Prosím o kontrolu a případnou pomoc

[ceddrik]

Ntb se zasekává je spomalené . Zde přikládám log

Logfile of random's system information tool 1.08 (written by random/random)
Run by Leyaa at 2013-11-12 19:04:05
Microsoft Windows 7 Home Premium
System drive C: has 114 GB (48%) free of 238 GB
Total RAM: 8191 MB (83% free)


======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files\TortoiseSVN\bin\TSVNCache.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-565405970-541606558307584362644544466-2135876906-393348594627753759-1644329630
taskeng.exe {19B72466-B017-40AC-B55D-1D2D52858166}
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3976 CREDAT:203009
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -Embedding
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3976 CREDAT:203010
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3976 CREDAT:203011
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3775766133-3605671815-1654188208-10003_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3775766133-3605671815-1654188208-10003 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Leyaa\Desktop\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-09 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
Rich Media Downloader - C:\Users\Leyaa\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll [2013-07-03 155928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL [2013-04-24 659264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-09 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}]
Rich Media Player - C:\Users\Leyaa\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll [2013-03-12 120600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2011-08-22 621440]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-03-29 13513288]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-11 1028896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2013-11-11 1813928]
"DAEMON Tools Lite"=C:\PROGRA~2\DAEMON~1\DTLite.exe [2013-11-11 3675352]
"uTorrent"=C:\Users\Leyaa\AppData\Roaming\uTorrent\utorrent.exe [2013-11-11 891904]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Driver Genius"= []
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2013-11-11 322208]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2013-11-11 178848]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2013-11-11 105016]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-11 958576]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-11-11 254336]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-10-31 2349392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.exe - open - C:\Windows\svchost.com "%1" %*
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-11-12 19:04:05 ----D---- C:\rsit
2013-11-12 19:04:05 ----D---- C:\Program Files\trend micro
2013-11-11 22:51:07 ----AH---- C:\Windows\system32\hamachi.sys
2013-11-11 22:51:01 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2013-11-11 19:47:18 ----D---- C:\Program Files\CCleaner
2013-11-11 19:19:48 ----D---- C:\Users\Leyaa\AppData\Roaming\Malwarebytes
2013-11-11 19:19:40 ----D---- C:\ProgramData\Malwarebytes
2013-11-11 19:19:39 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-11 19:19:39 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-11-11 19:07:56 ----D---- C:\Users\Leyaa\AppData\Roaming\TeamViewer
2013-11-10 19:16:50 ----A---- C:\Windows\directx.sys
2013-11-10 15:49:49 ----D---- C:\Users\Leyaa\AppData\Roaming\WinRAR
2013-11-10 15:49:26 ----D---- C:\Program Files (x86)\WinRAR
2013-11-10 12:40:57 ----D---- C:\Program Files (x86)\ProtectDisc Driver Installer
2013-11-10 12:40:42 ----D---- C:\Users\Leyaa\AppData\Roaming\ProtectDISC
2013-11-10 12:38:38 ----D---- C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2013-11-10 12:26:21 ----D---- C:\Program Files (x86)\Quadriga Games
2013-11-09 21:46:42 ----D---- C:\Users\Leyaa\AppData\Roaming\NVIDIA
2013-11-09 21:42:10 ----D---- C:\Users\Leyaa\AppData\Roaming\.minecraft
2013-11-09 21:35:16 ----D---- C:\ProgramData\Oracle
2013-11-09 21:35:14 ----D---- C:\ProgramData\Sun
2013-11-09 21:35:04 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-11-09 21:35:01 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-11-09 21:35:01 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-11-09 21:35:01 ----A---- C:\Windows\SYSWOW64\java.exe
2013-11-09 21:34:51 ----D---- C:\Program Files (x86)\Java
2013-11-09 20:05:56 ----D---- C:\Users\Leyaa\AppData\Roaming\uTorrent
2013-11-09 11:41:12 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-11-09 11:41:07 ----D---- C:\Users\Leyaa\AppData\Roaming\DAEMON Tools Lite
2013-11-09 11:41:05 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-11-09 11:40:35 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-10-31 20:34:28 ----D---- C:\Users\Leyaa\AppData\Roaming\Mumble
2013-10-31 20:32:49 ----D---- C:\Program Files (x86)\Mumble
2013-10-24 21:16:24 ----D---- C:\Program Files (x86)\7-Zip
2013-10-24 20:38:02 ----D---- C:\Users\Leyaa\AppData\Roaming\Acreon
2013-10-13 18:20:56 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe

======List of files/folders modified in the last 1 months======

2013-11-12 19:04:05 ----RD---- C:\Program Files
2013-11-12 19:04:05 ----D---- C:\Windows\Prefetch
2013-11-12 19:03:57 ----D---- C:\Windows\Temp
2013-11-12 19:00:21 ----D---- C:\Windows\System32
2013-11-12 19:00:21 ----D---- C:\Windows\inf
2013-11-12 19:00:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-12 18:55:53 ----D---- C:\ProgramData\NVIDIA
2013-11-12 18:55:16 ----SHD---- C:\System Volume Information
2013-11-11 23:51:16 ----D---- C:\Windows\system32\config
2013-11-11 22:51:12 ----SHD---- C:\Windows\Installer
2013-11-11 22:51:01 ----RD---- C:\Program Files (x86)
2013-11-11 22:50:13 ----D---- C:\Windows
2013-11-11 19:49:11 ----D---- C:\Program Files (x86)\Steam
2013-11-11 19:49:01 ----D---- C:\Windows\Logs
2013-11-11 19:47:19 ----D---- C:\Windows\system32\Tasks
2013-11-11 19:47:18 ----D---- C:\Windows\Tasks
2013-11-11 19:47:18 ----D---- C:\Program Files (x86)\Google
2013-11-11 19:41:53 ----D---- C:\Windows\system32\wdi
2013-11-11 19:38:41 ----D---- C:\Users\Leyaa\AppData\Roaming\TS3Client
2013-11-11 19:19:40 ----HD---- C:\ProgramData
2013-11-11 19:19:39 ----D---- C:\Windows\system32\drivers
2013-11-10 12:39:41 ----RSD---- C:\Windows\assembly
2013-11-10 12:38:02 ----D---- C:\Program Files (x86)\Common Files
2013-11-09 21:35:04 ----D---- C:\Windows\SysWOW64
2013-11-09 21:34:46 ----D---- C:\Windows\system32\catroot2
2013-11-09 20:52:54 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-11-09 11:41:57 ----D---- C:\Windows\system32\catroot
2013-11-09 11:41:51 ----D---- C:\Windows\system32\DriverStore
2013-10-28 12:52:53 ----D---- C:\Windows\system32\NDF
2013-10-27 09:17:29 ----D---- C:\Program Files\TeamSpeak 3 Client
2013-10-26 15:44:43 ----D---- C:\Windows\system32\LogFiles
2013-10-26 15:13:07 ----SD---- C:\ProgramData\Microsoft
2013-10-20 13:24:33 ----D---- C:\Program Files (x86)\Origin
2013-10-14 06:42:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-14 06:28:58 ----SHD---- C:\Boot
2013-10-13 16:02:28 ----D---- C:\ProgramData\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2010-04-09 244328]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-11-09 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2011-08-22 117760]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-03-30 3379272]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-06-16 196384]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2010-03-23 29800]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-08-20 39200]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-09-22 872152]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-12 1799680]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2008-05-07 14464]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-05 65640]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-04-19 574272]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-07-24 105120]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-10-31 2756944]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-11 377104]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-08-27 14997280]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-09-12 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-08-27 2155296]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-10-06 76888]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-02-20 239176]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-09-12 414496]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-11-11 89136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-11-11 565672]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-09-22 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------






