tady aktuální log :
Logfile of random's system information tool 1.09 (written by random/random)
Run by Zbynek at 2012-03-17 12:13:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 204 GB (44%) free of 461 GB
Total RAM: 4013 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:13:35, on 17.3.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\pdfconverter.com\FreePDF Creator\itFPCPrnDisp.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\trend micro\Zbynek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater10.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13060 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=ce4bfc4f-d9bc-4214-a809-715c664c913d /coreSdkOptions=286 /logConfFile="C:\ProgramData\AVG2012\temp\904dcb48-e735-462c-9599-1a6eb131a735-214-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 2685856
\??\C:\Windows\system32\conhost.exe "1428351044-69944363-301668074-1685020497-1481011918-2011752177-2009482985-180509005
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe"
"C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe"
"C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe"
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe"
"C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe"
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {29C8D32D-E9CB-49F6-B2F3-4D39C5CB4373}
C:\Windows\Explorer.EXE
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
taskeng.exe {CB4EEEE0-E2CA-4B61-9D92-10F96814DBB0}
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe"
/Device:000000a1
"taskhost.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe"
"C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgemca.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Apoint\Apoint.exe"
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe"
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Program Files (x86)\pdfconverter.com\FreePDF Creator\itFPCPrnDisp.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
KHALMNPR.EXE /API
"C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" -s
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files\Apoint\Apvfb.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "1340989508-2069887440-102116176320775194701518814490-1009747823-818094862-129239604
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary
"C:\Program Files\Sony\VAIO Update Common\VUAgent.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Users\Zbynek\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Zbynek\AppData\Roaming\Mozilla\Firefox\Profiles\cj1ei3fu.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg-secure-search.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Zbynek\AppData\Roaming\Mozilla\Firefox\Profiles\cj1ei3fu.default\extensions\
{3AF52343-6FC5-4f8e-AFE7-773054020BE9}
C:\Users\Zbynek\AppData\Roaming\Mozilla\Firefox\Profiles\cj1ei3fu.default\searchplugins\
search-on-rapidshare.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [2011-11-11 1942368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-11 43520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2011-03-19 520192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll [2012-03-12 1869152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2011-03-19 520192]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll [2012-03-12 1869152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-06-21 10775584]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-06-21 2040352]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2010-05-14 212480]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-10-29 1680976]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2010-11-03 1580368]
"Free PDF Print Dispatcher"=C:\Program Files (x86)\pdfconverter.com\FreePDF Creator\itFPCPrnDisp.exe [2010-01-15 25600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Elbserver]
C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [2010-12-15 83344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iolo Startup]
C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2010-05-31 673136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup]
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Philips Device Listener]
C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [2010-05-27 375296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2010-06-01 600928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SHTtray.exe]
C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [2010-06-20 99696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-12-07 433872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2010-06-08 1128224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Zbynek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-12-13 1198592]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-01-24 2416480]
"00PCTFW"=C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe [2010-01-12 3168216]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2012-03-12 982880]
"ROC_roc_dec12"=C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe [2012-01-30 928096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 66640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\url.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\msrating.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\msls31.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2012-03-15 21:28:24 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2012-03-15 21:28:23 ----A---- C:\Windows\SYSWOW64\wextract.exe
