /I{AC76BA86-7AD7-1051-7B44-AA1000000001}
Aktualizácia balíka Microsoft Outlook Social Connector (KB2441641)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-041B-1000-0000000FF1CE}" "{B6414F29-31D6-4915-8FDA-66B69841AC13}" "1051" "0"
Astroburn Lite-->C:\Program Files (x86)\Astroburn Lite\uninst.exe
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0009 -removeonly
BurnRecovery-->C:\Program Files (x86)\InstallShield Installation Information\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}\setup.exe -runfromtemp -l0x0009 -removeonly
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU64a.exe -U -G -IMasCC2wa.inf
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Definition update for Microsoft Office 2010 (KB982726)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{D3F93D50-A2B8-4386-AA58-0D84E3F4AF06}" "1051" "0"
EasyFace2-->C:\Program Files (x86)\InstallShield Installation Information\{94DE7548-E449-4F7D-804F-0C5CDC3A1E6A}\setup.exe -runfromtemp -l0x0009 -removeonly
EasyViewer-->"C:\Program Files (x86)\InstallShield Installation Information\{EECD7B96-1416-4D3A-B12D-0D2512120C36}\setup.exe" -runfromtemp -l0x0409 -removeonly
EasyViewer-->MsiExec.exe /X{EECD7B96-1416-4D3A-B12D-0D2512120C36}
Euro Truck Simulator-->D:\Program Files (x86)\Euro Truck Simulator\Uninstal_EuroTruckSimulator.exe
FileZilla Client 3.4.0-->D:\Program Files (x86)\FileZilla FTP Client\uninstall.exe
Finger Sensing Pad Driver-->rundll32.exe C:\windows\system32\fspadco.dll,Run remove
Guifications Plugin (remove only)-->D:\Program Files (x86)\Pidgin\pidgin-guifications-uninst.exe
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Java(TM) 6 Update 25-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216025FF}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Microsoft .NET Framework 4 Client Profile-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Office Access MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0015-041B-1000-0000000FF1CE}
Microsoft Office Excel MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0016-041B-1000-0000000FF1CE}
Microsoft Office Groove MUI (Slovak) 2010-->MsiExec.exe /X{90140000-00BA-041B-1000-0000000FF1CE}
Microsoft Office InfoPath MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0044-041B-1000-0000000FF1CE}
Microsoft Office Office 32-bit Components 2010-->MsiExec.exe /X{90140000-0043-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Slovak) 2010-->MsiExec.exe /X{90140000-00A1-041B-1000-0000000FF1CE}
Microsoft Office Outlook MUI (Slovak) 2010-->MsiExec.exe /X{90140000-001A-041B-1000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0018-041B-1000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{91140000-0011-0000-1000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-1000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-1000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-1000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2010-->MsiExec.exe /X{90140000-001F-040E-1000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-1000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2010-->MsiExec.exe /X{90140000-002C-041B-1000-0000000FF1CE}
Microsoft Office Publisher MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0019-041B-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0043-041B-1000-0000000FF1CE}
Microsoft Office Shared MUI (Slovak) 2010-->MsiExec.exe /X{90140000-006E-041B-1000-0000000FF1CE}
Microsoft Office Word MUI (Slovak) 2010-->MsiExec.exe /X{90140000-001B-041B-1000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570-->MsiExec.exe /X{8338783A-0968-3B85-AFC7-BAAE0A63DC50}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Mozilla Firefox 4.0.1 (x86 sk)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Need for Speed Underground 2-->D:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\EAUninstall.exe
Notepad++-->C:\Program Files (x86)\Notepad++\uninstall.exe
NVIDIA Grafický ovládač 266.39-->"C:\windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.2\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Ovládač 3D Vision 266.39-->"C:\windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.2\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
Opera 11.11-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall
PC Sound-->MsiExec.exe /X{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}
PHotkey-->C:\Program Files (x86)\InstallShield Installation Information\{24047BE4-329D-46F7-9689-8684C7A1CFBB}\setup.exe -runfromtemp -l0x0009 -removeonly
Pidgin-->D:\Program Files (x86)\Pidgin\pidgin-uninst.exe
Renesas Electronics USB 3.0 Host Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{5442DAB8-7177-49E1-8B22-09A049EA5996}\setup.exe" -runfromtemp -l0x0409 -removeonly
Renesas Electronics USB 3.0 Host Controller Driver-->MsiExec.exe /X{5442DAB8-7177-49E1-8B22-09A049EA5996}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Security Update for Microsoft Excel 2010 (KB2523021)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{603B88C1-5E1A-4F7A-B21B-0616F755DB5D}" "1051" "0"
Security Update for Microsoft InfoPath 2010 (KB2510065)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{51C1DE08-35BE-469A-AD3E-8140D2F68CC1}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2289078)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{416C3BAC-567F-4E84-9E3B-E98970E2603B}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2289161)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{B3DFFE7D-FAA1-4B0D-AB1A-AF140A56BD84}" "1051" "0"
Security Update for Microsoft PowerPoint 2010 (KB2519975)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{5E1328DB-EA1D-4FDB-B2FA-84CD56D9C19A}" "1051" "0"
Security Update for Microsoft Publisher 2010 (KB2409055)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{DED7FBC4-7528-4C64-9F94-8174AC522A33}" "1051" "0"
Security Update for Microsoft Word 2010 (KB2345000)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{FAE58C3D-8C0C-41D7-B95B-507B84ACB0C6}" "1051" "0"
StarBurn Version 12r10 (Build 0x20091021)-->"D:\Program Files (x86)\StarBurn\unins000.exe"
Time Stamp-->C:\Program Files\Time Stamp\UnInstall.exe
Update for Microsoft Office 2010 (KB2202188)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{139222A0-48AF-44FF-BC3B-2112086FAF18}" "1051" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{276D6229-D1A9-4A22-BD8A-7E043897E230}" "1051" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{B4B16F09-574E-448C-BC90-DC8DF2ECA01E}" "1051" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{BC4F8B0E-191C-4226-8016-01EF1D0294FF}" "1051" "0"
Update for Microsoft Office 2010 (KB2494150)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{428CB7A0-1068-4CE1-8835-39C7ECD297ED}" "1051" "0"
Update for Microsoft Office 2010 (KB2523113)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{D4E279E2-7885-4150-B565-DBAB14C590D0}" "1051" "0"
Update for Microsoft Office 2010 (KB2523113)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{D4E279E2-7885-4150-B565-DBAB14C590D0}" "1051" "0"
Update for Microsoft OneNote 2010 (KB2493983)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{FED950AB-20E9-426D-8A7D-60A110F291AB}" "1051" "0"
Update for Microsoft Outlook Social Connector (KB2441641)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{AEE4CC56-C18F-4ED6-BFD0-2D5FFB94DE9F}" "1051" "0"
VLC media player 1.1.9-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Windows 7 Manager-->MsiExec.exe /I{D2E781EB-4B2D-4C30-AC34-6BC1BDD776B7}
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}
Windows Live Fotogaléria-->MsiExec.exe /X{97F77D62-5110-4FA3-A2D3-410B92D31199}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1B8ABA62-74F0-47ED-B18C-A43128E591B8}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{FA6CF94F-DACF-4FE7-959D-55C421B91B17}
Windows Live Messenger-->MsiExec.exe /X{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}
Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}
Windows Live Photo Common-->MsiExec.exe /X{6F37D92B-41AA-44B7-80D2-457ABDE11896}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live PIMT Platform-->MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live Sync-->MsiExec.exe /X{28456131-01CD-4BE4-8D67-BDBDD1ED636A}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{02C0A02E-AB30-446C-B4C3-A03310D95F53}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}
Windows Live Writer-->MsiExec.exe /X{11778DA1-0495-4ED9-972F-F9E0B0367CD5}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR 4.00 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
XW204E-->"C:\Program Files (x86)\InstallShield Installation Information\{5BFF7DE6-C3F0-40F8-AC32-75D628E46C6B}\setup.exe" -runfromtemp -l0x0409

