Microsoft windows based script host - wmpnetwk.exe

Zpráva

.adamson. · #1 Příspěvek od **.adamson.** » 28 črc 2013 16:01

Dobrý den, zřejmě vlivem horka se člen mé rodiny přes přísné zákazy odvážil nainstalovat do PC odkudsi staženou verzi Movie makeru pro Windows 7. Po dalším spuštění PC našel ESET potencionální nákazu: C\Users\AppData\Local\Temp\Local\is-RFDAE.tmp\movie-maker-pro-windows-7-cz-sten-ok.tmp. Dále se při spuštění PC objevilo okno služby "Microsoft windows based script host" s hláškou: C\Users\USER a chce potvrdit spuštění. PC nejeví výrazné problémy ale i tak prosím o kontrolu logu a případnou radu. Vkládám log z RSIT.

Logfile of random's system information tool 1.08 (written by random/random)
Run by USER at 2013-07-28 16:39:57
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 233 GB (50%) free of 466 GB
Total RAM: 3958 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:40:00, on 28.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\trend micro\USER.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Session Launcher Service (PelService) - Unknown owner - C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

--
End of file - 8196 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe"
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Tablet\Wacom\WTabletServicePro.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
taskeng.exe {EA87FE90-E9B7-4F84-A9EA-02D3DDFF6A59}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"taskhost.exe"
taskeng.exe {6A522146-4130-44A2-ADE6-21557D5D7DE6}
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe"
"C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.exe" 60
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
rundll32.exe "C:\Program Files\NVIDIA Corporation\nView\nview64.dll",nViewInitialize
rundll32.exe "C:\Program Files\NVIDIA Corporation\nView\nview.dll",nViewInitialize
rundll32.exe "C:\Program Files\NVIDIA Corporation\nView\nview.dll",nViewInitialize
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe"
"C:\Program Files\Tablet\Wacom\WacomHost.exe" "C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Program Files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE"
"C:\Program Files\Lenovo\Lenovo Mouse Suite\Pelmiced.exe"
"C:\Program Files\Lenovo\Lenovo Mouse Suite\PelElvDm.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\00_Viry\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-11-09 8321568]
"Daemon for Mouse Suite"=C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE [2010-07-30 99840]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-11-13 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-11-13 390168]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-11-13 409624]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-11-22 2919168]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-10-10 2041192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"=C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe [2012-03-06 574296]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2009-12-09 111640]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008]
"NtVdmSrv"=C:\Windows\inf\ntvdm.vbe [2013-06-20 1219]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-11-06 268800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2013-07-28 16:24:29 ----D---- C:\rsit
2013-07-28 16:24:29 ----D---- C:\Program Files\trend micro
2013-07-28 16:19:46 ----D---- C:\00_Viry
2013-07-24 10:53:55 ----D---- C:\Program Files\Movie Maker
2013-07-24 10:33:30 ----D---- C:\Program Files (x86)\movie-maker-pro-windows-7-cz-sten-ok
2013-07-09 21:01:50 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-09 21:01:50 ----A---- C:\Windows\system32\ieui.dll
2013-07-09 21:01:49 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-09 21:01:49 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-09 21:01:49 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-09 21:01:49 ----A---- C:\Windows\system32\iesetup.dll
2013-07-09 21:01:49 ----A---- C:\Windows\system32\iernonce.dll
2013-07-09 21:01:49 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-09 21:01:48 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-09 21:01:48 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-09 21:01:48 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-09 21:01:48 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-09 21:01:48 ----A---- C:\Windows\system32\iertutil.dll
2013-07-09 21:01:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-09 21:01:47 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-09 21:01:47 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-09 21:01:47 ----A---- C:\Windows\system32\jscript.dll
2013-07-09 21:01:46 ----A---- C:\Windows\system32\jscript9.dll
2013-07-09 21:01:45 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-09 21:01:44 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-09 21:01:44 ----A---- C:\Windows\system32\urlmon.dll
2013-07-09 21:01:43 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-09 21:01:43 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-09 21:01:42 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-09 21:01:42 ----A---- C:\Windows\system32\wininet.dll
2013-07-09 21:01:40 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-09 21:01:38 ----A---- C:\Windows\system32\ieframe.dll
2013-07-09 21:01:37 ----A---- C:\Windows\system32\mshtml.dll
2013-07-09 21:01:33 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-09 20:55:15 ----A---- C:\Windows\system32\win32k.sys
2013-07-09 20:55:00 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-09 20:54:59 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-09 20:54:59 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-09 20:54:59 ----A---- C:\Windows\system32\qedit.dll
2013-07-09 20:54:56 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-09 20:54:56 ----A---- C:\Windows\system32\DWrite.dll
2013-07-03 12:46:56 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 months======