2012-03-15 21:28:23 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2012-03-15 21:28:23 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-03-15 21:28:23 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2012-03-15 21:28:23 ----A---- C:\Windows\SYSWOW64\occache.dll
2012-03-15 21:28:23 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-03-15 21:28:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-03-15 21:28:23 ----A---- C:\Windows\SYSWOW64\mshta.exe
2012-03-15 21:28:23 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-03-15 21:28:23 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2012-03-15 21:28:23 ----A---- C:\Windows\SYSWOW64\inseng.dll
2012-03-15 21:28:23 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2012-03-15 21:28:23 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2012-03-15 21:28:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-03-15 21:28:23 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2012-03-15 21:28:23 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2012-03-15 21:28:23 ----A---- C:\Windows\SYSWOW64\icardie.dll
2012-03-15 21:28:23 ----A---- C:\Windows\SYSWOW64\admparse.dll
2012-03-15 21:28:23 ----A---- C:\Windows\system32\wininet.dll
2012-03-15 21:28:23 ----A---- C:\Windows\system32\urlmon.dll
2012-03-15 21:28:23 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2012-03-15 21:28:23 ----A---- C:\Windows\system32\pngfilt.dll
2012-03-15 21:28:23 ----A---- C:\Windows\system32\occache.dll
2012-03-15 21:28:23 ----A---- C:\Windows\system32\msrating.dll
2012-03-15 21:28:23 ----A---- C:\Windows\system32\msls31.dll
2012-03-15 21:28:23 ----A---- C:\Windows\system32\mshtml.dll
2012-03-15 21:28:23 ----A---- C:\Windows\system32\mshta.exe
2012-03-15 21:28:23 ----A---- C:\Windows\system32\jsproxy.dll
2012-03-15 21:28:23 ----A---- C:\Windows\system32\jscript9.dll
2012-03-15 21:28:23 ----A---- C:\Windows\system32\jscript.dll
2012-03-15 21:28:23 ----A---- C:\Windows\system32\imgutil.dll
2012-03-15 21:28:23 ----A---- C:\Windows\system32\ieUnatt.exe
2012-03-15 21:28:23 ----A---- C:\Windows\system32\iertutil.dll
2012-03-15 21:28:23 ----A---- C:\Windows\system32\iepeers.dll
2012-03-15 21:28:23 ----A---- C:\Windows\system32\ieakui.dll
2012-03-15 21:28:23 ----A---- C:\Windows\system32\ieaksie.dll
2012-03-15 21:28:23 ----A---- C:\Windows\system32\admparse.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\wextract.exe
2012-03-15 21:28:22 ----A---- C:\Windows\system32\webcheck.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\vbscript.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\url.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2012-03-15 21:28:22 ----A---- C:\Windows\system32\mshtmler.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\mshtmled.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\msfeedssync.exe
2012-03-15 21:28:22 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\msfeeds.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\licmgr10.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\inseng.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\iexpress.exe
2012-03-15 21:28:22 ----A---- C:\Windows\system32\ieui.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\iesysprep.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\iesetup.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\iernonce.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\ieframe.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\iedkcs32.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\ieapfltr.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\ieapfltr.dat
2012-03-15 21:28:22 ----A---- C:\Windows\system32\ieakeng.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\IEAdvpack.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\ie4uinit.exe
2012-03-15 21:28:22 ----A---- C:\Windows\system32\icardie.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\dxtrans.dll
2012-03-15 21:28:22 ----A---- C:\Windows\system32\dxtmsft.dll
2012-03-15 19:12:48 ----HDC---- C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-03-14 03:07:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-03-14 03:07:08 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-03-14 03:07:07 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-03-13 20:19:30 ----A---- C:\Windows\system32\win32k.sys
2012-03-13 20:19:29 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-03-13 20:19:29 ----A---- C:\Windows\system32\DWrite.dll
2012-03-13 19:23:05 ----D---- C:\Program Files\trend micro
2012-03-13 19:23:04 ----D---- C:\rsit
2012-03-13 19:16:30 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-03-13 19:16:30 ----A---- C:\Windows\system32\rdpwsx.dll
2012-03-13 19:16:30 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-03-13 19:16:29 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-03-13 19:16:29 ----A---- C:\Windows\system32\rdpcore.dll
2012-03-13 19:16:29 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-03-13 19:16:29 ----A---- C:\Windows\system32\drivers\rdpwd.sys