======System event log======

Computer Name: Budo-MSI
Event Code: 11
Message: Načítavajú sa vlastné knižnice dynamických prepojení pre všetky aplikácie. Správca systému by mal skontrolovať zoznam knižníc a zistiť, či patria dôveryhodným aplikáciám.
Record Number: 1755
Source Name: Microsoft-Windows-Wininit
Time Written: 20110502140331.430059-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Budo-MSI
Event Code: 219
Message: The driver \Driver\WUDFRd failed to load for the device ACPI\ACPI0008\2&daba3ff&2.
Record Number: 1749
Source Name: Microsoft-Windows-Kernel-PnP
Time Written: 20110502140307.125216-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Budo-MSI
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.

Record Number: 1731
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20110502140240.617499-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Budo-MSI
Event Code: 11
Message: Načítavajú sa vlastné knižnice dynamických prepojení pre všetky aplikácie. Správca systému by mal skontrolovať zoznam knižníc a zistiť, či patria dôveryhodným aplikáciám.
Record Number: 1630
Source Name: Microsoft-Windows-Wininit
Time Written: 20110503045536.375650-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Budo-MSI
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.

Record Number: 1606
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20110327064409.867362-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: Budo-MSI
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 581
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20110502140815.116557-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: Budo-MSI
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 579
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20110502140814.960557-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: Budo-MSI
Event Code: 3086
Message: The system locale has changed. Existing data will be deleted and the index must be recreated.

Context: Application, SystemIndex Catalog

Record Number: 535
Source Name: Microsoft-Windows-Search
Time Written: 20110502140608.000000-000
Event Type: Warning
User:

Computer Name: Budo-MSI
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 511
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20110502140152.397814-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: Budo-MSI
Event Code: 1008
Message: Služba Windows Search sa spúšťa a pokúša sa odstrániť starý index hľadania. {Dôvod: Full Index Reset}.

Record Number: 504
Source Name: Microsoft-Windows-Search
Time Written: 20110503050114.000000-000
Event Type: Warning
User:

=====Security event log=====

Computer Name: WIN-DEEMF1M9I27
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 637
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110327064405.592955-000
Event Type: Audit Success
User:

Computer Name: WIN-DEEMF1M9I27
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: WIN-DEEMF1M9I27$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x278
Process Name: C:\Windows\system32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 636
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110327064405.592955-000
Event Type: Audit Success
User:

Computer Name: WIN-DEEMF1M9I27
Event Code: 4738
Message: A user account was changed.