A zde přikládám výpis z info.txt



info.txt logfile of random's system information tool 1.08 2013-11-12 19:04:09

======Uninstall list======

-->MsiExec /X{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}
7-Zip 9.20-->"C:\Program Files (x86)\7-Zip\Uninstall.exe"
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -maintain activex
Adobe Reader XI (11.0.05) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AB0000000001}
Advanced SystemCare 6-->"C:\Program Files (x86)\IObit\Advanced SystemCare 6\unins000.exe"
Aktualizace NVIDIA 8.3.14-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{9F4A981C-F31B-48C4-9AA7-AB426FDB4DE2}\NVI2.DLL",UninstallPackage Display.Update
ASUS USB2.0 UVC VGA WebCam-->C:\Windows\snuninst.exe /name='ASUS USB2.0 UVC VGA WebCam'
ATK Package-->MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
Battlefield 3™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" uninstall_game -autologging
Battlelog Web Plugins-->C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Dota 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/570
Driver Genius Professional Edition-->"C:\Program Files (x86)\Driver-Soft\DriverGenius\unins000.exe"
Emergency 2012-->"C:\Program Files (x86)\Quadriga Games\Emergency 2012\uninstall.exe"
ESN Sonar-->C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
ETDWare PS/2-x64 7.0.5.9_WHQL-->C:\Program Files\Elantech\ETDUninst.exe
Game Booster 3-->"C:\Program Files (x86)\IObit\Game Booster 3\unins000.exe"
Honorbuddy-->MsiExec.exe /X{6D8FB164-2A7D-43B2-A59E-E16BF568ACB0}
Java 7 Update 45-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217045FF}
LogMeIn Hamachi-->C:\Windows\SysWOW64\\msiexec.exe /i {645CF8E7-16ED-4827-BD89-94F2CE974396} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{645CF8E7-16ED-4827-BD89-94F2CE974396}
Malwarebytes Anti-Malware verze 1.75.0.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ExtendedLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ExtendedLP
Microsoft .NET Framework 4 Extended CSY Language Pack-->MsiExec.exe /X{A324DC11-FF02-3CE8-9D6F-67EBC006D970}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /x64 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft Office Word Viewer 2003-->MsiExec.exe /I{90850405-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{6AFCA4E1-9B78-3640-8F72-A7BF33448200}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Mumble 1.2.3-->MsiExec.exe /I{62C68336-B969-4097-B0BD-A3A0FBFD59C1}
Need for Speed Underground 2-->C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\EAUninstall.exe
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA GeForce Experience 1.6.1-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{9F4A981C-F31B-48C4-9AA7-AB426FDB4DE2}\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Ovladač 3D Vision 327.23-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{9F4A981C-F31B-48C4-9AA7-AB426FDB4DE2}\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladač HD audia 1.3.26.4-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{9F4A981C-F31B-48C4-9AA7-AB426FDB4DE2}\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladače grafiky 327.23-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{9F4A981C-F31B-48C4-9AA7-AB426FDB4DE2}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /I{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.13.0725-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{9F4A981C-F31B-48C4-9AA7-AB426FDB4DE2}\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA Virtual Audio 1.2.5-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{9F4A981C-F31B-48C4-9AA7-AB426FDB4DE2}\NVI2.DLL",UninstallPackage VirtualAudio.Driver
Origin-->C:\Program Files (x86)\Origin\OriginUninstall.exe
ProtectDisc Driver, Version 11-->C:\Program Files (x86)\ProtectDisc Driver Installer\uninstall_v11.exe
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Rich Media Player-->C:\Users\Leyaa\AppData\Local\Rich Media Player\uninstall.exe
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Extended
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
TeamViewer 8-->C:\Program Files (x86)\TeamViewer\Version8\uninstall.exe
TortoiseSVN 1.8.2.24708 (64 bit)-->MsiExec.exe /X{D0DC3918-460D-4229-811E-41F22D0CD7E9}
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended
WinRAR 4.20 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe

======System event log======

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Cryptographic Services byl změněn na: stopped
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714051424.262212-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Windows Modules Installer byl změněn na: stopped
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714051424.168612-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Software Protection byl změněn na: stopped
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714051424.059412-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Windows Event Log byl změněn na: stopped
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714051424.012612-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Volume Shadow Copy byl změněn na: stopped
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714051423.934612-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: 37L4247E29-32
Event Code: 1001
Message: Chybný blok , typ 0
Název události: PnPDriverNotFound
Reakce: Not available
ID souboru CAB: 0

Podpis problému:
P1: x64
P2: ACPI\ATK0100
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
C:\Windows\Temp\DMI733B.tmp.log.xml

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d4a99e8e3cb284c21dcc14fa73286c8c8f3f5f25_cab_06cd7454

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: ee1b6740-2350-11e3-a8c2-a50e6095c2ca
Stav hlášení: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20130922063346.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20130922063314.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20130922063309.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20130922063301.140800-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247E29-32
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20130922063301.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130922063243.247600-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247E29-32$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x1b4
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130922063243.247600-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x30cab
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130922063242.873200-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130922063241.048000-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130922063240.970000-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[ceddrik]

# AdwCleaner v3.012 - Report created 12/11/2013 at 19:26:53
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Leyaa - LEYAA-PC
# Running from : C:\Users\Leyaa\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\driver-soft
Folder Deleted : C:\Users\Leyaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16506


-\\ Google Chrome v

[ File : C:\Users\Leyaa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1083 octets] - [12/11/2013 19:26:02]
AdwCleaner[S0].txt - [1008 octets] - [12/11/2013 19:26:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1068 octets] ##########

[Rudy]

Dejte nový log RSIT.

