Prosím o kontrolu logu. Net mi blbne. Pc je poamlé

Zpráva

StanoMalek · #1 Příspěvek od **StanoMalek** » 31 říj 2012 10:44

Logfile of random's system information tool 1.09 (written by random/random)
Run by bbbbbb at 2012-10-31 11:13:23
Microsoft Windows 7 Professional
System drive C: has 18 GB (32%) free of 57 GB
Total RAM: 2047 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:13:36, on 31.10.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
D:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
C:\Program Files (x86)\Steam\Steam.exe
D:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
D:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
C:\Program Files (x86)\XFastUsb\XFastUsb.exe
C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
C:\Users\bbbbbb\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
C:\Users\bbbbbb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\bbbbbb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\bbbbbb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\bbbbbb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Notepad++\notepad++.exe
C:\Users\bbbbbb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\bbbbbb.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:splashtopconnect
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Splashtop Connect SearchHook - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Splashtop Connect VisualBookmark - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [XFastUsb] C:\Program Files (x86)\XFastUsb\XFastUsb.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CTSyncService] C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe /StartRunKey
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [SmartViewAgent] "C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
O4 - HKLM\..\Run: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\bbbbbb\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "D:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [RocketDock] "D:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-437575234-2395731410-650709988-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-437575234-2395731410-650709988-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: H3 The Shadow of Death(TM).lnk = C:\Program Files (x86)\3DO\Heroes3\RegisterSOD\Remind32.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {4F9FD89A-24F0-4fb7-9635-D54B3593B85B} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (HKCU)
O9 - Extra 'Tools' menuitem: @"C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe",-101 - {4F9FD89A-24F0-4fb7-9635-D54B3593B85B} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (HKCU)
O9 - Extra button: @"C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe",-103 - {9E508DD9-844C-4985-AC11-AFE5DD71E0BF} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (HKCU)
O9 - Extra button: (no name) - {B771147A-4CC8-450e-8AB1-7D47821751B1} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (HKCU)
O9 - Extra 'Tools' menuitem: @"C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe",-102 - {B771147A-4CC8-450e-8AB1-7D47821751B1} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (HKCU)
O9 - Extra button: @"C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe",-104 - {EB89B163-2474-4734-9E93-68B61BC5BED5} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Splashtop Connect Service (SCBackService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SmartView service (SmartViewService) - Unknown owner - C:\Program Files (x86)\DeviceVM\SmartView\SmartViewService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Splashtop Connect IE Software Updater Service (WCUService_STC_IE) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13070 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll" /prefetch:1
taskeng.exe {C04DD2E8-C8BF-4886-91FE-213EDD270032}
"D:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
"C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe"
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe"
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\AmbRunE.dll,RunDLLEntry
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"D:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"D:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe" /c /a /s UserSession
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\XFastUsb\XFastUsb.exe"
"C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe" /StartRunKey
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
"C:\Users\bbbbbb\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001" 2888 "C:\Users\bbbbbb\AppData\Local\Temp\""Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0041"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Windows\system32\wuauclt.exe"
"taskhost.exe"
"C:\Users\bbbbbb\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\bbbbbb\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_07/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="3172.0.392516297\1936667010" /prefetch:3
"C:\Users\bbbbbb\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3172.1.1843864687\1406484446" --gpu-vendor-id=0x10de --gpu-device-id=0x0a65 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.623 --ignored=" --type=renderer " /prefetch:12
"C:\Users\bbbbbb\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3172.2.1133549010\429009485" --lang=cs --ignored=" --type=renderer " /prefetch:13
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe13_ Global\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Notepad++\notepad++.exe" "C:\rsit\log.txt"
"C:\Users\bbbbbb\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_07/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="3172.3.358306612\787308188" /prefetch:3
"C:\Users\bbbbbb\Downloads\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\DriverScanner.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-437575234-2395731410-650709988-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-437575234-2395731410-650709988-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}]
Splashtop Connect VisualBookmark - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll [2011-01-21 345968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07 436192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL [2011-03-31 210872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-24 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-24 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07 436192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RunDLLEntry"=C:\Windows\system32\AmbRunE.dll [2009-02-26 17920]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-10-13 162584]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-10-13 386840]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-10-13 417560]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ASRockOCTuner"= []
"ASRockIES"= []
"zASRockInstantBoot"= []
"Google Update"=C:\Users\bbbbbb\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 116648]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2012-09-14 1353080]
"DAEMON Tools Pro Agent"=D:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-04-26 3111744]
"RocketDock"=D:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2011-02-22 3019376]
"XFastUsb"=C:\Program Files (x86)\XFastUsb\XFastUsb.exe [2012-09-12 4942336]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"CTSyncService"=C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe [2009-07-08 1233195]
"VolPanel"=C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [2009-05-04 241789]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"SmartViewAgent"=C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-08-29 1996200]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"STCAgent"=C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe [2011-01-21 776064]
"ZyngaGamesAgent"=C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [2010-11-15 841544]