Subject:
Security ID: S-1-5-21-1554982330-1077266817-2899125201-500
Account Name: Administrator
Account Domain: WIN-DEEMF1M9I27
Logon ID: 0x24c0d

Target Account:
Security ID: S-1-5-21-1554982330-1077266817-2899125201-500
Account Name: Administrator
Account Domain: WIN-DEEMF1M9I27

Changed Attributes:
SAM Account Name: -
Display Name: -
User Principal Name: -
Home Directory: -
Home Drive: -
Script Path: -
Profile Path: -
User Workstations: -
Password Last Set: -
Account Expires: -
Primary Group ID: -
AllowedToDelegateTo: -
Old UAC Value: 0x210
New UAC Value: 0x211
User Account Control:
Account Disabled
User Parameters: -
SID History: -
Logon Hours: -

Additional Information:
Privileges: -
Record Number: 635
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110327064400.710146-000
Event Type: Audit Success
User:

Computer Name: WIN-DEEMF1M9I27
Event Code: 4725
Message: A user account was disabled.

Subject:
Security ID: S-1-5-21-1554982330-1077266817-2899125201-500
Account Name: Administrator
Account Domain: WIN-DEEMF1M9I27
Logon ID: 0x24c0d

Target Account:
Security ID: S-1-5-21-1554982330-1077266817-2899125201-500
Account Name: Administrator
Account Domain: WIN-DEEMF1M9I27
Record Number: 634
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110327064400.710146-000
Event Type: Audit Success
User:

Computer Name: WIN-DEEMF1M9I27
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-1554982330-1077266817-2899125201-500
Account Name: Administrator
Domain Name: WIN-DEEMF1M9I27
Logon ID: 0x24c0d
Record Number: 633
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110327064355.515337-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"configsetroot"=%SystemRoot%\ConfigSetRoot

-----------------EOF-----------------

[chodnik74]

Dobrý den
pohledáme zatím havěť..

Malwarebytes' Anti-Malware

• Stáhneme,nainstalujeme a spustíme(pokud si nevíte rady jak,klikněte ZDE)
• Vybereme Úplná kontrola a klikneme na tlačítko Prohledat
• Program provede kontrolu počítače a na konci se vám objeví hláska,že bylo skenování dokončeno,tak potvrdíme tlačítkem OK
• Objeví se vám log,který mi sem vložte
• NIC NEMAZAT!!Program mívá občas falešné detekce,takže mazat budeme až po konzultaci

[chodnik74]

Poté oprava zbytečností a neplatných záznamů..

Otevřeme si Poznámkový blok

• (stiskneme klávesovou kombinaci WIN+R a napíšeme ,,notepad,, bez úvozovek a dáme enter)
• Vložíme do něj následující script:

  Kód: Vybrat vše

  Windows Registry Editor Version 5.00
  
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{EFEED92A-A33D-4873-BA8F-32BAA631E54D}"=-
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "IgfxTray"=-
  "Persistence"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  ""=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
  

• Soubor uložíme jako oprava.reg (při ukládání nastavte Uložit jako typ:Všechny soubory)
• Poté tento soubor spustíme a potvrdíme

TFC

• Stáhneme a spustíme program
• Klikneme na Start a potvrdíme OK
• Program začne uklízet,poté restartuje pc
• po použití program smažte

[Budovi]

Už sa na tom maká... Malwarebytes chvíľu potrvá, ináč som ho používal občas aj v minulosti, tak som len aktualizoval databázu a scan...

Robil som aj kontrolu integrity súborov systému a aj chkdsk bez výsledku, to len pre info

Zatiaľ... Čo si myslíte o BitDefender IS? Na celkom dobré výsledky majú prijateľné ceny (na rozdiel napr. od NIS)

[Budovi]

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Verzia databázy: 7056

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

9. 7. 2011 9:37:34
mbam-log-2011-07-09 (09-37-34).txt

Typ kontroly: Úplná kontrola (C:\|D:\|)
Objektov kontrolovaných: 329279
Uplynutý čas: 37 min, 51 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
(Škodlivé položky neboli zistené)

Pokračujem...

[chodnik74]

paráda

BitDefender IS jsem zatím nezkoušel..Ale myslím,že nemájí podporu češtiny,takže pouze anglicky..Máme zde recenzi na IS 10(nyní je již 11)

http://www.viry.cz/forum/viewtopic.php?f=29&t=45723

[Budovi]

Hotovo

• Zas sa zopakoval "reset mozilly" (ale to asi tiež preinštalujem už nemám čo stratiť)
• Niektoré ďalšie programy majú akoby poškodené komponenty
• PHotkey - utilita pre môj ntb na funkcie tlačidla FN stále nefunguje ani po reinštalácii
• Mám pocit že som v časovej slučke, po každom reštarte sa mi späť posunie ikona CCleaner po ploche
• No a stále mám niečo s plochou a tým sidebarom

Čím ďalej tým viac to vyzerá tak, že toto všetko spôsobilo to isté, čo spôsobilo aj deštrukciu ESETu... Ale čo?!