2013-07-28 16:39:58 ----D---- C:\Windows\Temp
2013-07-28 16:38:41 ----D---- C:\Windows\system32\config
2013-07-28 16:38:11 ----A---- C:\Windows\SYSWOW64\log.txt
2013-07-28 16:38:01 ----D---- C:\ProgramData\NVIDIA
2013-07-28 16:24:29 ----RD---- C:\Program Files
2013-07-26 21:29:24 ----D---- C:\Windows\System32
2013-07-26 21:29:24 ----D---- C:\Windows\inf
2013-07-26 21:29:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-25 22:59:24 ----D---- C:\Windows
2013-07-25 21:03:54 ----D---- C:\00_Ftp
2013-07-25 20:13:42 ----D---- C:\Windows\debug
2013-07-25 20:05:33 ----SHD---- C:\Boot
2013-07-25 19:49:06 ----D---- C:\Install
2013-07-24 14:00:33 ----D---- C:\Windows\LiveKernelReports
2013-07-24 12:59:07 ----D---- C:\Windows\Prefetch
2013-07-24 10:54:31 ----D---- C:\Users\USER\AppData\Roaming\NVIDIA
2013-07-24 10:34:53 ----SHD---- C:\System Volume Information
2013-07-24 10:33:30 ----RD---- C:\Program Files (x86)
2013-07-22 15:14:53 ----D---- C:\Windows\system32\catroot2
2013-07-14 22:18:14 ----D---- C:\Users\USER\AppData\Roaming\SoftGrid Client
2013-07-14 11:23:04 ----SHD---- C:\Windows\Installer
2013-07-10 21:15:14 ----RSD---- C:\Windows\assembly
2013-07-10 21:15:14 ----D---- C:\Windows\Microsoft.NET
2013-07-09 21:13:16 ----D---- C:\Windows\winsxs
2013-07-09 21:11:51 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-09 21:11:50 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-07-09 21:07:17 ----D---- C:\Windows\SysWOW64
2013-07-09 21:07:17 ----D---- C:\Program Files\Windows Defender
2013-07-09 21:07:17 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-09 21:07:17 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-09 21:07:16 ----D---- C:\Program Files\Windows Journal
2013-07-09 21:07:16 ----D---- C:\Program Files\Internet Explorer
2013-07-09 21:03:00 ----A---- C:\Windows\system32\MRT.exe
2013-07-09 21:02:03 ----D---- C:\Windows\system32\catroot
2013-07-03 20:39:22 ----SD---- C:\Users\USER\AppData\Roaming\Microsoft
2013-07-03 20:18:02 ----D---- C:\Users\USER\AppData\Roaming\XnView
2013-07-03 19:34:19 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2011-11-21 141264]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2011-11-21 171152]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2011-11-21 125296]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2009-09-23 283824]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-11-09 2024992]
R3 pelmouse;Mouse Suite Driver; C:\Windows\system32\DRIVERS\pelmouse.sys [2009-11-03 23040]
R3 pelusblf;USB Mouse Low Filter Driver; C:\Windows\system32\DRIVERS\pelusblf.sys [2010-05-04 32256]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2009-07-02 40512]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-12-15 232992]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2009-09-24 41536]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2009-11-06 154112]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2011-07-11 20336]
S3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2012-10-12 13728]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-11-06 7773856]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2009-10-30 244736]
S3 netr7364;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr7364.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-06 19456]
S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2011-03-23 33184]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 ta2avs;Traktor Audio 2 WDM Audio; C:\Windows\System32\Drivers\ta2avs.sys [2011-07-07 357968]
S3 ta2usb_svc;Traktor Audio 2; C:\Windows\System32\Drivers\ta2usb.sys [2011-07-07 80464]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-12-06 57856]
S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2011-03-23 21328]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WacHidRouter;Wacom Hid Router; C:\Windows\system32\DRIVERS\wachidrouter.sys [2012-10-12 81312]
S3 wacomrouterfilter;Wacom Router Filter Driver; C:\Windows\system32\DRIVERS\wacomrouterfilter.sys [2012-10-12 15776]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-03-14 913752]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-11-22 814264]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-12-08 268824]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service; C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-05-14 4901888]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 891240]
R2 PelService;Session Launcher Service; C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe [2010-04-22 177152]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
R2 WTabletServicePro;Wacom Professional Service; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2012-10-29 613760]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-08 116648]
S2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
S2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2009-08-28 1019904]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-13 256904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-11-22 42360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-08 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-07-03 117144]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TVT Backup Service;TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [2010-07-29 1475896]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-19 1255736]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 28 črc 2013 16:08

Zdravim

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Predpokladam, ze ten ESET jak ma byt = zakoupena licence

.adamson. · #3 Příspěvek od **.adamson.** » 28 črc 2013 16:23

Windows, ESET a veškeré placené programy jsou zakoupené. Data v tomto PC mají pro mne nesrovnatelně vyšší hodnotu než co stály. K ničení PC mají moji drazí své vyhrazené kompy. Ještě jednou díky, vkládám info log a přidávám obrázek s hláškou.
info.txt logfile of random's system information tool 1.08 2013-07-28 16:32:25