C:\Users\bbbbbb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
H3 The Shadow of Death(TM).lnk - C:\Program Files (x86)\3DO\Heroes3\RegisterSOD\Remind32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-10-13 272896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-10-31 10:26:00 ----D---- C:\Program Files (x86)\trend micro
2012-10-31 10:24:25 ----D---- C:\rsit
2012-10-31 10:24:25 ----D---- C:\Program Files\trend micro
2012-10-31 09:43:37 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll
2012-10-31 09:43:37 ----A---- C:\Windows\system32\drivers\iusb3hcs.sys
2012-10-29 00:58:37 ----D---- C:\Splashtop
2012-10-28 19:02:29 ----D---- C:\Users\bbbbbb\AppData\Roaming\BANDISOFT
2012-10-28 19:00:19 ----D---- C:\Program Files (x86)\Bandicam
2012-10-28 19:00:11 ----D---- C:\Program Files (x86)\BandiMPEG1
2012-10-26 11:39:31 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2012-10-26 11:39:03 ----D---- C:\Program Files (x86)\Livestream Procaster
2012-10-23 19:47:38 ----D---- C:\ProgramData\RELOADED
2012-10-21 17:37:40 ----D---- C:\ProgramData\ESTsoft
2012-10-21 17:37:35 ----D---- C:\Program Files (x86)\ESTsoft
2012-10-21 17:37:30 ----D---- C:\Users\bbbbbb\AppData\Roaming\ESTsoft
2012-10-21 12:38:58 ----A---- C:\Windows\system32\drivers\pmkbdfltr.sys
2012-10-21 12:37:27 ----A---- C:\Windows\system32\drivers\pmserenum.sys
2012-10-21 12:20:05 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2012-10-21 12:20:01 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2012-10-21 12:19:56 ----A---- C:\Windows\system32\nvopencl.dll
2012-10-21 12:19:55 ----A---- C:\Windows\system32\nvoglv64.dll
2012-10-21 12:19:51 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2012-10-21 12:19:48 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2012-10-21 12:19:42 ----A---- C:\Windows\system32\nvd3dumx.dll
2012-10-21 12:19:38 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2012-10-21 12:19:38 ----A---- C:\Windows\system32\nvcuvid.dll
2012-10-21 12:19:37 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2012-10-21 12:19:37 ----A---- C:\Windows\system32\nvcuvenc.dll
2012-10-21 12:19:35 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2012-10-21 12:19:33 ----A---- C:\Windows\system32\nvcuda.dll
2012-10-21 12:19:30 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2012-10-21 12:19:27 ----A---- C:\Windows\system32\nvcompiler.dll
2012-10-21 11:55:37 ----D---- C:\Users\bbbbbb\AppData\Roaming\Uniblue
2012-10-19 11:11:40 ----D---- C:\Windows\Minidump
2012-10-18 06:50:15 ----D---- C:\Program Files\Defraggler
2012-10-17 18:29:20 ----D---- C:\Windows\SYSWOW64\spool
2012-10-17 15:47:52 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2012-10-17 15:47:52 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-10-17 15:47:52 ----A---- C:\Windows\SYSWOW64\java.exe
2012-10-17 07:44:51 ----D---- C:\Users\bbbbbb\AppData\Roaming\Splashtop
2012-10-10 15:01:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-10 15:01:06 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-10-10 15:01:05 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-10-10 15:01:01 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-10-10 15:01:01 ----A---- C:\Windows\system32\wintrust.dll
2012-10-10 15:00:42 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-10-10 15:00:42 ----A---- C:\Windows\system32\tzres.dll
2012-10-10 15:00:21 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-10-10 15:00:21 ----A---- C:\Windows\system32\kerberos.dll
2012-10-10 15:00:07 ----A---- C:\Windows\system32\crypt32.dll
2012-10-10 15:00:06 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-10-10 15:00:06 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-10-10 15:00:06 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-10-10 15:00:06 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-10 15:00:06 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-10 12:57:19 ----D---- C:\Users\bbbbbb\AppData\Roaming\Skype
2012-10-10 12:56:32 ----RD---- C:\Program Files (x86)\Skype
2012-10-10 12:55:54 ----D---- C:\ProgramData\Skype
2012-10-08 15:12:49 ----D---- C:\Users\bbbbbb\AppData\Roaming\TeamViewer
2012-10-08 15:12:13 ----D---- C:\Program Files (x86)\TeamViewer
2012-10-07 14:59:34 ----D---- C:\Users\bbbbbb\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
2012-10-07 14:07:07 ----D---- C:\Windows\SYSWOW64\Macromed
2012-10-07 13:27:46 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-10-05 16:06:41 ----D---- C:\Users\bbbbbb\AppData\Roaming\runic games
2012-10-05 14:28:45 ----D---- C:\Users\bbbbbb\AppData\Roaming\Mount&Blade Warband
2012-10-05 13:28:43 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2012-10-05 13:28:43 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2012-10-05 13:28:43 ----A---- C:\Windows\system32\XAudio2_7.dll
2012-10-05 13:28:43 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2012-10-05 13:28:40 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2012-10-05 13:28:40 ----A---- C:\Windows\system32\xactengine3_7.dll
2012-10-05 13:28:38 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2012-10-05 13:28:38 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2012-10-05 13:28:36 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2012-10-05 13:28:36 ----A---- C:\Windows\system32\d3dcsx_43.dll
2012-10-05 13:28:32 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2012-10-05 13:28:32 ----A---- C:\Windows\system32\d3dx11_43.dll
2012-10-05 13:28:30 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2012-10-05 13:28:30 ----A---- C:\Windows\system32\d3dx10_43.dll
2012-10-05 13:28:28 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2012-10-05 13:28:28 ----A---- C:\Windows\system32\D3DX9_43.dll
2012-10-05 13:28:26 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2012-10-05 13:28:26 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2012-10-05 13:28:26 ----A---- C:\Windows\system32\XAudio2_6.dll
2012-10-05 13:28:26 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2012-10-05 13:28:25 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2012-10-05 13:28:25 ----A---- C:\Windows\system32\xactengine3_6.dll
2012-10-05 13:28:24 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2012-10-05 13:28:24 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2012-10-05 13:28:21 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2012-10-05 13:28:21 ----A---- C:\Windows\system32\XAudio2_5.dll
2012-10-05 13:28:20 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2012-10-05 13:28:20 ----A---- C:\Windows\system32\xactengine3_5.dll
2012-10-05 13:28:19 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2012-10-05 13:28:19 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2012-10-05 13:28:17 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2012-10-05 13:28:17 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2012-10-05 13:28:17 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2012-10-05 13:28:17 ----A---- C:\Windows\system32\d3dx11_42.dll
2012-10-05 13:28:17 ----A---- C:\Windows\system32\d3dx10_42.dll
2012-10-05 13:28:17 ----A---- C:\Windows\system32\d3dcsx_42.dll
2012-10-05 13:28:16 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2012-10-05 13:28:16 ----A---- C:\Windows\system32\D3DX9_42.dll
2012-10-05 13:28:15 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2012-10-05 13:28:15 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2012-10-05 13:28:15 ----A---- C:\Windows\system32\d3dx10_41.dll
2012-10-05 13:28:15 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2012-10-05 13:28:13 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2012-10-05 13:28:13 ----A---- C:\Windows\system32\D3DX9_41.dll