[chodnik74]

Zkusíme spustit Combofix,ten by nám měl ukázat havěť,chybějící nebo poškozené systémové soubory..

Program nepoužívejte bez doporučení Rádce a pozorně se řiďte následujících pokynu,protože program netoleruje chyby a může dojít k úplnému poškození systému!!

• Stáhneme si Combofix
• Program uložíme nejlépe na Plochu
• Vypneme všechny rezidentní štíty.Jak antiviru,tak antispywaru a firewallu
• Vypneme všechny běžící aplikace (ICQ,prohlížeč,programy) a necháme pouze Combofix
• Spustíme Combofix.exe s administrátorským oprávněním
  U Windows XP se přihlásíme pod účtem správce
  Ve Windows 7 a Vista klikněte pravým tlačítkem myši na Combofix.exe a dejte ,,Spustit jako správce,,)
• Hned po startu programu na vás vyskočí licenční podmínky,tak potvrdíme tlačítkemANO
• Pokud vám Combofix nabídne instalaci Konzoly pro zotavení,tak souhlaste a nechte nainstalovat(zde je potřeba aktivní připojení na internet)
• Pokračujte dle pokynů programu a během skenování na nic neklikejte,na pc nepracujte(ICQ,jiné aplikace,internet..).Nechte počítač v klidu.
• Celý sken tvá mezi 5-15 min,ale pokud je v PC hodně havěti,tak se čas může lišit.
• Po skončení skenování(případném restartu počítače) se vám zobrazí log z Combofixu,který mi vložte sem(Kdyby se log nezobrazil,tak jej najdete zde: C:\ComboFix.txt
• (Pokud si nevíte rady s kterýmkoliv z výše uvedených kroků,tak se ptejte nebo mrkněte na detailnější návod včetně obrázků http://www.bleepingcomputer.com/combofi ... t-combofix )

[Budovi]

Úchylne pomalá tvorba výpisu som myslel že ma ....

Chyby pri tvorbe bodu obnovy, a objavili sa aj na konci:

To isté pre \ComboFix\HIV\SOFTWARE a aj \ComboFix\HIV\Users\00000004\UsrClass.dat

Počas behu kontroly 3x prestal pracovať Handle viewer

log príde v ďalšom príspevku alebo ho niekde upnem ešte neviem aký dlhý je

[Budovi]

ComboFix 11-07-08.03 - Budo . 07. 2011 10:31:23.1.4 - x64
Running from: C:\Users\Budo\Desktop\ComboFix.exe
* Created a new restore point


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\windows\system32\FD.dll


((((((((((((((((((((((((( Files Created from 2011-06-09 to 2011-07-09 )))))))))))))))))))))))))))))))