======List of files/folders modified in the last 1 month======
2012-03-17 12:06:13 ----D---- C:\Windows\Microsoft.NET
2012-03-17 12:06:01 ----D---- C:\Windows\system32\config
2012-03-17 12:05:58 ----D---- C:\Windows\winsxs
2012-03-17 12:05:50 ----RSD---- C:\Windows\assembly
2012-03-17 12:04:18 ----D---- C:\Windows\Temp
2012-03-17 11:58:57 ----AD---- C:\ProgramData\TEMP
2012-03-17 11:56:21 ----D---- C:\ProgramData\MFAData
2012-03-17 11:56:17 ----D---- C:\Windows\system32\drivers\AVG
2012-03-17 11:53:18 ----SHD---- C:\Windows\Installer
2012-03-17 11:51:12 ----D---- C:\Windows
2012-03-15 22:16:45 ----D---- C:\Windows\Panther
2012-03-15 22:16:45 ----D---- C:\Windows\Logs
2012-03-15 22:08:05 ----SHD---- C:\Config.Msi
2012-03-15 22:08:02 ----SHD---- C:\System Volume Information
2012-03-15 22:03:51 ----D---- C:\Program Files\Common Files\Autodesk Shared
2012-03-15 22:03:19 ----RSD---- C:\Windows\Fonts
2012-03-15 22:00:27 ----D---- C:\Windows\SysWOW64
2012-03-15 22:00:24 ----D---- C:\ProgramData\Autodesk
2012-03-15 21:59:09 ----D---- C:\Program Files\Common Files
2012-03-15 21:56:29 ----RD---- C:\Program Files (x86)
2012-03-15 21:53:02 ----D---- C:\Program Files (x86)\Autodesk
2012-03-15 21:44:05 ----D---- C:\Windows\System32
2012-03-15 21:42:29 ----D---- C:\Windows\Downloaded Program Files
2012-03-15 21:37:55 ----D---- C:\Windows\system32\Tasks
2012-03-15 21:37:54 ----D---- C:\Windows\Tasks
2012-03-15 21:30:12 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-03-15 21:30:12 ----D---- C:\Program Files\Internet Explorer
2012-03-15 21:30:12 ----D---- C:\Program Files (x86)\Internet Explorer
2012-03-15 21:30:11 ----D---- C:\Windows\SYSWOW64\migration
2012-03-15 21:30:11 ----D---- C:\Windows\SYSWOW64\en-US
2012-03-15 21:30:11 ----D---- C:\Windows\system32\cs-CZ
2012-03-15 21:30:10 ----D---- C:\Windows\system32\migration
2012-03-15 21:30:10 ----D---- C:\Windows\PolicyDefinitions
2012-03-15 21:30:09 ----D---- C:\Windows\system32\en-US
2012-03-15 21:29:12 ----D---- C:\Windows\system32\catroot
2012-03-15 21:29:11 ----D---- C:\Windows\system32\catroot2
2012-03-15 21:26:56 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-03-15 21:26:50 ----D---- C:\Windows\inf
2012-03-15 21:26:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-15 21:15:31 ----D---- C:\Windows\Prefetch
2012-03-15 19:12:48 ----HD---- C:\ProgramData
2012-03-14 19:07:09 ----D---- C:\ProgramData\McAfee
2012-03-14 18:52:58 ----D---- C:\Windows\SoftwareDistribution
2012-03-14 18:51:24 ----D---- C:\Windows\debug
2012-03-14 18:46:07 ----D---- C:\Windows\SYSWOW64\drivers
2012-03-14 18:44:44 ----D---- C:\Program Files (x86)\Common Files
2012-03-14 18:44:30 ----HDC---- C:\ProgramData\{91EC863D-D912-4466-91CC-9489A4A2ADD3}
2012-03-14 18:44:25 ----D---- C:\ProgramData\Lavasoft
2012-03-14 18:44:24 ----DC---- C:\Windows\system32\DRVSTORE
2012-03-14 18:44:24 ----D---- C:\Windows\system32\drivers
2012-03-14 03:02:20 ----A---- C:\Windows\system32\MRT.exe
2012-03-13 19:23:05 ----RD---- C:\Program Files
2012-03-12 19:40:38 ----D---- C:\ProgramData\AVG Secure Search
2012-03-12 19:40:07 ----D---- C:\Program Files (x86)\AVG Secure Search
2012-03-11 23:28:43 ----D---- C:\Temp
2012-03-11 23:08:21 ----D---- C:\Users\Zbynek\AppData\Roaming\Autodesk
2012-03-11 18:25:50 ----D---- C:\Program Files\Google
2012-03-11 18:25:49 ----D---- C:\Program Files (x86)\Google
2012-03-11 18:00:35 ----D---- C:\ProgramData\Google
2012-03-11 17:46:37 ----D---- C:\ProgramData\iolo
2012-03-11 17:43:12 ----D---- C:\Program Files (x86)\MSBuild
2012-03-11 17:43:12 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2012-03-11 17:42:53 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-03-11 17:40:58 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-02-29 19:36:01 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-02-18 03:44:21 ----D---- C:\Program Files (x86)\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-03-04 540696]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2010-10-13 529128]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2010-10-13 283360]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-03-12 834544]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-07-11 375376]
R1 mfenlfk;McAfee NDIS Light Filter; C:\Windows\system32\DRIVERS\mfenlfk.sys [2010-10-13 75032]
R1 pctgntdi;pctgntdi; \??\C:\Windows\system32\drivers\pctgntdi64.sys [2011-01-17 334976]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2007-04-17 14112]
R2 rimspci;rimspci; C:\Windows\system32\drivers\rimssne64.sys [2010-06-23 94208]
R2 risdsnpe;risdsnpe; C:\Windows\system32\drivers\risdsne64.sys [2010-06-23 78848]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-05-14 299568]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 120400]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 29776]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-06-21 342056]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-06-21 102952]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-06-21 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-06-21 39464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-06-21 21544]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-07-16 158720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-21 2357024]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2010-08-24 74320]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2010-08-24 13392]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2010-08-24 63568]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2010-08-24 57936]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-05-31 7689216]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-02-04 155752]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver; \??\C:\Windows\system32\drivers\pctNdis-PacketFilter64.sys [2010-01-12 95504]