2012-10-05 13:28:11 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2012-10-05 13:28:11 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2012-10-05 13:28:11 ----A---- C:\Windows\system32\XAudio2_4.dll
2012-10-05 13:28:11 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2012-10-05 13:28:09 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2012-10-05 13:28:09 ----A---- C:\Windows\system32\xactengine3_4.dll
2012-10-05 13:28:08 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2012-10-05 13:28:08 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2012-10-05 13:28:07 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2012-10-05 13:28:07 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2012-10-05 13:28:07 ----A---- C:\Windows\system32\d3dx10_40.dll
2012-10-05 13:28:07 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2012-10-05 13:28:06 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2012-10-05 13:28:06 ----A---- C:\Windows\system32\D3DX9_40.dll
2012-10-05 13:28:05 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2012-10-05 13:28:05 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2012-10-05 13:28:05 ----A---- C:\Windows\system32\XAudio2_3.dll
2012-10-05 13:28:05 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2012-10-05 13:28:04 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2012-10-05 13:28:04 ----A---- C:\Windows\system32\xactengine3_3.dll
2012-10-05 13:28:03 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2012-10-05 13:28:03 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2012-10-05 13:28:02 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2012-10-05 13:28:02 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2012-10-05 13:28:02 ----A---- C:\Windows\system32\XAudio2_2.dll
2012-10-05 13:28:02 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2012-10-05 13:28:01 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2012-10-05 13:28:01 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2012-10-05 13:28:01 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2012-10-05 13:28:01 ----A---- C:\Windows\system32\xactengine3_2.dll
2012-10-05 13:28:01 ----A---- C:\Windows\system32\d3dx10_39.dll
2012-10-05 13:28:01 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2012-10-05 13:28:00 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2012-10-05 13:28:00 ----A---- C:\Windows\system32\D3DX9_39.dll
2012-10-05 13:27:58 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2012-10-05 13:27:58 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2012-10-05 13:27:58 ----A---- C:\Windows\system32\XAudio2_1.dll
2012-10-05 13:27:58 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2012-10-05 13:27:57 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2012-10-05 13:27:57 ----A---- C:\Windows\system32\xactengine3_1.dll
2012-10-05 13:27:56 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2012-10-05 13:27:56 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2012-10-05 13:27:55 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2012-10-05 13:27:55 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2012-10-05 13:27:55 ----A---- C:\Windows\system32\d3dx10_38.dll
2012-10-05 13:27:55 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2012-10-05 13:27:53 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2012-10-05 13:27:53 ----A---- C:\Windows\system32\D3DX9_38.dll
2012-10-05 13:27:52 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2012-10-05 13:27:52 ----A---- C:\Windows\system32\XAudio2_0.dll
2012-10-05 13:27:51 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2012-10-05 13:27:51 ----A---- C:\Windows\system32\xactengine3_0.dll
2012-10-05 13:27:50 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2012-10-05 13:27:50 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2012-10-05 13:27:49 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2012-10-05 13:27:49 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2012-10-05 13:27:49 ----A---- C:\Windows\system32\d3dx10_37.dll
2012-10-05 13:27:49 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2012-10-05 13:27:48 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2012-10-05 13:27:48 ----A---- C:\Windows\system32\D3DX9_37.dll
2012-10-05 13:27:47 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2012-10-05 13:27:47 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2012-10-05 13:27:47 ----A---- C:\Windows\system32\xactengine2_10.dll
2012-10-05 13:27:47 ----A---- C:\Windows\system32\d3dx10_36.dll
2012-10-05 13:27:46 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2012-10-05 13:27:46 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2012-10-05 13:27:46 ----A---- C:\Windows\system32\d3dx9_36.dll
2012-10-05 13:27:46 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2012-10-05 13:27:45 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2012-10-05 13:27:45 ----A---- C:\Windows\system32\xactengine2_9.dll
2012-10-05 13:27:44 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2012-10-05 13:27:44 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2012-10-05 13:27:44 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2012-10-05 13:27:44 ----A---- C:\Windows\system32\d3dx9_35.dll
2012-10-05 13:27:44 ----A---- C:\Windows\system32\d3dx10_35.dll
2012-10-05 13:27:44 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2012-10-05 13:27:43 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2012-10-05 13:27:43 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2012-10-05 13:27:43 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2012-10-05 13:27:43 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2012-10-05 13:27:43 ----A---- C:\Windows\system32\xactengine2_8.dll
2012-10-05 13:27:43 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2012-10-05 13:27:43 ----A---- C:\Windows\system32\d3dx10_34.dll
2012-10-05 13:27:43 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2012-10-05 13:27:42 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2012-10-05 13:27:42 ----A---- C:\Windows\system32\xinput1_3.dll
2012-10-05 13:27:42 ----A---- C:\Windows\system32\d3dx9_34.dll
2012-10-05 13:06:44 ----A---- C:\Windows\system32\drivers\L1C62x64.sys
2012-10-05 12:54:34 ----D---- C:\Users\bbbbbb\AppData\Roaming\NVIDIA
2012-10-05 12:42:28 ----D---- C:\ProgramData\NVIDIA
2012-10-05 12:42:20 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2012-10-05 12:41:23 ----A---- C:\Windows\system32\nvvsvc.exe
2012-10-05 12:41:23 ----A---- C:\Windows\system32\nvsvc64.dll
2012-10-05 12:41:23 ----A---- C:\Windows\system32\nvshext.dll
2012-10-05 12:41:23 ----A---- C:\Windows\system32\nvmctray.dll
2012-10-05 12:41:23 ----A---- C:\Windows\system32\nvcpl.dll
2012-10-05 12:40:59 ----D---- C:\temp
2012-10-05 12:40:58 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2012-10-05 12:40:58 ----A---- C:\Windows\system32\OpenCL.dll
2012-10-05 12:40:42 ----D---- C:\ProgramData\NVIDIA Corporation
2012-10-05 12:39:15 ----A---- C:\Windows\system32\nvhdap64.dll
2012-10-05 12:39:15 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2012-10-05 12:39:15 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2012-10-05 12:39:13 ----A---- C:\Windows\system32\nvwgf2umx.dll
2012-10-05 12:39:12 ----A---- C:\Windows\system32\nvdispgenco64.dll
2012-10-05 12:39:12 ----A---- C:\Windows\system32\nvdispco64.dll
2012-10-05 12:39:11 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2012-10-05 12:39:11 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2012-10-05 12:39:11 ----A---- C:\Windows\system32\nvapi64.dll
2012-10-05 12:38:38 ----D---- C:\Program Files\NVIDIA Corporation
2012-10-05 12:37:46 ----D---- C:\NVIDIA