2011-07-09 08:59:59 . 2011-07-09 08:59:59 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp
2011-07-09 08:59:59 . 2011-07-09 08:59:59 -------- d-----w- C:\Users\Default\AppData\Local\temp
2011-07-09 08:28:33 . 2011-07-09 08:28:53 -------- d-----w- C:\32788R22FWJFW
2011-07-05 06:38:18 . 2011-06-07 17:10:37 8873296 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E30862DA-CEE7-49A9-ADD9-2A3AE900D2EB}\mpengine.dll
2011-07-04 10:56:34 . 2011-07-04 10:56:34 -------- d-----w- C:\Users\Budo\AppData\Roaming\Nokia Ovi Suite
2011-07-04 10:56:33 . 2011-07-04 10:56:33 -------- d-----w- C:\Users\Budo\AppData\Roaming\Nokia
2011-07-04 10:52:13 . 2011-07-04 10:52:21 -------- d-----w- C:\Users\Budo\AppData\Local\Nokia
2011-07-04 10:52:10 . 2011-07-04 10:54:17 -------- d-----w- C:\ProgramData\PC Suite
2011-07-04 10:52:09 . 2011-07-04 10:56:15 -------- d-----w- C:\Users\Budo\AppData\Roaming\PC Suite
2011-07-04 10:50:10 . 2011-07-04 15:05:25 -------- d-----w- C:\Program Files (x86)\Common Files\Nokia
2011-07-04 10:49:41 . 2011-07-04 10:49:42 -------- d-----w- C:\Program Files\DIFX
2011-07-04 10:49:41 . 2008-08-28 10:44:42 25600 ----a-w- C:\windows\system32\drivers\pccsmcfdx64.sys
2011-07-04 10:49:37 . 2011-07-04 10:49:41 -------- dc----w- C:\windows\system32\DRVSTORE
2011-07-04 10:49:27 . 2011-07-04 10:49:29 -------- d-----w- C:\Program Files (x86)\PC Connectivity Solution
2011-06-30 15:39:04 . 2011-06-30 15:39:04 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help
2011-06-25 07:28:25 . 2011-06-25 07:28:25 -------- d-----w- C:\Users\Budo\AppData\Local\3DVIA
2011-06-25 07:28:15 . 2011-06-25 07:28:15 -------- d-----w- C:\ProgramData\3DVIA
2011-06-25 07:28:14 . 2007-07-19 16:14:42 3727720 ----a-w- C:\windows\SysWow64\d3dx9_35.dll
2011-06-25 07:28:14 . 2006-09-28 14:05:20 2414360 ----a-w- C:\windows\SysWow64\d3dx9_31.dll
2011-06-25 07:28:12 . 2011-06-25 07:36:20 -------- d-----w- C:\Program Files (x86)\Virtools
2011-06-22 11:43:55 . 2011-06-22 11:43:55 -------- d-----w- C:\Users\Budo\AppData\Roaming\NVIDIA
2011-06-22 11:35:59 . 2011-06-22 11:35:59 -------- d-----w- C:\ProgramData\Futuremark
2011-06-22 11:30:08 . 2011-06-22 11:30:08 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2011-06-22 11:24:32 . 2010-05-26 09:41:02 470880 ----a-w- C:\windows\SysWow64\d3dx10_43.dll
2011-06-22 11:24:32 . 2010-05-26 09:41:02 2106216 ----a-w- C:\windows\SysWow64\D3DCompiler_43.dll
2011-06-21 15:55:57 . 2011-06-21 15:55:58 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2011-06-21 15:55:57 . 2011-06-21 15:55:57 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll
2011-06-20 16:00:31 . 2011-06-20 16:00:37 -------- d-----w- C:\Program Files\Defraggler
2011-06-19 21:48:14 . 2011-06-19 21:48:14 -------- d-----w- C:\Users\Budo\AppData\Roaming\Malwarebytes
2011-06-19 21:48:05 . 2011-05-29 07:11:30 39984 ----a-w- C:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-19 21:48:04 . 2011-06-19 21:48:04 -------- d-----w- C:\ProgramData\Malwarebytes
2011-06-19 21:48:01 . 2011-05-29 07:11:20 25912 ----a-w- C:\windows\system32\drivers\mbam.sys
2011-06-19 20:56:37 . 2011-06-19 20:56:37 -------- d-----w- C:\ProgramData\Nokia
2011-06-19 20:52:46 . 2011-07-04 15:05:25 -------- d-----w- C:\Program Files (x86)\Nokia
2011-06-19 20:52:46 . 2008-02-01 14:17:32 66560 ----a-w- C:\windows\system32\nmwcdclsX64.dll
2011-06-19 19:24:57 . 2011-06-19 19:24:57 -------- d-----w- C:\Users\Budo\AppData\Local\Symbian-Toys.com
2011-06-19 19:12:32 . 2011-06-20 18:10:46 -------- d-----w- C:\Users\Budo\AppData\Roaming\Skype
2011-06-19 19:12:20 . 2011-06-19 19:12:24 -------- d-----w- C:\ProgramData\Skype
2011-06-18 12:17:46 . 2011-01-04 23:18:46 66136 ----a-w- C:\windows\system32\drivers\HCDisk.sys
2011-06-18 12:17:46 . 2010-01-05 17:26:42 151128 ----a-w- C:\windows\system32\drivers\VvBackd5.sys
2011-06-18 12:16:57 . 2011-06-18 14:00:08 -------- d-----w- C:\Program Files\Time Stamp
2011-06-18 09:00:42 . 2011-07-04 10:49:38 -------- d-----w- C:\windows\system32\catroot2
2011-06-17 12:04:25 . 2011-06-17 12:04:25 -------- d-----w- C:\Users\Budo\AppData\Roaming\Atari
2011-06-17 12:01:05 . 2011-06-17 12:01:05 -------- d-----w- C:\Users\Budo\AppData\Roaming\Leadertech
2011-06-17 11:53:43 . 2005-04-03 21:02:58 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2011-06-17 11:53:43 . 2005-04-03 21:02:24 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2011-06-17 11:53:43 . 2005-04-03 21:01:28 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2011-06-17 11:53:43 . 2005-04-03 21:00:52 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2011-06-17 11:53:43 . 2005-04-03 21:00:26 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2011-06-17 11:53:43 . 2005-04-03 20:59:52 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-06-17 11:53:43 . 2005-04-03 20:57:16 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-06-17 11:53:42 . 2011-06-17 11:53:42 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2011-06-17 11:53:42 . 2011-06-17 11:53:42 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2011-06-16 21:01:59 . 2011-05-03 05:29:29 976896 ----a-w- C:\windows\system32\inetcomm.dll
2011-06-16 21:01:59 . 2011-05-03 04:30:02 741376 ----a-w- C:\windows\SysWow64\inetcomm.dll
2011-06-16 21:01:35 . 2011-04-27 02:40:40 158208 ----a-w- C:\windows\system32\drivers\mrxsmb.sys
2011-06-16 21:01:35 . 2011-04-27 02:39:40 289280 ----a-w- C:\windows\system32\drivers\mrxsmb10.sys
2011-06-16 21:01:35 . 2011-04-27 02:39:37 128000 ----a-w- C:\windows\system32\drivers\mrxsmb20.sys
2011-06-16 21:01:11 . 2011-04-29 03:05:37 168448 ----a-w- C:\windows\system32\drivers\srvnet.sys
2011-06-16 21:01:10 . 2011-04-29 03:06:10 467456 ----a-w- C:\windows\system32\drivers\srv.sys
2011-06-16 21:01:10 . 2011-04-29 03:05:49 410112 ----a-w- C:\windows\system32\drivers\srv2.sys
2011-06-16 21:00:37 . 2011-05-28 03:06:58 3135488 ----a-w- C:\windows\system32\win32k.sys
2011-06-16 20:56:16 . 2011-04-25 05:33:51 1923968 ----a-w- C:\windows\system32\drivers\tcpip.sys
2011-06-16 20:56:16 . 2011-04-25 02:34:03 499200 ----a-w- C:\windows\system32\drivers\afd.sys
2011-06-16 20:51:57 . 2011-02-25 06:22:22 861696 ----a-w- C:\windows\system32\oleaut32.dll
2011-06-16 20:51:57 . 2011-02-25 05:34:36 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll
2011-06-16 19:19:00 . 2011-07-08 20:43:00 -------- d-----w- C:\Program Files\trend micro
2011-06-16 19:19:00 . 2011-06-16 19:19:13 -------- d-----w- C:\rsit
2011-06-16 16:57:02 . 2011-04-23 01:19:19 2382848 ----a-w- C:\windows\system32\mshtml.tlb
2011-06-16 16:57:02 . 2011-04-22 23:25:54 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2011-06-16 16:57:01 . 2011-04-25 16:41:37 174384 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2011-06-16 16:57:01 . 2011-04-25 15:29:22 141104 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2011-06-16 16:56:59 . 2011-04-23 01:29:25 2303488 ----a-w- C:\windows\system32\jscript9.dll
2011-06-16 16:56:58 . 2011-04-22 23:35:56 1797632 ----a-w- C:\windows\SysWow64\jscript9.dll
2011-06-16 16:40:04 . 2011-06-16 16:40:04 -------- d-----r- C:\MSOCache
2011-06-16 15:30:14 . 2011-06-16 15:30:22 -------- d-----w- C:\Program Files (x86)\Common Files\Adobe
.