R3 pctNDIS;PC Tools Driver; C:\Windows\system32\DRIVERS\pctNdis64.sys [2010-01-07 81584]
R3 pctplfw;pctplfw; \??\C:\Windows\System32\drivers\pctplfw64.sys [2010-01-13 164496]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 Safetica;Safetica Encryption Driver; C:\Windows\system32\DRIVERS\safetica.sys [2010-06-28 252760]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2010-04-26 12032]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-16 2203136]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2010-10-13 62800]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys []
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2011-07-30 21200]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-06-08 952096]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-03-05 1425168]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-10-13 149032]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-01-17 993896]
R2 PCToolsFirewallPlus;PC Tools Firewall Plus; C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe [2009-11-09 818432]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-03-05 831760]
R2 SOHCImp;VAIO Media plus Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 108400]
R2 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]
R2 SOHDs;VAIO Media plus Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 67952]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2010-05-31 217968]
R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 575856]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-09-27 864000]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-24 655088]
R2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-08-11 845312]
R2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [2012-03-12 918880]
R3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-06 304496]
R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2011-09-23 1429608]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-11 136176]
S2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-13 245352]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-11 867080]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-11 136176]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 357456]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-10-25 101152]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
cmd
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: http://forum.viry.cz/viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: http://forum.viry.cz/viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: cmd
Hele a jak je to s tím AV a FW? Jako AV si necháš AVG, počítám, že jo? Musíš se ujistit, jestli nemáš McAfee zapnuto jako AV, ale jen jako FW. Ale zase jako FW tam vidím ještě PC Tools Firewall Plus - jedno musí pryč, jak jsem psal! Rozhodni se, co z počítače odebrat.
Takže fixni v HJT níže uvedené položky.
- Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek.
- Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
- Položky, které v seznamu nenajdeš, prostě přeskoč.
- HJT najdeš zde: C:\Program Files\trend micro\Zbynek.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
Dále stáhni utilitu OTM z jednoho z těchto odkazů:
- http://oldtimer.geekstogo.com/OTM.exe
- http://oldtimer.geekstogo.com/OTM.com
- http://oldtimer.geekstogo.com/OTM.scr
Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script (pouze zelená písmenka v bílém poli!):
Kód: Vybrat vše
:Commands
[ClearAllRestorePoints]
[ResetHosts]
[Purity]
[EmptyTemp]
[EmptyFlash]
:Files
C:\Program Files (x86)\Lavasoft
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
C:\Users\Zbynek\AppData\Roaming\Mozilla\Firefox\Profiles\cj1ei3fu.default\searchplugins\search-on-rapidshare.xml
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
:Services
gupdate
gupdatem
Lavasoft Kernexplorer
StarOpen
vToolbarUpdater10.2.0
:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{BFC32E1D-EE75-4A48-BC60-104E11EE2431}"=-
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"=-
"Free PDF Print Dispatcher"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Elbserver]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iolo Startup]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Philips Device Listener]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SHTtray.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Zbynek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\
-
-
- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: cmd
k těm AV a FW....jako AV chci používat AVG....jako FW ten PC Tools Firewall Plus......McAfee jsem odinstaloval vše co šlo,vše co jsem zvládl najít.pokud se hádají i AVG a PC Tools Firewall tak odstaním PC Tools Fire...