======Uninstall list======

-->C:\ProgramData\{7707EA53-E29B-48FC-B28B-C8EE171EA0EB}\Traktor 2 Setup PC.exe
-->C:\ProgramData\{7E628211-2743-4D01-B609-258293529A1B}\Traktor Audio 2 Driver Setup PC.exe
-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{B7B3E9B3-FB14-4927-894B-E9124509AF5A}
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CS5-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Reader 9.5.2 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A95000000001}
Advanced SystemCare 5-->"C:\Program Files (x86)\IObit\Advanced SystemCare 5\unins000.exe"
AnyDATA 635 WH 1.4.0.0-->C:\Program Files\anydata\AnyDATA ADU 635 WH\uninstall.exe
Asistent pro přihlášení ke službě Windows Live-->MsiExec.exe /I{3E62B27C-342F-4B44-9331-CA4BC59A586F}
Balíček ovladače systému Windows - AnyDATA.NET (adusbser) Modem (07/08/2009 2.0.6.7)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\DPInst64.exe /u C:\Windows\System32\DriverStore\FileRepository\admdm.inf_amd64_neutral_de6e6b6319257a79\admdm.inf
Balíček ovladače systému Windows - AnyDATA.NET (adusbser) Ports (07/08/2009 2.0.6.7)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\DPInst64.exe /u C:\Windows\System32\DriverStore\FileRepository\adser.inf_amd64_neutral_d08171e22bbb82ce\adser.inf
Create Recovery Media-->MsiExec.exe /X{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}
Google Earth Plug-in-->MsiExec.exe /X{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Graphics Media Accelerator Driver-->C:\Program Files (x86)\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Network Connections Drivers-->Prounstl.exe
InterVideo WinDVD 8-->"C:\Program Files (x86)\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe" -runfromtemp -l0x0409
InterVideo WinDVD 8-->"C:\Program Files (x86)\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe" -runfromtemp -l0x0409 -removeonly
IObit Malware Fighter-->"C:\Program Files (x86)\IObit\IObit Malware Fighter\unins000.exe"
jetAudio 6.2.x Czech Language Pack-->C:\Program Files (x86)\JetAudio\Uninstall_CSY_LPack.exe
jetAudio-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}\setup.exe" -l0x9 -removeonly
Lenovo Mouse Suite-->C:\Program Files\Lenovo\Lenovo Mouse Suite\PMUninst.exe MouseSuite98
Lenovo ThinkVantage Toolbox-->C:\Program Files\PC-Doctor\uninst.exe
Lenovo Welcome-->"C:\Program Files (x86)\Lenovo\Lenovo Welcome\unins000.exe"
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
Microsoft Office Klikni a spusť 2010-->"C:\PROGRA~2\COMMON~1\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall
Microsoft Office Klikni a spusť 2010-->MsiExec.exe /I{90140000-006D-0405-1000-0000000FF1CE}
Microsoft Office Starter 2010 - čeština-->C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe /uninstall {90140011-0066-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
movie-maker-pro-windows-7-cz-sten-ok version for Windows-->"C:\Program Files (x86)\movie-maker-pro-windows-7-cz-sten-ok\unins000.exe"
Mozilla Firefox 22.0 (x86 cs)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nástroj pro odesílání služby Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Native Instruments Traktor 2-->"C:\ProgramData\{7707EA53-E29B-48FC-B28B-C8EE171EA0EB}\Traktor 2 Setup PC.exe" REMOVE=TRUE MODIFY=FALSE
Native Instruments Traktor Audio 2 Driver-->"C:\ProgramData\{7E628211-2743-4D01-B609-258293529A1B}\Traktor Audio 2 Driver Setup PC.exe" REMOVE=TRUE MODIFY=FALSE
NVIDIA nView 136.53-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.NView
NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
NVIDIA Ovladač 3D Vision 306.97-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladače grafiky 306.97-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Performance Drivers-->MsiExec.exe /I{4C0A8D65-4286-4B58-87FE-18AD24289285}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -removeonly
Rescue and Recovery-->MsiExec.exe /X{B383F243-0ABC-4E56-AA30-923B8D85076E}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E7F6B64E-E11F-3D1C-868D-3F1443DA5A15} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {08BB8EA1-3BA7-3AD5-8A07-22A5EC1F704E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {880A0A36-244B-3C7A-8D6B-56E694CE7883} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Smart Defrag 2-->"C:\Program Files (x86)\IObit\Smart Defrag 2\unins000.exe"
TP-LINK Wireless Client Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}\setup.exe" -runfromtemp -l0x0009 -removeonly
Ulož.to File Manager verze 1.5-->"C:\Program Files (x86)\Uložto File Manager\unins000.exe"
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8C286FD4-AB38-37A6-BC8A-6F16AFE9AB1F} /parameterfolder Client
Wacom Tablet-->C:\Program Files\Tablet\Wacom\32\Remove.exe /u
WebTablet FB Plugin 32 bit-->"C:\Program Files (x86)\TabletPlugins\fbWTPUninstall.exe"
WebTablet FB Plugin 64 bit-->"C:\Program Files\TabletPlugins\fbWTPUninstall.exe"
Windows Driver Package - Intel (e1kexpress) Net (09/23/2009 11.2.19.0)-->C:\PROGRA~1\DIFX\8730326CFC0D32D8\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\e1k62x64.inf_amd64_neutral_f3b784b36cda18df\e1k62x64.inf
Windows Driver Package - Intel (HECIx64) System (09/17/2009 6.0.0.1179)-->C:\PROGRA~1\DIFX\8730326CFC0D32D8\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\heci.inf_amd64_neutral_5357ab4065c59b94\heci.inf
Windows Driver Package - Intel (Serial) Ports (09/17/2009 6.0.0.1179)-->C:\PROGRA~1\DIFX\8730326CFC0D32D8\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\mesrle.inf_amd64_neutral_ddebe2d4cb86db95\mesrle.inf
Windows Driver Package - Intel Corporation (igfx) Display (11/06/2009 8.15.10.1995)-->C:\PROGRA~1\DIFX\8730326CFC0D32D8\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_9f254552bd3a0155\igdlh64.inf
Windows Driver Package - Intel hdc (06/04/2009 7.0.0.1013)-->C:\PROGRA~1\DIFX\8730326CFC0D32D8\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\ibexahci.inf_amd64_neutral_6f34ba52659bc3bc\ibexahci.inf
Windows Driver Package - Intel System (06/04/2009 1.0.0.0002)-->C:\PROGRA~1\DIFX\8730326CFC0D32D8\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\ibexsmb.inf_amd64_neutral_5a95aa2fb35a2451\ibexsmb.inf
Windows Driver Package - Intel System (06/04/2009 9.1.1.1013)-->C:\PROGRA~1\DIFX\8730326CFC0D32D8\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\ibexcore.inf_amd64_neutral_58145f8dbdfb80a1\ibexcore.inf
Windows Driver Package - Intel System (06/04/2009 9.1.1.1013)-->C:\PROGRA~1\DIFX\8730326CFC0D32D8\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\intelcp2.inf_amd64_neutral_ffed6debd13ddf97\intelcp2.inf
Windows Driver Package - Intel USB (08/20/2009 9.1.1.1020)-->C:\PROGRA~1\DIFX\8730326CFC0D32D8\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\ibexusb.inf_amd64_neutral_48b6f41914370c44\ibexusb.inf
Windows Driver Package - Realtek (RSUSBSTOR) USB (11/25/2009 6.1.7600.30110)-->C:\PROGRA~1\DIFX\8730326CFC0D32D8\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\rtsustor.inf_amd64_neutral_2d40862288546786\rtsustor.inf
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (11/09/2009 6.0.1.5977)-->C:\PROGRA~1\DIFX\8730326CFC0D32D8\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\hdxlc.inf_amd64_neutral_db12e33eb526299f\hdxlc.inf
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (11/09/2009 6.0.1.5977)-->C:\PROGRA~1\DIFX\8730326CFC0D32D8\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\hdxrt.inf_amd64_neutral_437c2545e973123f\hdxrt.inf
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}
Windows Movie Maker-->C:\Program Files\Movie Maker\uninst.exe
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
XnView 1.97.8-->"C:\Program Files (x86)\XnView\unins000.exe"