======List of files/folders modified in the last 1 month======

2012-10-31 11:12:39 ----D---- C:\Windows\Prefetch
2012-10-31 11:12:26 ----D---- C:\Windows\Temp
2012-10-31 10:56:55 ----D---- C:\Users\bbbbbb\AppData\Roaming\.minecraft
2012-10-31 10:26:00 ----RD---- C:\Program Files (x86)
2012-10-31 10:24:25 ----RD---- C:\Program Files
2012-10-31 10:20:50 ----D---- C:\Windows\system32\NDF
2012-10-31 09:58:32 ----SHD---- C:\System Volume Information
2012-10-31 09:58:14 ----D---- C:\Program Files (x86)\Steam
2012-10-31 09:55:36 ----D---- C:\Windows\system32\config
2012-10-31 09:44:35 ----D---- C:\Windows\system32\drivers
2012-10-31 09:44:21 ----D---- C:\Windows\System32
2012-10-31 09:44:19 ----D---- C:\Windows\inf
2012-10-31 09:44:16 ----D---- C:\Windows\system32\catroot
2012-10-31 09:44:15 ----D---- C:\Windows\system32\DriverStore
2012-10-28 19:00:17 ----D---- C:\Windows\SysWOW64
2012-10-28 14:29:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-27 12:34:43 ----D---- C:\Fraps
2012-10-26 11:39:32 ----SHD---- C:\Windows\Installer
2012-10-23 19:47:38 ----HD---- C:\ProgramData
2012-10-23 16:36:15 ----SD---- C:\Users\bbbbbb\AppData\Roaming\Microsoft
2012-10-22 04:27:39 ----D---- C:\Windows
2012-10-21 17:41:06 ----D---- C:\Windows\system32\Tasks
2012-10-21 17:37:30 ----D---- C:\Windows\Resources
2012-10-21 12:21:59 ----D---- C:\Windows\system32\catroot2
2012-10-21 11:55:45 ----D---- C:\Windows\Tasks
2012-10-19 05:32:17 ----D---- C:\Program Files (x86)\JDownloader
2012-10-17 18:32:19 ----D---- C:\Program Files (x86)\Sony
2012-10-17 18:27:37 ----D---- C:\Users\bbbbbb\AppData\Roaming\Sony
2012-10-17 16:40:29 ----RSD---- C:\Windows\assembly
2012-10-17 15:47:52 ----D---- C:\Program Files (x86)\Java
2012-10-17 07:47:28 ----HD---- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
2012-10-17 07:47:12 ----D---- C:\Program Files (x86)\Splashtop
2012-10-17 07:44:51 ----D---- C:\Users\bbbbbb\AppData\Roaming\DeviceVm
2012-10-17 07:44:51 ----D---- C:\ProgramData\Splashtop
2012-10-17 07:44:51 ----D---- C:\ProgramData\DeviceVM
2012-10-12 21:29:40 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-10-12 16:38:58 ----D---- C:\Windows\debug
2012-10-12 08:34:18 ----D---- C:\Windows\rescache
2012-10-11 04:22:30 ----D---- C:\Windows\winsxs
2012-10-11 04:19:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-10-11 04:19:13 ----D---- C:\Windows\system32\cs-CZ
2012-10-10 13:05:56 ----D---- C:\Windows\Microsoft.NET
2012-10-10 12:56:33 ----D---- C:\Program Files (x86)\Common Files
2012-10-07 13:43:00 ----D---- C:\Windows\SYSWOW64\en-US
2012-10-07 13:43:00 ----D---- C:\Windows\system32\en-US
2012-10-07 13:18:18 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-10-07 13:16:03 ----D---- C:\Windows\SoftwareDistribution
2012-10-07 08:04:36 ----D---- C:\Windows\system32\wdi
2012-10-05 13:51:34 ----D---- C:\Windows\LiveKernelReports
2012-10-05 13:25:25 ----D---- C:\Windows\Logs
2012-10-05 12:42:24 ----RD---- C:\Users
2012-10-05 12:41:17 ----D---- C:\Windows\Help
2012-10-02 13:55:42 ----D---- C:\Intel
2012-10-01 04:16:37 ----D---- C:\Program Files (x86)\Internet Explorer
2012-10-01 04:16:36 ----D---- C:\Windows\SYSWOW64\migration
2012-10-01 04:16:34 ----D---- C:\Windows\system32\migration
2012-10-01 04:16:33 ----D---- C:\Program Files\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-10-31 19264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS [2011-01-27 450680]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [2011-03-15 912504]
R1 AsrAppCharger;AsrAppCharger; C:\Windows\system32\DRIVERS\AsrAppCharger.sys [2010-06-11 15368]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20121005.002\BHDrvx64.sys [2012-10-05 1385632]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-16 283200]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2012-09-14 484512]
R1 FNETURPX;FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [2012-09-12 15936]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20121027.002\IDSvia64.sys [2012-09-13 513184]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [2011-03-31 40568]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [2011-01-27 171128]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [2011-04-21 386168]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-09-14 138912]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-10-05 110744]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20121030.020\ENG64.SYS [2012-09-14 126112]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20121030.020\EX64.SYS [2012-09-14 2084000]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
R3 pmkbdfltr;PenMount Keyboard Device Filter Driver; C:\Windows\system32\DRIVERS\pmkbdfltr.sys [2012-10-21 18832]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [2011-03-31 744568]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2012-09-14 174200]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-02-17 2153072]
S3 FNETTBOH_305;FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [2012-09-19 31808]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-10-13 10629184]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 pmserenum;PenMount Serial Device Enumeration Service; C:\Windows\system32\DRIVERS\pmserenum.sys [2012-10-21 37272]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [2011-04-17 130008]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-08-30 891240]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-30 1258856]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 SCBackService;Splashtop Connect Service; C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-02-17 27760]
R2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service; C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-03-22 497480]
R3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2012-09-12 79360]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 SmartViewService;SmartView service; C:\Program Files (x86)\DeviceVM\SmartView\SmartViewService.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-09-12 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-09-12 79360]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-10-24 529744]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-15 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139680]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139680]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139680]