k tomu seznamu co jsi mi psal do HJT,abych to zaškrtnul,tak tyhle položky v tom výpisu co mi to našlo nebyly :O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
zbytek proběhl v pořádku a tady je log po restartu :
All processes killed
========== COMMANDS ==========
Restore point Set: OTM Restore Point
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Zbynek
->Temp folder emptied: 130249475 bytes
->Temporary Internet Files folder emptied: 410177 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 225348887 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1317 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 102963 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 107235 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 340.00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
User: Zbynek
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
========== FILES ==========
File/Folder C:\Program Files (x86)\Lavasoft not found.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml moved successfully.
C:\Users\Zbynek\AppData\Roaming\Mozilla\Firefox\Profiles\cj1ei3fu.default\searchplugins\search-on-rapidshare.xml moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9CBE.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD806.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP314F.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP322C.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4930.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6173.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7B8A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP99BF.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA572.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEC63.tmp folder moved successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service Lavasoft Kernexplorer stopped successfully!
Service Lavasoft Kernexplorer deleted successfully!
Service StarOpen stopped successfully!
Service StarOpen deleted successfully!
Service vToolbarUpdater10.2.0 stopped successfully!
Service vToolbarUpdater10.2.0 deleted successfully!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Logitech Download Assistant not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Free PDF Print Dispatcher not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Elbserver\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iolo Startup\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Philips Device Listener\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SHTtray.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Zbynek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
OTM by OldTimer - Version 3.1.19.0 log created on 03172012_154031
Files moved on Reboot...
C:\Users\Zbynek\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: cmd
To, že tam některé položky nebyly, nevadí. Proto to vždy píšu i do návodu. 
Použil jsi na McAfee ten jejich remover, jak jsem Ti psal? Protože Ti pořád ve službách běží McAfee Firewall Core Service a další. Ale v pohodě, napíšu Ti ještě jeden script a odpálíme to. Nene, AVG se s PC Tools Firewall tlouct nebude, protože první je antivir, druhé je firewall, takže tyhle dvě si v klidu nechej. Takže aplikuj ještě tento sript pro OTM:Kód: Vybrat vše
:Commands
[EmptyTemp]
[EmptyFlash]
:Files
C:\Program Files\Common Files\McAfee
C:\Windows\system32\drivers\mfewfpk.sys
C:\Windows\system32\drivers\mfehidk.sys
C:\Windows\system32\DRIVERS\mfenlfk.sys
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
:Services
mfefire
mfevtp
mfehidk
mfewfpk
mfenlfk
Kdyby se McAfee náhodou bránil nebo byly nějaké jiné problémy, hoď se zase do Nouzového režimu a v běžících procesech nebo v jeho nastaveních McAfee vypni.--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: cmd
log :
Files moved on Reboot...
C:\Users\Zbynek\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DF110DFA197C498C07.TMP moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DF2183A125FB055F8D.TMP moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DF2AED51F14A5D93A9.TMP moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DF43A9359B94177EDD.TMP moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DF521944912E518590.TMP moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DF9ACA4F61A763A1A3.TMP moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DFA1F9D18D047373E7.TMP moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DFB665861EF7F77494.TMP moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DFBD864B5490D8BD51.TMP moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DFEF5B721E06CD5DEB.TMP moved successfully.
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.
C:\Program Files\Common Files\mcafee\systemcore folder moved successfully.
C:\Program Files\Common Files\mcafee folder moved successfully.
Registry entries deleted on Reboot...
Files moved on Reboot...