======Hosts File======

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com

======System event log======

Computer Name: USER-THINK
Event Code: 7036
Message: Stav služby Vzdálené volání procedur (RPC) byl změněn na: Spuštěno
Record Number: 163489
Source Name: Service Control Manager
Time Written: 20121220185050.842435-000
Event Type: Informace
User:

Computer Name: USER-THINK
Event Code: 7036
Message: Stav služby Mapovač koncových bodů protokolu RPC byl změněn na: Spuštěno
Record Number: 163488
Source Name: Service Control Manager
Time Written: 20121220185050.826835-000
Event Type: Informace
User:

Computer Name: USER-THINK
Event Code: 7036
Message: Stav služby Spouštěč procesů serveru DCOM byl změněn na: Spuštěno
Record Number: 163487
Source Name: Service Control Manager
Time Written: 20121220185050.826835-000
Event Type: Informace
User:

Computer Name: USER-THINK
Event Code: 7036
Message: Stav služby NVIDIA Stereoscopic 3D Driver Service byl změněn na: Spuštěno
Record Number: 163486
Source Name: Service Control Manager
Time Written: 20121220185050.811235-000
Event Type:

#4 Příspěvek od **vyosek** » 28 črc 2013 16:26

veškeré placené programy jsou zakoupené.

I treba Adobe Photoshop?? Pak tedy nechapu, proc mate zakazane pripojeni na servery, ktere slouzi k overovani pravosti produktu adobe

.adamson. · #5 Příspěvek od **.adamson.** » 28 črc 2013 16:45

No dobře...vyhrál jste...jsem chudý grafik který si nevydělá na na každoroční upgrade krabicové CS3 kterou opravdu mám.

#6 Příspěvek od **vyosek** » 28 črc 2013 16:51

Tak tu ze me nedeljte medvidky

Poprosim o spusteni nasledujiciho

Aplikace ke stažení:

Po stažení je nutné na systémech Vista, W7 a W8 spustit utilitu jako Správce - kliknutí pravým tlačítkem myši na ikonu a zvolení možnosti Spustit jako správce či Run As Administrator

Následně dojde ke stažení FRST a inicializaci

Po spuštění FRST odsouhlasíme licenční podmínky kliknutím na Ano.
Dooznačíme položku Addition.txt - viz obrázek.
Klikneme na tlačítko Scan čímž spustíme skenování.
Počkáme na dokončení skenování FRST a vytvoření doplňkových informací naší nástavbou.
Otevře se nám textový soubor FRST.txt, což je požadovaný log a jehož obsah vložíme do svého tématu na fóru.
Po uzavření logu se FRSTLauncher.exe ukončí a na ploše nám zbyde utilta FRST a dva logy FRST.txt a Addition.txt - nic z toho zatím nemažeme.

.adamson. · #7 Příspěvek od **.adamson.** » 28 črc 2013 17:03

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-07-2013
Ran by USER (administrator) on 28-07-2013 18:01:58
Running from C:\Users\USER\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
() C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Primax Electronics Ltd.) C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
() C:\Program Files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE
(Primax Electronics Ltd.) C:\Program Files\Lenovo\Lenovo Mouse Suite\Pelmiced.exe
() C:\Program Files\Lenovo\Lenovo Mouse Suite\PelElvDm.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Viry.cz/forum) C:\Users\USER\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8321568 2009-11-09] (Realtek Semiconductor)
HKLM\...\Run: [Daemon for Mouse Suite] - C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE [99840 2010-07-30] (Primax Electronics Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [2919168 2011-11-22] (ESET)
HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2041192 2012-10-10] ()
HKCU\...\Run: [Advanced SystemCare 5] - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe [574296 2012-03-06] (IObit)
MountPoints2: {3d208d2c-e05d-11df-b75b-806e6f6e6963} - Q:\LenovoQDrive.exe
MountPoints2: {c82da7a8-8f47-11e0-aabc-70f395010222} - F:\unlock.exe autoplay=true
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2009-12-09] ()
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NtVdmSrv] - C:\Windows\inf\ntvdm.vbe [1219 2013-06-20] ()
HKU\Default\...\RunOnce: [] - [x]
HKU\Default\...\RunOnce: [Lenovoautoqdrive] - C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe [159744 2009-03-24] ()
HKU\Default User\...\RunOnce: [] - [x]
HKU\Default User\...\RunOnce: [Lenovoautoqdrive] - C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe [159744 2009-03-24] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkcentre
SearchScopes: HKLM - DefaultScope {6FBD402F-D4EE-4352-B491-EDCB4E76877D} URL = http://www.bing.com/search?q={searchTer ... -SearchBox;
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {07CED494-B400-47C3-ABB1-9318B94CC7DE} URL = http://www.bing.com/search?q={searchTer ... -SearchBox;
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {6FBD402F-D4EE-4352-B491-EDCB4E76877D} URL =
SearchScopes: HKCU - {07CED494-B400-47C3-ABB1-9318B94CC7DE} URL =
SearchScopes: HKCU - {6FBD402F-D4EE-4352-B491-EDCB4E76877D} URL =
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\p4swt4r2.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: No Name - C:\Users\USER\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://www.google.cz/
CHR RestoreOnStartup: "hxxp://www.google.cz/", "hxxp://www.google.cz/"
CHR DefaultSearchURL: (Google) - http://www.google.com/search?q={searchT ... utf-8&aq=t
CHR DefaultSuggestURL: (Google) - http://suggestqueries.google.com/comple ... earchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (Web Developer) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm\0.4.3_0
CHR Extension: (YouTube) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (History Eraser App) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjolhjmdgbhebcdnfjhngobjggghoipa\3.9.3_0
CHR Extension: (Click&Clean App) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0
CHR Extension: (Gmail) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