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2011-06-17 01:01:01 . 2011-05-25 22:03:10 152960 ----a-w- C:\windows\system32\drivers\ksecpkg.sys
2011-06-16 15:29:40 . 2011-05-16 20:12:57 404640 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-26 13:19:26 . 2009-07-14 02:36:51 175616 ----a-w- C:\windows\system32\msclmd.dll
2011-05-26 13:19:26 . 2009-07-14 02:36:51 152576 ----a-w- C:\windows\SysWow64\msclmd.dll
2011-05-24 17:14:10 . 2011-06-03 19:36:46 270720 ------w- C:\windows\system32\MpSigStub.exe
2011-05-23 21:20:05 . 2011-05-11 17:07:28 472808 ----a-w- C:\windows\SysWow64\deployJava1.dll
2011-05-23 21:13:33 . 2011-05-23 21:13:45 521448 ----a-w- C:\windows\system32\deployJava1.dll
2011-05-18 08:15:26 . 2011-05-18 08:15:26 166912 ----a-w- C:\windows\system32\ccdcmbwux64.dll
2011-05-18 08:15:16 . 2011-05-18 08:15:16 640000 ----a-w- C:\windows\system32\nmwcdcoclsx64.dll
2011-05-18 08:14:22 . 2011-05-18 08:14:22 9216 ----a-w- C:\windows\system32\drivers\usbser_lowerfltjx64.sys
2011-05-18 08:14:20 . 2011-05-18 08:14:20 9216 ----a-w- C:\windows\system32\drivers\usbser_lowerfltx64.sys
2011-05-18 08:14:16 . 2011-05-18 08:14:16 27136 ----a-w- C:\windows\system32\drivers\ccdcmbox64.sys
2011-05-18 08:14:12 . 2011-05-18 08:14:12 19968 ----a-w- C:\windows\system32\drivers\ccdcmbx64.sys
2011-05-18 08:09:48 . 2011-05-18 08:09:48 1721576 ----a-w- C:\windows\system32\wdfcoinstaller01009.dll
2011-05-18 08:09:48 . 2011-05-18 08:09:48 171008 ----a-w- C:\windows\system32\drivers\nmwcdnsux64.sys
2011-05-18 08:09:48 . 2011-05-18 08:09:48 12800 ----a-w- C:\windows\system32\drivers\nmwcdnsucx64.sys
2011-05-09 21:59:41 . 2011-05-09 21:59:41 86528 ----a-w- C:\windows\SysWow64\iesysprep.dll
2011-05-09 21:59:41 . 2011-05-09 21:59:41 76800 ----a-w- C:\windows\SysWow64\SetIEInstalledDate.exe
2011-05-09 21:59:41 . 2011-05-09 21:59:41 74752 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe
2011-05-09 21:59:41 . 2011-05-09 21:59:41 74752 ----a-w- C:\windows\SysWow64\iesetup.dll
2011-05-09 21:59:41 . 2011-05-09 21:59:41 63488 ----a-w- C:\windows\SysWow64\tdc.ocx
2011-05-09 21:59:41 . 2011-05-09 21:59:41 48640 ----a-w- C:\windows\SysWow64\mshtmler.dll
2011-05-09 21:59:41 . 2011-05-09 21:59:41 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2011-05-09 21:59:41 . 2011-05-09 21:59:41 367104 ----a-w- C:\windows\SysWow64\html.iec
2011-05-09 21:59:41 . 2011-05-09 21:59:41 35840 ----a-w- C:\windows\SysWow64\imgutil.dll
2011-05-09 21:59:41 . 2011-05-09 21:59:41 23552 ----a-w- C:\windows\SysWow64\licmgr10.dll
2011-05-09 21:59:41 . 2011-05-09 21:59:41 161792 ----a-w- C:\windows\SysWow64\msls31.dll
2011-05-09 21:59:41 . 2011-05-09 21:59:41 152064 ----a-w- C:\windows\SysWow64\wextract.exe
2011-05-09 21:59:41 . 2011-05-09 21:59:41 150528 ----a-w- C:\windows\SysWow64\iexpress.exe
2011-05-09 21:59:41 . 2011-05-09 21:59:41 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2011-05-09 21:59:41 . 2011-05-09 21:59:41 1427456 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2011-05-09 21:59:41 . 2011-05-09 21:59:41 11776 ----a-w- C:\windows\SysWow64\mshta.exe
2011-05-09 21:59:41 . 2011-05-09 21:59:41 1126912 ----a-w- C:\windows\SysWow64\wininet.dll
2011-05-09 21:59:41 . 2011-05-09 21:59:41 110592 ----a-w- C:\windows\SysWow64\IEAdvpack.dll
2011-05-09 21:59:41 . 2011-05-09 21:59:41 101888 ----a-w- C:\windows\SysWow64\admparse.dll
2011-05-09 21:59:40 . 2011-05-09 21:59:40 91648 ----a-w- C:\windows\system32\SetIEInstalledDate.exe
2011-05-09 21:59:40 . 2011-05-09 21:59:40 89088 ----a-w- C:\windows\system32\RegisterIEPKEYs.exe
2011-05-09 21:59:40 . 2011-05-09 21:59:40 76800 ----a-w- C:\windows\system32\tdc.ocx
2011-05-09 21:59:40 . 2011-05-09 21:59:40 49664 ----a-w- C:\windows\system32\imgutil.dll
2011-05-09 21:59:40 . 2011-05-09 21:59:40 48640 ----a-w- C:\windows\system32\mshtmler.dll
2011-05-09 21:59:40 . 2011-05-09 21:59:40 222208 ----a-w- C:\windows\system32\msls31.dll
2011-05-09 21:59:40 . 2011-05-09 21:59:40 173056 ----a-w- C:\windows\system32\ieUnatt.exe
2011-05-09 21:59:40 . 2011-05-09 21:59:40 1389056 ----a-w- C:\windows\system32\wininet.dll
2011-05-09 21:59:40 . 2011-05-09 21:59:40 135168 ----a-w- C:\windows\system32\IEAdvpack.dll
2011-05-09 21:59:40 . 2011-05-09 21:59:40 12288 ----a-w- C:\windows\system32\mshta.exe
2011-05-09 21:59:40 . 2011-05-09 21:59:40 114176 ----a-w- C:\windows\system32\admparse.dll
2011-05-09 21:59:40 . 2011-05-09 21:59:40 111616 ----a-w- C:\windows\system32\iesysprep.dll
2011-05-09 21:59:39 . 2011-05-09 21:59:39 85504 ----a-w- C:\windows\system32\iesetup.dll
2011-05-09 21:59:39 . 2011-05-09 21:59:39 603648 ----a-w- C:\windows\system32\vbscript.dll
2011-05-09 21:59:39 . 2011-05-09 21:59:39 448512 ----a-w- C:\windows\system32\html.iec
2011-05-09 21:59:39 . 2011-05-09 21:59:39 30720 ----a-w- C:\windows\system32\licmgr10.dll
2011-05-09 21:59:39 . 2011-05-09 21:59:39 165888 ----a-w- C:\windows\system32\iexpress.exe
2011-05-09 21:59:39 . 2011-05-09 21:59:39 160256 ----a-w- C:\windows\system32\wextract.exe
2011-05-09 21:59:39 . 2011-05-09 21:59:39 1492992 ----a-w- C:\windows\system32\inetcpl.cpl
2011-05-05 10:23:41 . 2010-06-24 09:33:56 18328 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-02 19:52:21 . 2011-05-02 19:51:57 254528 ----a-w- C:\windows\system32\drivers\dtsoftbus01.sys
2011-04-27 11:09:04 . 2011-04-27 11:09:04 199992 ----a-w- C:\windows\system32\drivers\eamonm.sys
2011-04-22 22:15:29 . 2011-05-25 06:33:40 27520 ----a-w- C:\windows\system32\drivers\Diskdump.sys
2011-04-20 07:47:38 . 2011-04-20 07:47:38 56304 ----a-w- C:\windows\system32\drivers\epfwwfp.sys
2011-04-20 07:47:36 . 2011-04-20 07:47:36 34704 ----a-w- C:\windows\system32\drivers\EpfwLWF.sys
2011-04-20 07:47:36 . 2011-04-20 07:47:36 182976 ----a-w- C:\windows\system32\drivers\epfw.sys
2011-04-20 07:47:16 . 2011-04-20 07:47:16 146432 ----a-w- C:\windows\system32\drivers\ehdrv.sys