C:\Users\Zbynek\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DF110DFA197C498C07.TMP moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DF2183A125FB055F8D.TMP moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DF2AED51F14A5D93A9.TMP moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DF43A9359B94177EDD.TMP moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DF521944912E518590.TMP moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DF9ACA4F61A763A1A3.TMP moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DFA1F9D18D047373E7.TMP moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DFB665861EF7F77494.TMP moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DFBD864B5490D8BD51.TMP moved successfully.
C:\Users\Zbynek\AppData\Local\Temp\~DFEF5B721E06CD5DEB.TMP moved successfully.
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.
C:\Program Files\Common Files\mcafee\systemcore folder moved successfully.
C:\Program Files\Common Files\mcafee folder moved successfully.
Registry entries deleted on Reboot...
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: cmd
Mno, to není komplet log. 
Proběhlo vše v pořádku?
Proběhlo vše v pořádku?--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: cmd
Ano, zopakuj to, ale proveď v Nouzovém režimu.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: cmd
tak jsem tímto pokusem zjistil,že mám něco s nouzovým režimem,při restartu zmáčknu klávesu F8,naběhne mi výběr typu spuštění,tak vyberu Nouzový režim,přihlásím se do systému a pc se mi načte jako v obvyklém režimu....zkusil jsem OTM znovu a tady je log :
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Zbynek
->Temp folder emptied: 1268662 bytes
->Temporary Internet Files folder emptied: 41366 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 88135376 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 611 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8455615 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 83637 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 93.00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
User: Zbynek
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
========== FILES ==========
File/Folder C:\Program Files\Common Files\McAfee not found.
File/Folder C:\Windows\system32\drivers\mfewfpk.sys not found.
File/Folder C:\Windows\system32\drivers\mfehidk.sys not found.
File/Folder C:\Windows\system32\DRIVERS\mfenlfk.sys not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== SERVICES/DRIVERS ==========
Error: No service named mfefire was found to stop!
Service\Driver key mfefire not found.
Error: No service named mfevtp was found to stop!
Service\Driver key mfevtp not found.
Error: No service named mfehidk was found to stop!
Service\Driver key mfehidk not found.
Service mfewfpk stopped successfully!
Service mfewfpk deleted successfully!
Service mfenlfk stopped successfully!
Service mfenlfk deleted successfully!
OTM by OldTimer - Version 3.1.19.0 log created on 03192012_143249
Files moved on Reboot...
C:\Users\Zbynek\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.
Registry entries deleted on Reboot...
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Zbynek
->Temp folder emptied: 1268662 bytes
->Temporary Internet Files folder emptied: 41366 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 88135376 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 611 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8455615 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 83637 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 93.00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
User: Zbynek
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
========== FILES ==========
File/Folder C:\Program Files\Common Files\McAfee not found.
File/Folder C:\Windows\system32\drivers\mfewfpk.sys not found.
File/Folder C:\Windows\system32\drivers\mfehidk.sys not found.
File/Folder C:\Windows\system32\DRIVERS\mfenlfk.sys not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== SERVICES/DRIVERS ==========
Error: No service named mfefire was found to stop!
Service\Driver key mfefire not found.
Error: No service named mfevtp was found to stop!
Service\Driver key mfevtp not found.
Error: No service named mfehidk was found to stop!
Service\Driver key mfehidk not found.
Service mfewfpk stopped successfully!
Service mfewfpk deleted successfully!
Service mfenlfk stopped successfully!
Service mfenlfk deleted successfully!
OTM by OldTimer - Version 3.1.19.0 log created on 03192012_143249
Files moved on Reboot...
C:\Users\Zbynek\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.
Registry entries deleted on Reboot...
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: cmd
S tím Nouzákem tedy nevím. Tohle vidím na opravnou instalaci systému. Ale můžu se domluvit s kolegou, jestli by se nemrknul, není-li problém jinde, když by to hořelo.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: cmd
OK, tak ještě dočistíme.
Spusť znovu OTM a klikni na tlačítko [CleanUp!], čímž po sobě program uklidí.
TFC http://oldtimer.geekstogo.com/TFC.exe
Pokud nemáš, stáhni CCleaner z tohoto odkazu.