==================== Services (Whitelisted) =================

R2 AdvancedSystemCareService5; C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [913752 2012-03-14] (IObit)
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [42360 2011-11-22] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [814264 2011-11-22] (ESET)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [820568 2011-07-20] (IObit)
R2 NVIDIA Performance Driver Service; C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [4901888 2009-05-14] ()
R2 PelService; C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe [177152 2010-04-22] ()
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1019904 2009-08-28] (Lenovo Group Limited)
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1475896 2010-07-29] (Lenovo Group Limited)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [613760 2012-10-29] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

S3 adusbser; C:\Windows\System32\DRIVERS\adusbser.sys [154112 2009-11-06] (AnyDATA.NET INC.)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [171152 2011-11-21] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2011-11-21] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [125296 2011-11-21] (ESET)
S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [20336 2011-07-11] ()
S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [20336 2011-07-11] ()
R3 pelmouse; C:\Windows\System32\DRIVERS\pelmouse.sys [23040 2009-11-03] (TPMX Electronics Ltd.)
R3 pelusblf; C:\Windows\System32\DRIVERS\pelusblf.sys [32256 2010-05-04] (TPMX Electronics Ltd.)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [33184 2011-03-23] (IObit.com)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [33184 2011-03-23] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2010-11-26] ()
S3 ta2avs; C:\Windows\System32\Drivers\ta2avs.sys [357968 2011-07-07] (Native Instruments GmbH)
S3 ta2usb_svc; C:\Windows\System32\Drivers\ta2usb.sys [80464 2011-07-07] (Native Instruments GmbH)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [21328 2011-03-23] (IObit.com)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [21328 2011-03-23] (IObit.com)
S3 netr7364; system32\DRIVERS\netr7364.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-07-28 18:01 - 2013-07-28 18:01 - 00154232 _____ (Noël Danjou) C:\Users\USER\AppData\Local\download.exe
2013-07-28 18:01 - 2013-07-28 18:01 - 00001645 ___HT C:\Users\USER\Desktop\3608CPPF.bat
2013-07-28 18:01 - 2013-07-28 18:01 - 00000000 ____D C:\Users\USER\Desktop\logy_01
2013-07-28 18:01 - 2013-07-28 12:10 - 01780547 _____ (Farbar) C:\Users\USER\Desktop\FRST64.exe
2013-07-28 18:01 - 2013-07-26 08:41 - 00002627 _____ C:\Users\USER\Desktop\logmodification.bat
2013-07-28 17:57 - 2013-07-28 17:57 - 00000000 ____D C:\FRST
2013-07-28 17:56 - 2013-07-28 17:56 - 00363520 _____ (Viry.cz/forum) C:\Users\USER\Downloads\FRSTLauncher(1).exe
2013-07-28 17:55 - 2013-07-28 17:55 - 00363520 _____ (Viry.cz/forum) C:\Users\USER\Desktop\FRSTLauncher.exe
2013-07-28 17:12 - 2013-07-28 17:12 - 00000489 _____ C:\Users\USER\Desktop\Nástroje pro správu.lnk
2013-07-28 16:39 - 2013-07-28 16:39 - 00000695 _____ C:\Users\USER\Desktop\00_Viry – zástupce.lnk
2013-07-28 16:24 - 2013-07-28 16:39 - 00000000 ____D C:\Program Files\trend micro
2013-07-28 16:24 - 2013-07-28 16:35 - 00000000 ____D C:\rsit
2013-07-28 16:19 - 2013-07-28 17:12 - 00000000 ____D C:\00_Viry
2013-07-26 20:15 - 2013-07-26 20:15 - 03953225 _____ C:\Users\USER\Downloads\cartoon_handpainted_background_05_vector_181289.zip
2013-07-25 22:59 - 2013-07-28 16:38 - 00000336 _____ C:\Windows\setupact.log
2013-07-25 22:59 - 2013-07-25 22:59 - 00000000 _____ C:\Windows\setuperr.log
2013-07-25 22:00 - 2013-07-25 22:00 - 00001827 _____ C:\Users\USER\Desktop\BYT_PEC – zástupce.lnk
2013-07-25 20:03 - 2013-07-25 20:03 - 62402560 _____ C:\Windows\system32\config\SOFTWARE.iobit
2013-07-25 20:03 - 2013-07-25 20:03 - 38678528 _____ C:\Windows\system32\config\COMPONENTS.iobit
2013-07-25 20:03 - 2013-07-25 20:03 - 21094400 _____ C:\Windows\system32\config\SYSTEM.iobit
2013-07-25 20:03 - 2013-07-25 20:03 - 00765952 _____ C:\Windows\system32\config\DEFAULT.iobit
2013-07-25 20:03 - 2013-07-25 20:03 - 00028672 _____ C:\Windows\system32\config\SAM.iobit
2013-07-25 20:03 - 2013-07-25 20:03 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2013-07-24 12:57 - 2013-07-24 12:57 - 00000814 _____ C:\Users\USER\Desktop\M video.lnk
2013-07-24 10:54 - 2013-07-24 10:54 - 00000995 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk
2013-07-24 10:54 - 2013-07-24 10:54 - 00000000 _____ C:\Users\USER\regbcm
2013-07-24 10:53 - 2013-07-24 10:55 - 00000000 ____D C:\Program Files\Movie Maker
2013-07-24 10:33 - 2013-07-24 10:33 - 00000000 ____D C:\Program Files (x86)\movie-maker-pro-windows-7-cz-sten-ok
2013-07-11 13:27 - 2013-07-11 13:28 - 00000000 ____D C:\Users\USER\Downloads\Ana
2013-07-09 21:01 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-09 21:01 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-09 21:01 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-09 21:01 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-09 21:01 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-09 21:01 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-09 21:01 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-09 21:01 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-09 21:01 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-09 21:01 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-09 21:01 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-09 21:01 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-09 21:01 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-09 21:01 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-09 21:01 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-09 21:01 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-09 21:01 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-09 21:01 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-09 21:01 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-09 21:01 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-09 21:01 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-09 21:01 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-09 21:01 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-09 21:01 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-09 21:01 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-09 21:01 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-09 21:01 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-09 21:01 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-09 21:01 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-09 21:01 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-09 21:01 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-09 20:55 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-09 20:55 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-09 20:54 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-09 20:54 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-09 20:54 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-09 20:54 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-09 20:54 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-03 20:38 - 2013-07-03 20:40 - 00000132 _____ C:\Users\USER\AppData\Roaming\Adobe GIF Format CS5 Prefs
2013-07-03 17:36 - 2013-07-14 18:14 - 00001153 _____ C:\Users\USER\Desktop\00-- – zástupce.lnk
2013-07-03 12:46 - 2013-07-03 12:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 20:11 - 2013-07-02 20:11 - 00000000 ____D C:\Users\USER\Documents\FIRST BIKE