-----------------EOF-----------------

StanoMalek · #2 Příspěvek od **StanoMalek** » 31 říj 2012 10:45

info.txt logfile of random's system information tool 1.09 2012-10-31 10:26:25

======Uninstall list======

Heroes of Might and Magic(TM) III Armageddon's Blade-->C:\Windows\IsUninst.exe -f"C:\Program Files (x86)\3DO\Heroes3\UnBlade.isu" -c"C:\Program Files (x86)\3DO\Heroes3\unblade.dll
-->"C:\Program Files (x86)\Creative Installation Information\SBCONTROL64\Setup.exe" /remove /l0x0009
-->MsiExec /X{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6F3684E3-0FA0-4443-B97D-65117730222E}\setup.exe"
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9 /remove
µTorrent-->"D:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Acrobat.com-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
ALTools Update-->"C:\Program Files (x86)\ESTsoft\ALUpdate\unins000.exe"
ALZip-->D:\Program Files (x86)\ESTsoft\ALZip\unins000.exe
ASRock IES v2.1.12-->"C:\Program Files (x86)\ASRock Utility\IES\unins000.exe"
ASRock InstantBoot v1.23-->"C:\Program Files (x86)\ASRock Utility\InstantBoot\unins000.exe"
ASRock OC Tuner v2.4.31-->"C:\Program Files (x86)\ASRock Utility\OCTuner\unins000.exe"
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\Setup.exe" -runfromtemp -l0x0005 -removeonly
Bandicam-->"C:\Program Files (x86)\Bandicam\uninstall.exe"
Bandisoft MPEG-1 Decoder-->"C:\Program Files (x86)\BandiMPEG1\uninstall.exe"
Counter-Strike-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/10
CraftMaster Setup 1.3.1-->C:\Users\bbbbbb\AppData\Roaming\.minecraft\Uninstall.exe
DAEMON Tools Pro-->D:\Program Files (x86)\DAEMON Tools Pro\uninst.exe
EVEREST Home Edition v2.20-->"D:\Program Files (x86)\Lavalys\EVEREST Home Edition\unins000.exe"
Fallout New Vegas-->"C:\Program Files (x86)\Bethesda Softworks\Fallout New Vegas\unins000.exe"
Floris Mod Pack 2.5-->"D:\Program Files (x86)\Mount&Blade Warband\Modules\unins000.exe"
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
Heroes of Might and Magic® III The Shadow of Death(TM)-->C:\Windows\IsUninst.exe -f"C:\Program Files (x86)\3DO\Heroes3\Uninst.isu" -c"C:\Program Files (x86)\3DO\Heroes3\uninst.dll
Intel(R) Graphics Media Accelerator Driver-->C:\Program Files (x86)\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall
Java 7 Update 9-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217007FF}
JDownloader 0.9-->C:\Program Files (x86)\JDownloader\JDUninstall.exe
Left 4 Dead 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/550
Livestream Procaster-->MsiExec.exe /I{2515EAA9-AE9F-4F0A-8301-B40034838B8A}
LogMeIn Hamachi-->C:\Windows\SysWOW64\\msiexec.exe /i {B8ABD8C7-991E-4A70-B5A3-20C6FC680680} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Mount&Blade Warband-->D:\Program Files (x86)\Mount&Blade Warband\uninstall.exe
MSVCRT Redists-->MsiExec.exe /I{E9627240-E930-11E0-8690-F04DA23A5C58}
Norton Internet Security-->C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\18.7.2.3\InstStub.exe /X /ARP
Notepad++-->C:\Program Files (x86)\Notepad++\uninstall.exe
NVIDIA PhysX-->MsiExec.exe /X{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}
Pandora Service-->"C:\Program Files (x86)\PANDORA.TV\PanService\unins000.exe"
RocketDock 1.3.5-->"D:\Program Files (x86)\RocketDock\unins000.exe"
Skype™ 5.10-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
Sound Blaster X-Fi MB-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\setup.exe" -l0x9 /remove
Splashtop Connect IE-->MsiExec.exe /X{F9F5EF72-18CF-4DCF-A721-EC86B94DAC46}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
System Requirements Lab for Intel-->MsiExec.exe /I{C71067FC-288F-4E0B-88C6-44DFDA8311E2}
TeamSpeak 3 Client-->"C:\Program Files (x86)\TeamSpeak 3 Client\uninstall.exe"
TeamViewer 7-->C:\Program Files (x86)\TeamViewer\Version7\uninstall.exe
The Battle for Middle-earth (tm) II-->D:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\EAUninstall.exe
The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
The Lord of the Rings, The Rise of the Witch-king-->D:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\EAUninstall.exe
Torchlight Editor-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/41520
Torchlight-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/41500
Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
Uniblue DriverScanner-->"D:\Program Files (x86)\Uniblue\DriverScanner\unins000.exe"
Valve Hammer Editor-->D:\PROGRA~2\VALVEH~1\UNWISE.EXE D:\PROGRA~2\VALVEH~1\INSTALL.LOG
Vegas Pro 11.0-->MsiExec.exe /X{E6F012B0-E930-11E0-A67A-F04DA23A5C58}
VIA Platforma Ovladače zařízení-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR 4.20 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe
XFastUsb-->C:\Program Files (x86)\XFastUsb\Uninstall.exe

======System event log======

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Cryptographic Services byl změněn na: stopped
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714051424.262212-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Windows Modules Installer byl změněn na: stopped
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714051424.168612-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Software Protection byl změněn na: stopped
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714051424.059412-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Windows Event Log byl změněn na: stopped
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714051424.012612-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Volume Shadow Copy byl změněn na: stopped
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714051423.934612-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: Stano
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 1244684
Source Name: NVIDIA OpenGL Driver
Time Written: 20121027164006.000000-000
Event Type: Upozornění
User:

Computer Name: Stano
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 1244683
Source Name: NVIDIA OpenGL Driver
Time Written: 20121027164006.000000-000
Event Type: Upozornění
User:

Computer Name: Stano
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 1244682
Source Name: NVIDIA OpenGL Driver
Time Written: 20121027164006.000000-000
Event Type: Upozornění
User:

Computer Name: Stano
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 1244681
Source Name: NVIDIA OpenGL Driver
Time Written: 20121027164006.000000-000
Event Type: Upozornění
User:

Computer Name: Stano
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 1244680
Source Name: NVIDIA OpenGL Driver
Time Written: 20121027164006.000000-000
Event Type: Upozornění
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247E29-32$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120912220200.250000-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247E29-32$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120912220200.250000-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x307eb
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120912220159.046875-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120912220152.718750-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120912220152.390625-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=Intel64 Family 15 Model 4 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0407

-----------------EOF-----------------
ní. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120912220152.718750-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120912220152.390625-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=Intel64 Family 15 Model 4 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0407

-----------------EOF-----------------

#3 Příspěvek od **vyosek** » 31 říj 2012 11:00

Zdravim,

nerespektujete pokyny clenu tymu, nedokoncujete prohlidky, proc bychom meli tento log resit

StanoMalek · #4 Příspěvek od **StanoMalek** » 31 říj 2012 11:11

Za to se omlouvám, byl jsem u strýce. Ten jeho pc má také hodně za sebou a ani se nezobrazilo, že se ten log odesílá a pak jsem musel jet domů. Netušil jsem, že se log odeslal a ani jsem nevěděl, že se něco řešilo s obrázkem v popisku. Okamžitě bych si jej vymazal. Projetí combofixem, na to už jsem byl upozorněn a nadále už jej nedělám bez vaší pomoci. Já respektuji pokyny členů teamu.

prosím o pomoc. Nemůžu ani odeslat mail, se to sekne...

E: ajo. Mounth 1 jsem si to proklikal, a dal jsem 3

#5 Příspěvek od **vyosek** » 31 říj 2012 11:22

Stahnete Farbar Service Scanner http://download.bleepingcomputer.com/farbar/FSS.exe

Ulozte nejlepe na Plochu
U vsech polozek udelejte zatrzitko (tim je oznacite pro skenovani)
Kliknete na Scan
Po dokonceni skenu se objevi log FSS.txt ten sem vlozte

StanoMalek · #6 Příspěvek od **StanoMalek** » 31 říj 2012 12:15

Farbar Service Scanner Version: 27-10-2012
Ran by bbbbbb (administrator) on 31-10-2012 at 12:09:15
Running from "C:\Users\bbbbbb\Desktop"
Microsoft Windows 7 Professional (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-09-15 01:56] - [2011-12-28 04:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-09-15 01:45] - [2012-03-30 12:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-14 01:09] - [2009-07-14 02:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-14 00:36] - [2009-07-14 02:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-10-10 15:00] - [2012-06-02 06:25] - 0182272 ____A (Microsoft Corporation) BAF19B633933A9FB4883D27D66C39E9A