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12:20 94208 ----a-w- C:\Users\Budo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12:20 94208 ----a-w- C:\Users\Budo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12:20 94208 ----a-w- C:\Users\Budo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files (x86)\Windows Sidebar\sidebar.exe" [2010-11-20 12:17:41 1174016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 08:09:52 113288]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
SRS PC Sound.lnk - C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2011-1-14 1939800]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\Windows\SysWOW64\nvinit.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 11:16:28 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 12:27:14 138576]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [x]
R3 AmUStor;AM USB Stroage Driver;C:\windows\system32\drivers\AmUStor.SYS [x]
R3 BthAvrcp;Bluetooth AVRCP Profile;C:\windows\system32\DRIVERS\BthAvrcp.sys [x]
R3 cpuz135;cpuz135;C:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 DriveClone Network Client IBP;DriveClone Network Client IBP;C:\Program Files\Time Stamp\IBP\fsloader.exe [2009-08-17 22:33:10 126976]
R3 ESHASRV;ESET SHA Service;C:\Program Files\ESET\ESET Smart Security\EShaSrv.exe [x]
R3 FARMNTIO;FARMNTIO;c:\windows\system32\drivers\farmntio.sys [x]
R3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;C:\windows\system32\DRIVERS\fspad_wlh64.sys [x]
R3 MGHwCtrl;MGHwCtrl;c:\Utility\Silent\MGHwCtrl.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 22:27:52 51727736]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;C:\Program Files (x86)\msi\Live Update 5\msibios64_100507.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;C:\Program Files (x86)\msi\Live Update 5\NTIOLib_X64.sys [x]
R3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 19:20:56 174440]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 19:34:24 4925184]
R3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;C:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 10:55:28 64952]
S0 epfwwfp;epfwwfp;C:\windows\system32\DRIVERS\epfwwfp.sys [x]
S0 nvpciflt;nvpciflt;C:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;C:\windows\System32\Drivers\sptd.sys [x]
S0 VVBackd5;VVBackd5; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;C:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\windows\system32\DRIVERS\EpfwLWF.sys [x]
S1 StarPortLite;StarPort Storage Controller (Lite);C:\windows\system32\DRIVERS\StarPortLite.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 CxAudMsg;Conexant Audio Message Service;C:\windows\system32\CxAudMsg64.exe [x]
S2 eamonm;eamonm;C:\windows\system32\DRIVERS\eamonm.sys [x]
S2 GFNEXSrv;GFNEX Service;C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [2010-12-10 10:19:36 159752]
S2 HCDisk;HCDisk; [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-12-24 06:26:00 1997416]
S2 PEGAGFN;PEGAGFN;C:\Program Files (x86)\PHotkey\PEGAGFN.sys [2010-12-10 10:19:36 14344]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-12-23 16:48:02 378984]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 13:08:46 2655768]
S3 acpials;ALS Sensor Filter;C:\windows\system32\DRIVERS\acpials.sys [x]
S3 ALSysIO;ALSysIO;C:\Users\Budo\AppData\Local\Temp\ALSysIO64.sys [x]
S3 fspad_win764;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_win764;C:\windows\system32\DRIVERS\fspad_win764.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;C:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\system32\DRIVERS\nusb3xhc.sys [x]