==================== One Month Modified Files and Folders =======

2013-07-28 18:01 - 2013-07-28 18:01 - 00154232 _____ (Noël Danjou) C:\Users\USER\AppData\Local\download.exe
2013-07-28 18:01 - 2013-07-28 18:01 - 00001645 ___HT C:\Users\USER\Desktop\3608CPPF.bat
2013-07-28 18:01 - 2013-07-28 18:01 - 00000000 ____D C:\Users\USER\Desktop\logy_01
2013-07-28 18:01 - 2012-11-20 22:48 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-28 17:57 - 2013-07-28 17:57 - 00000000 ____D C:\FRST
2013-07-28 17:56 - 2013-07-28 17:56 - 00363520 _____ (Viry.cz/forum) C:\Users\USER\Downloads\FRSTLauncher(1).exe
2013-07-28 17:55 - 2013-07-28 17:55 - 00363520 _____ (Viry.cz/forum) C:\Users\USER\Desktop\FRSTLauncher.exe
2013-07-28 17:23 - 2012-10-08 01:43 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-28 17:22 - 2013-01-21 23:42 - 00000132 _____ C:\Users\USER\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-07-28 17:12 - 2013-07-28 17:12 - 00000489 _____ C:\Users\USER\Desktop\Nástroje pro správu.lnk
2013-07-28 17:12 - 2013-07-28 16:19 - 00000000 ____D C:\00_Viry
2013-07-28 17:12 - 2010-10-25 19:31 - 01116088 _____ C:\Windows\WindowsUpdate.log
2013-07-28 17:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Registration
2013-07-28 17:07 - 2010-10-25 20:19 - 00631728 _____ C:\Windows\system32\perfh005.dat
2013-07-28 17:07 - 2010-10-25 20:19 - 00122124 _____ C:\Windows\system32\perfc005.dat
2013-07-28 17:07 - 2009-07-14 07:13 - 01471850 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-28 16:45 - 2009-07-14 06:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-28 16:45 - 2009-07-14 06:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-28 16:39 - 2013-07-28 16:39 - 00000695 _____ C:\Users\USER\Desktop\00_Viry – zástupce.lnk
2013-07-28 16:39 - 2013-07-28 16:24 - 00000000 ____D C:\Program Files\trend micro
2013-07-28 16:38 - 2013-07-25 22:59 - 00000336 _____ C:\Windows\setupact.log
2013-07-28 16:38 - 2012-10-08 01:43 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-28 16:38 - 2010-11-19 17:09 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-28 16:38 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-28 16:35 - 2013-07-28 16:24 - 00000000 ____D C:\rsit
2013-07-28 12:10 - 2013-07-28 18:01 - 01780547 _____ (Farbar) C:\Users\USER\Desktop\FRST64.exe
2013-07-26 21:00 - 2010-10-25 19:43 - 00000340 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2013-07-26 19:44 - 2011-01-02 22:30 - 00000000 ___RD C:\Users\USER\Desktop\TOOLS
2013-07-26 08:41 - 2013-07-28 18:01 - 00002627 _____ C:\Users\USER\Desktop\logmodification.bat
2013-07-25 22:59 - 2013-07-25 22:59 - 00000000 _____ C:\Windows\setuperr.log
2013-07-25 22:04 - 2012-08-05 14:08 - 00007659 _____ C:\Users\USER\AppData\Local\Resmon.ResmonCfg
2013-07-25 22:01 - 2013-06-15 11:10 - 00000000 ____D C:\Users\USER\Documents\BYT_PEC
2013-07-25 22:00 - 2013-07-25 22:00 - 00001827 _____ C:\Users\USER\Desktop\BYT_PEC – zástupce.lnk
2013-07-25 21:03 - 2011-02-12 16:15 - 00000000 ____D C:\00_Ftp
2013-07-25 20:03 - 2013-07-25 20:03 - 62402560 _____ C:\Windows\system32\config\SOFTWARE.iobit
2013-07-25 20:03 - 2013-07-25 20:03 - 38678528 _____ C:\Windows\system32\config\COMPONENTS.iobit
2013-07-25 20:03 - 2013-07-25 20:03 - 21094400 _____ C:\Windows\system32\config\SYSTEM.iobit
2013-07-25 20:03 - 2013-07-25 20:03 - 00765952 _____ C:\Windows\system32\config\DEFAULT.iobit
2013-07-25 20:03 - 2013-07-25 20:03 - 00028672 _____ C:\Windows\system32\config\SAM.iobit
2013-07-25 20:03 - 2013-07-25 20:03 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2013-07-25 19:49 - 2010-12-07 20:59 - 00000000 ____D C:\Install
2013-07-24 14:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-07-24 12:57 - 2013-07-24 12:57 - 00000814 _____ C:\Users\USER\Desktop\M video.lnk
2013-07-24 10:55 - 2013-07-24 10:53 - 00000000 ____D C:\Program Files\Movie Maker
2013-07-24 10:54 - 2013-07-24 10:54 - 00000995 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk
2013-07-24 10:54 - 2013-07-24 10:54 - 00000000 _____ C:\Users\USER\regbcm
2013-07-24 10:54 - 2012-11-15 21:26 - 00000000 ____D C:\Users\USER\AppData\Roaming\NVIDIA
2013-07-24 10:54 - 2010-11-19 17:08 - 00000000 ____D C:\Users\USER\AppData\Local\VirtualStore
2013-07-24 10:33 - 2013-07-24 10:33 - 00000000 ____D C:\Program Files (x86)\movie-maker-pro-windows-7-cz-sten-ok
2013-07-14 22:18 - 2012-02-24 23:42 - 00000000 ____D C:\Users\USER\AppData\Roaming\SoftGrid Client
2013-07-14 11:18 - 2012-10-08 01:43 - 00003944 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-14 11:18 - 2012-10-08 01:43 - 00003692 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-11 18:47 - 2013-05-05 13:32 - 00001480 _____ C:\Users\USER\AppData\Local\Adobe Uložit pro web 11.0 Prefs
2013-07-11 13:28 - 2013-07-11 13:27 - 00000000 ____D C:\Users\USER\Downloads\Ana
2013-07-09 21:12 - 2009-07-14 06:45 - 04854464 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-09 21:11 - 2012-05-18 18:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-09 21:11 - 2012-05-18 18:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-09 21:07 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-09 21:07 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-09 21:07 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-09 21:03 - 2010-11-19 17:47 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-06 12:01 - 2009-07-14 07:08 - 00032546 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-03 20:40 - 2013-07-03 20:38 - 00000132 _____ C:\Users\USER\AppData\Roaming\Adobe GIF Format CS5 Prefs
2013-07-03 20:39 - 2009-07-14 09:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-07-03 20:18 - 2011-08-08 18:27 - 00000000 ____D C:\Users\USER\AppData\Roaming\XnView
2013-07-03 19:34 - 2012-05-04 17:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-03 12:47 - 2013-07-03 12:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-07-24 10:53