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

#7 Příspěvek od **vyosek** » 31 říj 2012 13:36

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

StanoMalek · #8 Příspěvek od **StanoMalek** » 31 říj 2012 14:11

ComboFix 12-10-31.03 - bbbbbb 31.10.2012 13:48:04.1.2 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2047.997 [GMT 1:00]
Spuštěný z: c:\users\bbbbbb\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\SysWow64\tmpEC82.tmp
c:\windows\SysWow64\tmpEC92.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-28 do 2012-10-31 )))))))))))))))))))))))))))))))
.
.
2012-10-31 13:00 . 2012-10-31 13:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-31 09:26 . 2012-10-31 09:26 -------- d-----w- c:\program files (x86)\trend micro
2012-10-31 09:24 . 2012-10-31 10:13 -------- d-----w- c:\program files\trend micro
2012-10-31 09:24 . 2012-10-31 09:26 -------- d-----w- C:\rsit
2012-10-31 09:20 . 2012-10-31 09:20 -------- d-----w- c:\users\bbbbbb\AppData\Local\ElevatedDiagnostics
2012-10-31 08:43 . 2012-10-31 08:43 19264 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2012-10-31 08:43 . 2012-10-31 08:43 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2012-10-28 23:58 . 2012-10-28 23:58 -------- d-----w- C:\Splashtop
2012-10-28 18:02 . 2012-10-28 18:02 -------- d-----w- c:\users\bbbbbb\AppData\Roaming\BANDISOFT
2012-10-28 18:00 . 2012-10-28 18:00 -------- d-----w- c:\program files (x86)\Bandicam
2012-10-28 18:00 . 2012-10-28 18:00 -------- d-----w- c:\program files (x86)\BandiMPEG1
2012-10-26 10:40 . 2012-10-26 10:40 -------- d-----w- c:\users\bbbbbb\AppData\Local\CrashRpt
2012-10-26 10:39 . 2012-10-26 10:39 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
2012-10-26 10:39 . 2012-10-26 10:41 -------- d-----w- c:\users\bbbbbb\AppData\Local\Procaster
2012-10-26 10:39 . 2012-10-26 10:39 -------- d-----w- c:\program files (x86)\Livestream Procaster
2012-10-23 18:47 . 2012-10-23 18:47 -------- d-----w- c:\programdata\RELOADED
2012-10-21 16:37 . 2012-10-21 16:37 -------- d-----w- c:\programdata\ESTsoft
2012-10-21 16:37 . 2012-10-21 16:37 -------- d-----w- c:\program files (x86)\ESTsoft
2012-10-21 16:37 . 2012-10-21 16:41 -------- d-----w- c:\users\bbbbbb\AppData\Roaming\ESTsoft
2012-10-21 11:38 . 2012-10-21 11:38 18832 ----a-w- c:\windows\system32\drivers\pmkbdfltr.sys
2012-10-21 11:37 . 2012-10-21 11:37 37272 ----a-w- c:\windows\system32\drivers\pmserenum.sys
2012-10-21 11:20 . 2012-10-21 11:20 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-10-21 11:20 . 2012-10-21 11:20 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-10-21 10:55 . 2012-10-21 10:55 -------- d-----w- c:\users\bbbbbb\AppData\Roaming\Uniblue
2012-10-18 05:50 . 2012-10-18 05:50 -------- d-----w- c:\program files\Defraggler
2012-10-17 17:29 . 2012-10-17 17:29 -------- d-----w- c:\windows\SysWow64\spool
2012-10-17 14:49 . 2012-10-17 14:49 -------- d-----w- c:\users\bbbbbb\AppData\Local\Diagnostics
2012-10-17 14:47 . 2012-09-24 21:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-17 06:44 . 2012-10-17 06:47 -------- d-----w- c:\users\bbbbbb\AppData\Roaming\Splashtop
2012-10-10 15:57 . 2012-10-10 15:57 -------- d-----w- c:\users\bbbbbb\AppData\Local\AliensVsPredator
2012-10-10 14:01 . 2012-08-30 18:11 5505904 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-10 14:01 . 2012-08-30 17:18 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-10-10 14:01 . 2012-08-30 17:18 3902832 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-10-10 14:01 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-10-10 14:01 . 2012-08-24 17:10 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-10-10 14:00 . 2012-09-14 19:23 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-10 14:00 . 2012-09-14 18:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-10-10 14:00 . 2012-08-11 00:53 714752 ----a-w- c:\windows\system32\kerberos.dll
2012-10-10 14:00 . 2012-08-10 23:54 541184 ----a-w- c:\windows\SysWow64\kerberos.dll
2012-10-10 14:00 . 2012-06-02 05:25 1462784 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 14:00 . 2012-06-02 05:25 182272 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 14:00 . 2012-06-02 05:25 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 14:00 . 2012-06-02 04:45 139264 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-10 14:00 . 2012-06-02 04:45 1157632 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-10 14:00 . 2012-06-02 04:45 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-10 11:57 . 2012-10-31 09:19 -------- d-----w- c:\users\bbbbbb\AppData\Roaming\Skype
2012-10-10 11:56 . 2012-10-10 11:56 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-10-10 11:56 . 2012-10-10 11:56 -------- d-----r- c:\program files (x86)\Skype
2012-10-10 11:55 . 2012-10-10 11:57 -------- d-----w- c:\programdata\Skype
2012-10-08 14:12 . 2012-10-08 14:19 -------- d-----w- c:\users\bbbbbb\AppData\Roaming\TeamViewer
2012-10-08 14:12 . 2012-10-08 14:12 -------- d-----w- c:\program files (x86)\TeamViewer
2012-10-07 13:59 . 2012-10-07 14:03 -------- d-----w- c:\users\bbbbbb\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
2012-10-07 13:07 . 2012-10-07 13:07 -------- d-----w- c:\windows\SysWow64\Macromed
2012-10-06 07:44 . 2012-10-06 07:44 -------- d-----w- c:\users\bbbbbb\AppData\Local\Skyrim
2012-10-05 15:50 . 2012-10-05 15:50 -------- d-----w- c:\users\bbbbbb\AppData\Local\SKIDROW
2012-10-05 15:06 . 2012-10-05 15:06 -------- d-----w- c:\users\bbbbbb\AppData\Roaming\runic games
2012-10-05 13:28 . 2012-10-13 12:24 -------- d-----w- c:\users\bbbbbb\AppData\Roaming\Mount&Blade Warband
2012-10-05 12:51 . 2012-10-05 15:54 -------- d-----w- c:\users\bbbbbb\AppData\Local\Ubisoft Game Launcher
2012-10-05 12:27 . 2008-05-30 12:19 511496 ----a-w- c:\windows\system32\XAudio2_1.dll
2012-10-05 12:09 . 2012-10-05 12:09 -------- d-----w- c:\users\bbbbbb\AppData\Local\FalloutNV
2012-10-05 12:06 . 2012-10-05 12:06 110744 ----a-w- c:\windows\system32\drivers\L1C62x64.sys
2012-10-05 11:54 . 2012-10-05 15:50 -------- d-----w- c:\users\bbbbbb\AppData\Roaming\NVIDIA
2012-10-05 11:42 . 2012-10-21 11:32 -------- d-----w- c:\programdata\NVIDIA
2012-10-05 11:42 . 2012-10-19 10:20 -------- d-----w- c:\users\UpdatusUser
2012-10-05 11:42 . 2012-10-21 11:27 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2012-10-05 11:41 . 2012-08-30 16:18 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-05 11:41 . 2012-08-30 16:18 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-10-05 11:41 . 2012-08-30 16:18 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-05 11:41 . 2012-08-30 16:18 3266920 ----a-w- c:\windows\system32\nvsvc64.dll
2012-10-05 11:41 . 2012-08-30 16:17 6198120 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-05 11:40 . 2012-10-05 11:40 -------- d-----w- C:\temp
2012-10-05 11:40 . 2012-08-30 19:14 60776 ----a-w- c:\windows\system32\OpenCL.dll
2012-10-05 11:40 . 2012-08-30 19:14 52584 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-10-05 11:40 . 2012-10-05 11:40 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-10-05 11:39 . 2012-07-03 15:25 31080 ----a-w- c:\windows\system32\nvhdap64.dll