CCleaner doporučuji používat cca jednou za týden.
... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.
Spusť znovu OTM a klikni na tlačítko [CleanUp!], čímž po sobě program uklidí. TFC http://oldtimer.geekstogo.com/TFC.exe
- Stáhni a spusť.
- Klikni na Start a potvrď OK.
- Program uklidí a může (nemusí) restartovat PC.
- Po použití utilitu smaž.
Pokud nemáš, stáhni CCleaner z tohoto odkazu.
- Panel čistič
- Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.
- Panel registry
- Klikni na Hledej problémy.
- Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
- Postup opakuj, dokud nebude bez problémů - většinou cca 3x.
- Panel nástroje
- Zde můžeš odinstalovat nepotřebné programy.
CCleaner doporučuji používat cca jednou za týden.... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: cmd
Tak tu mám na ten Nouzový režim ještě nápad od kolegy cernohous13 (kterému tímto děkuji ):SafeBootKeyRepair, ke stažení zde: http://download.bleepingcomputer.com/sU ... Repair.exe
- Stačí jen spustit, popřípadě potvrdit výzvy programu.
- Tím opravíme spuštění Nouzového režimu.
Aplikuj a ten Nouzák vyzkoušej. Když to nepůjde mám ještě jeden postup.--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: cmd
tak OTM a TFC jsem použil jak jsi napsal...všechno proběhlo v pořádku,nebo aspoň jsem nic nezaregistroval....
CCleaner používám pravidelně....a ta utilita na ten Nouzák,tak jsem si ji stáhnul,hodil na plochu,spustil jako admin a vyskočil příkazovej řádek,kterej tam sesmolil rychle pár řádků a pak mi to vyhodilo v tom řádku : pokračujte libovolnou klávesou...
Když jsem zmáčknul space,tak okno zmizelo a nic.Tak jsem resetil compa a zkusil najet do nozového režimu....zobrazilo se mi přihlašovací okno do win v rozlišení tipuju 800x600 nebo kolik to mohlo bejt,heslo jsem vyplnil a pak se comp restartoval a naběhl do standartního režimu....takže tahle utilita asi nepomohla....
jinak po vyčištění mi comp přijde trochu rychlejší,ale nevim jestli to nemám vsugerovaný
CCleaner používám pravidelně....a ta utilita na ten Nouzák,tak jsem si ji stáhnul,hodil na plochu,spustil jako admin a vyskočil příkazovej řádek,kterej tam sesmolil rychle pár řádků a pak mi to vyhodilo v tom řádku : pokračujte libovolnou klávesou...
Když jsem zmáčknul space,tak okno zmizelo a nic.Tak jsem resetil compa a zkusil najet do nozového režimu....zobrazilo se mi přihlašovací okno do win v rozlišení tipuju 800x600 nebo kolik to mohlo bejt,heslo jsem vyplnil a pak se comp restartoval a naběhl do standartního režimu....takže tahle utilita asi nepomohla....
jinak po vyčištění mi comp přijde trochu rychlejší,ale nevim jestli to nemám vsugerovaný
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: cmd
Vsugerovaný to rozhodně nemáš. Placebo utility zde opravdu nepoužíváme. 
Utilita na opravu Nouzáku proběhla v pořádku, takhle má pracovat. Fakt divné, že to pořád nejde.
Tak zkus ještě tohle a pak už opravdu nevím.
SREng (System Repair Engineer), ke stažení zde: http://www.download.com/System-Repair-E ... 07166.html nebo zde: http://www.kztechs.com/eng/download.html
Utilita na opravu Nouzáku proběhla v pořádku, takhle má pracovat. Fakt divné, že to pořád nejde.
Tak zkus ještě tohle a pak už opravdu nevím.
SREng (System Repair Engineer), ke stažení zde: http://www.download.com/System-Repair-E ... 07166.html nebo zde: http://www.kztechs.com/eng/download.html
- Prográmek rozbal a spusť. Pokud používáš Win Vista či Win 7, klikni na jeho ikonu pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Klikni na [System Repair].
- Klikni na záložku Advanced Repair.
- Zvol [Repair Safe Mode].
- Potvrď dialogová okna.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Přispějete na provoz fóra?