==================== Scheduled Tasks (whitelisted) =============

Task: {07AF19AD-564C-4E14-B486-39D3C4027E2B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-08] (Google Inc.)
Task: {2DC93F00-6345-45CB-BC95-8322B4A52F05} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\pcdr5cuiw32.exe [2010-01-28] (PC-Doctor, Inc.)
Task: {331316AE-20D8-4A8E-B709-F82FF7F751BC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-08] (Google Inc.)
Task: {3957FA30-3FDF-49A3-B669-4F6B1AA9B7B1} - System32\Tasks\{3A36E754-0053-4544-A41C-49753DA21B0F} => C:\Program Files\Czech\Easy Wireless Net\Main.exe No File
Task: {48D979D9-11B0-4E39-808D-AAAFBDDB8747} - System32\Tasks\AdobeAAMUpdater-1.0-USER-THINK-USER => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {5E2CD866-FF50-4420-86F5-B72FA9054C6E} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe No File
Task: {74F5475A-A71C-4E07-91C5-3A53D3BDD0F4} - System32\Tasks\TVT\LaunchRnR => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe [2009-08-28] (Lenovo Limited Group Corporation)
Task: {8684D395-A8A1-4EDA-B4BD-153170BA4253} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {8A4510EC-D118-40C4-BEFB-2BB3906015A0} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe No File
Task: {CB0F65AA-8E10-4991-B3BD-B8ED2182F904} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {CBEF0DD3-2BF5-4466-A099-2FFCDCF44E77} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {E3A2A3EC-6DA3-4E74-A2DA-D06CB8449C04} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2011-08-25] (IObit)
Task: {E3D5B521-DAE9-46CB-AAA2-EECA1790FE4A} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {E860AD1A-A866-4DA6-ABC5-269B7AE73A33} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\pcdlauncher.exe [2009-11-20] (PC-Doctor, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\pcdlauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\pcdr5cuiw32.exe

==================== Supplementary Scan (All) =============

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000005
"ConsentPromptBehaviorUser"=dword:00000003
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000001
"EnableSecureUIAPaths"=dword:00000001
"EnableUIADesktopToggle"=dword:00000000
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000001
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT"=dword:00000001
"CF_BITMAP"=dword:00000002
"CF_OEMTEXT"=dword:00000007
"CF_DIB"=dword:00000008
"CF_PALETTE"=dword:00000009
"CF_UNICODETEXT"=dword:0000000d
"CF_DIBV5"=dword:00000011

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=dword:00000001
"NoActiveDesktopChanges"=dword:00000001
"ForceActiveDesktopOn"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.msadpcm"="msadp32.acm"
"midimapper"="midimap.dll"
"wavemapper"="msacm32.drv"
"vidc.uyvy"="msyuv.dll"
"vidc.yuy2"="msyuv.dll"
"vidc.yvyu"="msyuv.dll"
"vidc.iyuv"="iyuv_32.dll"
"vidc.i420"="iyuv_32.dll"
"vidc.yvu9"="tsbyuv.dll"
"msacm.l3acm"="C:\\Windows\\SysWOW64\\l3codeca.acm"
"vidc.cvid"="iccvid.dll"
"wave1"="wdmaud.drv"
"midi1"="wdmaud.drv"
"mixer1"="wdmaud.drv"
"aux1"="wdmaud.drv"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"aux"="wdmaud.drv"
"wave2"="wdmaud.drv"
"wave3"="wdmaud.drv"
"midi2"="wdmaud.drv"
"mixer2"="wdmaud.drv"
"aux2"="wdmaud.drv"