2012-10-05 11:39 . 2012-07-03 15:25 189288 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2012-10-05 11:39 . 2012-07-03 07:37 1472360 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2012-10-05 11:39 . 2012-10-21 11:20 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-05 11:39 . 2012-10-21 11:19 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-05 11:39 . 2012-10-21 11:19 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-05 11:39 . 2012-10-21 11:19 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-05 11:39 . 2012-10-21 11:19 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-05 11:39 . 2012-10-21 11:19 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-05 11:38 . 2012-10-05 11:42 -------- d-----w- c:\program files\NVIDIA Corporation
2012-10-05 11:37 . 2012-10-05 11:37 -------- d-----w- C:\NVIDIA
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-19 18:19 . 2012-09-19 18:19 31808 ----a-w- c:\windows\system32\drivers\FNETTBOH_305.SYS
2012-09-16 11:37 . 2012-09-16 11:37 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-09-15 07:55 . 2012-09-15 07:55 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-09-15 07:55 . 2012-09-15 07:55 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-09-15 07:55 . 2012-09-15 07:55 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-09-15 07:55 . 2012-09-15 07:55 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-09-15 07:55 . 2012-09-15 07:55 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-09-15 07:55 . 2012-09-15 07:55 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-09-15 07:55 . 2012-09-15 07:55 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-09-15 07:55 . 2012-09-15 07:55 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-09-15 07:55 . 2012-09-15 07:55 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-09-15 07:55 . 2012-09-15 07:55 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-09-15 07:55 . 2012-09-15 07:55 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-09-15 07:55 . 2012-09-15 07:55 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-09-15 07:55 . 2012-09-15 07:55 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-09-15 07:55 . 2012-09-15 07:55 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-09-15 07:55 . 2012-09-15 07:55 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-09-15 07:55 . 2012-09-15 07:55 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-09-15 07:55 . 2012-09-15 07:55 222208 ----a-w- c:\windows\system32\msls31.dll
2012-09-15 07:55 . 2012-09-15 07:55 197120 ----a-w- c:\windows\system32\msrating.dll
2012-09-15 07:55 . 2012-09-15 07:55 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-09-15 07:55 . 2012-09-15 07:55 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-09-15 07:55 . 2012-09-15 07:55 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-09-15 07:55 . 2012-09-15 07:55 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-09-15 07:55 . 2012-09-15 07:55 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-09-15 07:55 . 2012-09-15 07:55 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-09-15 07:55 . 2012-09-15 07:55 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-09-15 07:55 . 2012-09-15 07:55 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-09-15 07:55 . 2012-09-15 07:55 149504 ----a-w- c:\windows\system32\occache.dll
2012-09-15 07:55 . 2012-09-15 07:55 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-09-15 07:55 . 2012-09-15 07:55 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-09-15 07:55 . 2012-09-15 07:55 12288 ----a-w- c:\windows\system32\mshta.exe
2012-09-15 07:55 . 2012-09-15 07:55 114176 ----a-w- c:\windows\system32\admparse.dll
2012-09-15 07:55 . 2012-09-15 07:55 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-09-15 07:55 . 2012-09-15 07:55 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-09-15 07:55 . 2012-09-15 07:55 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-09-15 07:55 . 2012-09-15 07:55 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-09-15 07:55 . 2012-09-15 07:55 82432 ----a-w- c:\windows\system32\icardie.dll
2012-09-15 07:55 . 2012-09-15 07:55 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-09-15 07:55 . 2012-09-15 07:55 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-09-15 07:55 . 2012-09-15 07:55 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-09-15 07:55 . 2012-09-15 07:55 448512 ----a-w- c:\windows\system32\html.iec
2012-09-15 07:55 . 2012-09-15 07:55 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-09-15 07:55 . 2012-09-15 07:55 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-09-15 07:55 . 2012-09-15 07:55 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-09-15 07:55 . 2012-09-15 07:55 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-09-15 07:55 . 2012-09-15 07:55 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-09-15 07:55 . 2012-09-15 07:55 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-09-15 07:55 . 2012-09-15 07:55 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-09-15 07:55 . 2012-09-15 07:55 160256 ----a-w- c:\windows\system32\wextract.exe
2012-09-15 07:55 . 2012-09-15 07:55 103936 ----a-w- c:\windows\system32\inseng.dll
2012-09-15 07:53 . 2012-09-15 07:53 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-09-15 07:53 . 2012-09-15 07:53 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2012-09-15 07:53 . 2012-09-15 07:53 470016 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-09-15 07:53 . 2012-09-15 07:53 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2012-09-15 07:53 . 2012-09-15 07:53 4068864 ----a-w- c:\windows\system32\mf.dll
2012-09-15 07:53 . 2012-09-15 07:53 3181568 ----a-w- c:\windows\SysWow64\mf.dll
2012-09-15 07:53 . 2012-09-15 07:53 283648 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2012-09-15 07:53 . 2012-09-15 07:53 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-09-15 07:53 . 2012-09-15 07:53 257024 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-09-15 07:53 . 2012-09-15 07:53 229888 ----a-w- c:\windows\system32\XpsRasterService.dll
2012-09-15 07:53 . 2012-09-15 07:53 206848 ----a-w- c:\windows\system32\mfps.dll
2012-09-15 07:53 . 2012-09-15 07:53 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2012-09-15 07:53 . 2012-09-15 07:53 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL
2012-09-15 07:53 . 2012-09-15 07:53 1863680 ----a-w- c:\windows\system32\ExplorerFrame.dll
2012-09-15 07:53 . 2012-09-15 07:53 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2012-09-15 07:53 . 2012-09-15 07:53 1495040 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2012-09-15 07:53 . 2012-09-15 07:53 144384 ----a-w- c:\windows\system32\cdd.dll
2012-09-15 07:53 . 2012-09-15 07:53 135168 ----a-w- c:\windows\SysWow64\XpsRasterService.dll
2012-09-15 07:53 . 2012-09-15 07:53 1133568 ----a-w- c:\windows\system32\FntCache.dll
2012-09-14 20:41 . 2012-09-14 20:42 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-14 20:41 . 2012-09-14 20:42 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-14 19:23 . 2012-09-12 16:59 174200 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-09-12 16:46 . 2012-09-12 16:46 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2012-09-12 16:46 . 2012-09-12 16:46 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-09-12 16:46 . 2012-09-12 16:46 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-09-12 16:41 . 2012-09-12 16:41 15936 ----a-w- c:\windows\system32\drivers\FNETURPX.SYS
2012-08-30 08:40 . 2012-08-30 08:40 429416 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-08-27 23:49 . 2012-09-14 20:48 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{187C01A8-C7C1-4FB3-9EEF-4199F746738B}\mpengine.dll