Contents of the 'Scheduled Tasks' folder

2011-07-09 C:\windows\Tasks\Core Temp startup task.job
- D:\Program Files\Core Temp\Core Temp.exe [2011-06-25 21:06:18 . 2010-07-02 11:52:14]


--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12:20 97792 ----a-w- C:\Users\Budo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12:20 97792 ----a-w- C:\Users\Budo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12:20 97792 ----a-w- C:\Users\Budo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12:20 97792 ----a-w- C:\Users\Budo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"fspuip"="C:\Program Files\FSP\fspuip.exe" [2011-03-11 17:49:10 4059136]
"SmartAudio"="C:\Program Files\CONEXANT\SAII\SAIICpl.exe" [2010-12-14 11:07:22 316032]
"IgfxTray"="C:\windows\system32\igfxtray.exe" [2011-03-25 23:29:38 167960]
"HotKeysCmds"="C:\windows\system32\hkcmd.exe" [2011-03-25 23:29:34 391704]
"Persistence"="C:\windows\system32\igfxpers.exe" [2011-03-25 23:29:36 418840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=C:\Windows\system32\nvinitx.dll

------- Supplementary Scan -------

uStart Page = about:blank
IE: E&xportovať do programu Microsoft Excel
IE: Od&oslať do programu OneNote
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - C:\Users\Budo\AppData\Roaming\Mozilla\Firefox\Profiles\000ppa5o.default\

- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
Toolbar-{EFEED92A-A33D-4873-BA8F-32BAA631E54D} - (no file)
HKLM-Run-egui - C:\Program Files\ESET\ESET Smart Security\egui.exe

[chodnik74]

Vyzkoušel bych Windows 7 manager a v něm Repair center-Repair all system components

[Budovi]

Stalo sa už skorej ale nemám problém znovu

Ešte mám ako záchranu TimeStamp zálohu ktorou sa vrátim o dva dni

[chodnik74]

Zkuste znovu..nebo se vrátit v čase pomocí obnova systému windows pak je možnost opravné instalace windows..

[Budovi]

Obnovu systému mám vypnutú, je tu náhradná utilita ktorá vráti späť celý obsah hdd...