================ Drive and Memory info =====================

Drive c: (Windows7_OS) (Fixed) (Total:454.82 GB) (Free:227.65 GB) NTFS (Disk=1 Partition=2) ==>[System with boot components (obtained from reading drive)]
Drive d: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:337.08 GB) NTFS (Disk=0 Partition=1)
Drive g: (SD_KARTA_1) (Removable) (Total:14.82 GB) (Free:12.99 GB) FAT32 (Disk=2 Partition=1)
Drive q: (Lenovo_Recovery) (Fixed) (Total:9.77 GB) (Free:2.52 GB) NTFS (Disk=1 Partition=3)

Available physical RAM: 2408.32 MB
Total physical RAM: 3958.36 MB
Percentage of memory in use: 39%

==================== End Of Log ============================

#8 Příspěvek od **vyosek** » 28 črc 2013 17:12

Odinstalujte Advanced SystemCare, IObit Malware Fighter a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKCU\...\Run: [Advanced SystemCare 5] - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe [574296 2012-03-06] (IObit)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NtVdmSrv] - C:\Windows\inf\ntvdm.vbe [1219 2013-06-20] ()
HKU\Default\...\RunOnce: [] - [x]
HKU\Default User\...\RunOnce: [] - [x]
SearchScopes: HKLM - DefaultScope {6FBD402F-D4EE-4352-B491-EDCB4E76877D} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=LEN2&src=IE-SearchBox;
SearchScopes: HKLM-x32 - DefaultScope {07CED494-B400-47C3-ABB1-9318B94CC7DE} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=LEN2&src=IE-SearchBox;
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
CHR DefaultSuggestURL: (Google) - http://suggestqueries.google.com/complete/search?q={searchTerms}
C:\Windows\inf\ntvdm.vbe
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job
Hosts:
CMD: shutdown -r

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

.adamson. · #9 Příspěvek od **.adamson.** » 29 črc 2013 08:37

Fakt vtipný, přežiju to. I tak děkuji...

#10 Příspěvek od **vyosek** » 29 črc 2013 08:44

Nejak nechapu kam ted mirite

.adamson. · #11 Příspěvek od **.adamson.** » 29 črc 2013 19:31

Jen jsem chtěl ukázat svoji krabicovou verzi PS CS3 ke které jsem se vrátil. Fix zdá se pomohl. ESET hlásí čistý stroj. Děkuji za pomoc rádcům tohoto fóra jehož rad již využívám několik let. Rád bych se něco přiučil a vrátil tak i jiným co zde zdarma dostávám. Uvažuji o žádosti o vstup do školky, ale obávám se že moje odbornost nebude stačit. V tom případě přispěji finančně. Přikládám fix log.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-07-2013
Ran by USER at 2013-07-28 18:23:12 Run:1
Running from C:\Users\USER\Desktop
Boot Mode: Normal
==============================================

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 5 => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NtVdmSrv => Value deleted successfully.
HKU\Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ => Value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
CHR DefaultSuggestURL: (Google) - http://suggestqueries.google.com/comple ... earchTerms} ==> The Chrome "Settings" can be used to fix the entry.
C:\Windows\inf\ntvdm.vbe => Moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job => Moved successfully.
C:\Windows\tasks\SystemToolsDailyTest.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown -r =========

========= End of CMD: =========

==== End of Fixlog ====đđ

#12 Příspěvek od **vyosek** » 29 črc 2013 19:37

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Za pripadnou podporu fora jmenem celeh tymu dekuji

A pokud nejsou problemy ci dotazy, je to z me strany vse

.adamson. · #13 Příspěvek od **.adamson.** » 29 črc 2013 20:55

Děkuji za čističe. Iobit aplikace jsem zrušil. Ještě si dovolím jeden dotaz. Co můj název problému? Vystihoval jej? Myslel jsem si dobře že Microsoft windows based script host je projev nákazy? Jak jsem vygooglil je tento nástroj používán pouze v Windows 2000. V systému Windows 7 nemá co dělat./v mém systému pořád je/ Co se týká wmpnetwk.exe zastavil jsem to ručně ve službách Windows. Doufám že se neptám složitě, již nechci plýtvat vaším časem.

#14 Příspěvek od **vyosek** » 30 črc 2013 21:50

Byl tam jeden typ haveti co je nyni dost casty, jen spusti nejaky nesmyslny skript a zustane viset v registru, v polozkach po spusteni, jenze soubor skriptu se smaze ale polozka z registru ne, takze jej pak nejle nacist a vyskakuji chybove hlasky

VIRY.CZ

Microsoft windows based script host - wmpnetwk.exe

Microsoft windows based script host - wmpnetwk.exe

Re: Microsoft windows based script host - wmpnetwk.exe

Re: Microsoft windows based script host - wmpnetwk.exe

Re: Microsoft windows based script host - wmpnetwk.exe

Re: Microsoft windows based script host - wmpnetwk.exe

Re: Microsoft windows based script host - wmpnetwk.exe

Re: Microsoft windows based script host - wmpnetwk.exe

Re: Microsoft windows based script host - wmpnetwk.exe

Re: Microsoft windows based script host - wmpnetwk.exe

Re: Microsoft windows based script host - wmpnetwk.exe

Re: Microsoft windows based script host - wmpnetwk.exe

Re: Microsoft windows based script host - wmpnetwk.exe

Re: Microsoft windows based script host - wmpnetwk.exe

Re: Microsoft windows based script host - wmpnetwk.exe