2012-08-24 11:15 . 2012-09-30 21:01 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-30 21:01 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-30 21:01 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-30 21:01 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-30 21:01 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-30 21:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-30 21:01 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-30 21:01 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-30 21:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-30 21:01 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-30 21:01 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-30 21:01 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-30 21:01 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-30 21:01 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-30 21:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-30 21:01 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-30 21:01 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-30 21:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-30 21:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-30 21:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-30 21:01 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0F3DC9E0-C459-4a40-BCF8-747BD9322E10}"= "c:\program files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll" [2011-01-21 165776]
.
[HKEY_CLASSES_ROOT\clsid\{0f3dc9e0-c459-4a40-bcf8-747bd9322e10}]
[HKEY_CLASSES_ROOT\AddressBarSearch.SearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E8E0178-00EF-413d-9324-E7B3E31572E3}]
[HKEY_CLASSES_ROOT\AddressBarSearch.SearchHook]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-09-14 1353080]
"DAEMON Tools Pro Agent"="d:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-04-26 3111744]
"RocketDock"="d:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2011-02-22 3019376]
"XFastUsb"="c:\program files (x86)\XFastUsb\XFastUsb.exe" [2012-09-12 4942336]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"CTSyncService"="c:\program files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe" [2009-07-08 1233195]
"VolPanel"="c:\program files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" [2009-05-04 241789]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-08-29 1996200]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"STCAgent"="c:\program files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe" [2011-01-21 776064]
"ZyngaGamesAgent"="c:\program files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe" [2010-11-15 841544]
.
c:\users\bbbbbb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
H3 The Shadow of Death(TM).lnk - c:\program files (x86)\3DO\Heroes3\RegisterSOD\Remind32.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 SmartViewService;SmartView service;c:\program files (x86)\DeviceVM\SmartView\SmartViewService.exe [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-09-12 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-09-12 79360]
R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS [2012-09-19 31808]
R3 pmserenum;PenMount Serial Device Enumeration Service;c:\windows\system32\DRIVERS\pmserenum.sys [2012-10-21 37272]
R3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2012-09-12 79360]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-15 1255736]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-10-31 19264]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS [2011-01-27 450680]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [2011-03-15 912504]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys [2010-06-11 15368]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20121005.002\BHDrvx64.sys [2012-10-05 1385632]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-16 283200]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [2012-09-12 15936]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20121027.002\IDSvia64.sys [2012-09-13 513184]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [2011-01-27 171128]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [2011-04-21 386168]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [2011-04-17 130008]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-30 1258856]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
S2 SCBackService;Splashtop Connect Service;c:\program files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2011-02-17 27760]
S2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-03-22 497480]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-09-14 138912]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2012-10-05 110744]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
S3 pmkbdfltr;PenMount Keyboard Device Filter Driver;c:\windows\system32\DRIVERS\pmkbdfltr.sys [2012-10-21 18832]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-02-17 2153072]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-31 c:\windows\Tasks\DriverScanner.job
- d:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2012-10-21 10:51]
.
2012-10-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437575234-2395731410-650709988-1000Core.job
- c:\users\bbbbbb\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 18:58]
.
2012-10-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437575234-2395731410-650709988-1000UA.job
- c:\users\bbbbbb\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 18:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RunDLLEntry"="c:\windows\system32\AmbRunE.dll" [2009-02-26 17920]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 162584]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 386840]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-13 417560]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:splashtopconnect
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 10.0.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-ASRockOCTuner - (no file)
Wow6432Node-HKCU-Run-ASRockIES - (no file)
Wow6432Node-HKCU-Run-zASRockInstantBoot - (no file)
Wow6432Node-HKLM-Run-SmartViewAgent - c:\program files (x86)\DeviceVM\SmartView\SmartViewAgent.exe
AddRemove- Heroes of Might and Magic(TM) III Armageddon's Blade - c:\program files (x86)\3DO\Heroes3\UnBlade.isu
AddRemove-CraftMaster Setup 1.3.1 - c:\users\bbbbbb\AppData\Roaming\.minecraft\Uninstall.exe
AddRemove-Heroes III The Shadow of Death - c:\program files (x86)\3DO\Heroes3\Uninst.isu
AddRemove-{B931FB80-537A-4600-00AD-AC5DEDB6C25B} - d:\program files (x86)\Electronic Arts\The Lord of the Rings
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-10-31 14:10:11
ComboFix-quarantined-files.txt 2012-10-31 13:10
.
Před spuštěním: Volných bajtů: 18 410 266 624
Po spuštění: Volných bajtů: 19 039 055 872
.
- - End Of File - - CC3F3A401E07440A666C010EA86A4F02

#9 Příspěvek od **vyosek** » 01 lis 2012 16:23

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Search
Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

VIRY.CZ

Prosím o kontrolu logu. Net mi blbne. Pc je poamlé

Prosím o kontrolu logu. Net mi blbne. Pc je poamlé

Re: Prosím o kontrolu logu. Net mi blbne. Pc je poamlé

Re: Prosím o kontrolu logu. Net mi blbne. Pc je poamlé

Re: Prosím o kontrolu logu. Net mi blbne. Pc je poamlé

Re: Prosím o kontrolu logu. Net mi blbne. Pc je poamlé

Re: Prosím o kontrolu logu. Net mi blbne. Pc je poamlé

Re: Prosím o kontrolu logu. Net mi blbne. Pc je poamlé

Re: Prosím o kontrolu logu. Net mi blbne. Pc je poamlé

Re: Prosím o kontrolu logu. Net mi blbne. Pc je poamlé