[ceddrik]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Leyaa at 2013-11-12 20:44:23
Microsoft Windows 7 Home Premium
System drive C: has 113 GB (48%) free of 238 GB
Total RAM: 8191 MB (81% free)


======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "53088324911586044791925072013-963829024-1026283542-104153761-1640361167-585136355
taskeng.exe {1987F3DA-02CF-4602-A0DA-B3ABB5864B92}
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files\TortoiseSVN\bin\TSVNCache.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -Embedding
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe"
"C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3320 CREDAT:203009
"C:\Program Files\AVAST Software\Avast\AvastUI.exe"
"taskhost.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3320 CREDAT:137477
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3320 CREDAT:203010
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3775766133-3605671815-1654188208-10008_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3775766133-3605671815-1654188208-10008 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Leyaa\Desktop\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-09 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
Rich Media Downloader - C:\Users\Leyaa\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll [2013-07-03 155928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL [2013-04-24 659264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-09 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}]
Rich Media Player - C:\Users\Leyaa\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll [2013-03-12 120600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2011-08-22 621440]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-03-29 13513288]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-11 1028896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2013-11-11 1813928]
"DAEMON Tools Lite"=C:\PROGRA~2\DAEMON~1\DTLite.exe [2013-11-11 3675352]
"uTorrent"=C:\Users\Leyaa\AppData\Roaming\uTorrent\utorrent.exe [2013-11-11 891904]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Driver Genius"= []
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2013-11-11 322208]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2013-11-11 178848]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2013-11-11 105016]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-11 958576]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-11-11 254336]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-10-31 2349392]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-11-12 3568312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.exe - open - C:\Windows\svchost.com "%1" %*
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-11-12 19:42:32 ----D---- C:\ProgramData\LogMeIn
2013-11-12 19:25:58 ----D---- C:\AdwCleaner
2013-11-12 19:25:31 ----D---- C:\Users\Leyaa\AppData\Roaming\AVAST Software
2013-11-12 19:22:19 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-11-12 19:22:18 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-11-12 19:22:18 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-11-12 19:22:18 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-11-12 19:22:18 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-11-12 19:22:17 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-11-12 19:22:16 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-11-12 19:22:16 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-11-12 19:22:12 ----A---- C:\Windows\system32\aswBoot.exe
2013-11-12 19:21:50 ----D---- C:\Program Files\AVAST Software
2013-11-12 19:21:15 ----D---- C:\ProgramData\AVAST Software
2013-11-12 19:04:05 ----D---- C:\rsit
2013-11-12 19:04:05 ----D---- C:\Program Files\trend micro
2013-11-11 22:51:07 ----AH---- C:\Windows\system32\hamachi.sys
2013-11-11 22:51:01 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2013-11-11 19:47:18 ----D---- C:\Program Files\CCleaner
2013-11-11 19:19:48 ----D---- C:\Users\Leyaa\AppData\Roaming\Malwarebytes
2013-11-11 19:19:40 ----D---- C:\ProgramData\Malwarebytes
2013-11-11 19:19:39 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-11 19:19:39 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-11-11 19:07:56 ----D---- C:\Users\Leyaa\AppData\Roaming\TeamViewer
2013-11-10 19:16:50 ----A---- C:\Windows\directx.sys
2013-11-10 15:49:49 ----D---- C:\Users\Leyaa\AppData\Roaming\WinRAR
2013-11-10 15:49:26 ----D---- C:\Program Files (x86)\WinRAR
2013-11-10 12:40:57 ----D---- C:\Program Files (x86)\ProtectDisc Driver Installer
2013-11-10 12:40:42 ----D---- C:\Users\Leyaa\AppData\Roaming\ProtectDISC
2013-11-10 12:38:38 ----D---- C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2013-11-10 12:26:21 ----D---- C:\Program Files (x86)\Quadriga Games
2013-11-09 21:46:42 ----D---- C:\Users\Leyaa\AppData\Roaming\NVIDIA
2013-11-09 21:42:10 ----D---- C:\Users\Leyaa\AppData\Roaming\.minecraft
2013-11-09 21:35:16 ----D---- C:\ProgramData\Oracle
2013-11-09 21:35:14 ----D---- C:\ProgramData\Sun
2013-11-09 21:35:04 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-11-09 21:35:01 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-11-09 21:35:01 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-11-09 21:35:01 ----A---- C:\Windows\SYSWOW64\java.exe
2013-11-09 21:34:51 ----D---- C:\Program Files (x86)\Java
2013-11-09 20:05:56 ----D---- C:\Users\Leyaa\AppData\Roaming\uTorrent
2013-11-09 11:41:12 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-11-09 11:41:07 ----D---- C:\Users\Leyaa\AppData\Roaming\DAEMON Tools Lite
2013-11-09 11:41:05 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-11-09 11:40:35 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-10-31 20:34:28 ----D---- C:\Users\Leyaa\AppData\Roaming\Mumble
2013-10-31 20:32:49 ----D---- C:\Program Files (x86)\Mumble
2013-10-24 21:16:24 ----D---- C:\Program Files (x86)\7-Zip
2013-10-24 20:38:02 ----D---- C:\Users\Leyaa\AppData\Roaming\Acreon
2013-10-13 18:20:56 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe

======List of files/folders modified in the last 1 months======

2013-11-12 20:11:23 ----D---- C:\Windows\Temp
2013-11-12 19:45:07 ----D---- C:\Users\Leyaa\AppData\Roaming\TS3Client
2013-11-12 19:44:14 ----D---- C:\Windows\Prefetch
2013-11-12 19:42:32 ----HD---- C:\ProgramData
2013-11-12 19:34:07 ----D---- C:\Windows\System32
2013-11-12 19:34:07 ----D---- C:\Windows\inf
2013-11-12 19:34:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-12 19:28:45 ----D---- C:\ProgramData\NVIDIA
2013-11-12 19:28:40 ----SHD---- C:\System Volume Information
2013-11-12 19:26:54 ----RD---- C:\Program Files (x86)
2013-11-12 19:22:27 ----D---- C:\Windows\system32\Tasks
2013-11-12 19:22:19 ----D---- C:\Windows\system32\drivers
2013-11-12 19:22:12 ----D---- C:\Windows\winsxs
2013-11-12 19:22:11 ----D---- C:\Windows
2013-11-12 19:21:50 ----RD---- C:\Program Files
2013-11-11 23:51:16 ----D---- C:\Windows\system32\config
2013-11-11 22:51:12 ----SHD---- C:\Windows\Installer
2013-11-11 19:49:11 ----D---- C:\Program Files (x86)\Steam
2013-11-11 19:49:01 ----D---- C:\Windows\Logs
2013-11-11 19:47:18 ----D---- C:\Windows\Tasks
2013-11-11 19:47:18 ----D---- C:\Program Files (x86)\Google
2013-11-11 19:41:53 ----D---- C:\Windows\system32\wdi
2013-11-10 12:39:41 ----RSD---- C:\Windows\assembly
2013-11-10 12:38:02 ----D---- C:\Program Files (x86)\Common Files
2013-11-09 21:35:04 ----D---- C:\Windows\SysWOW64
2013-11-09 21:34:46 ----D---- C:\Windows\system32\catroot2
2013-11-09 20:52:54 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-11-09 11:41:57 ----D---- C:\Windows\system32\catroot
2013-11-09 11:41:51 ----D---- C:\Windows\system32\DriverStore
2013-10-28 12:52:53 ----D---- C:\Windows\system32\NDF
2013-10-27 09:17:29 ----D---- C:\Program Files\TeamSpeak 3 Client
2013-10-26 15:44:43 ----D---- C:\Windows\system32\LogFiles
2013-10-26 15:13:07 ----SD---- C:\ProgramData\Microsoft
2013-10-20 13:24:33 ----D---- C:\Program Files (x86)\Origin
2013-10-14 06:42:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-14 06:28:58 ----SHD---- C:\Boot
2013-10-13 16:02:28 ----D---- C:\ProgramData\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-11-12 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-11-12 205320]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2010-04-09 244328]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-11-12 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-11-12 1032416]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-11-12 409832]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-11-12 65264]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-11-09 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-11-12 38984]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-11-12 84328]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2011-08-22 117760]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-03-30 3379272]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-06-16 196384]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2010-03-23 29800]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-08-20 39200]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-09-22 872152]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-12 1799680]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2008-05-07 14464]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-05 65640]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-04-19 574272]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-07-24 105120]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-12 50344]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-10-31 2756944]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-11 377104]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-08-27 14997280]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-09-12 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-08-27 2155296]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-10-06 76888]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-02-20 239176]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-09-12 414496]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-11-11 89136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-11-11 565672]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-09-22 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Users\Leyaa\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte Avast a po něm restartujte PC. Dejte nový log RSIT.
Doporučuji odinstalovat Advanced system care. Tento soft vidí problémy tam, kde nejsou a lze si jím smadno poškodit systém, nebo některou aplikaci.

[ceddrik]

Takže začal jsem postupovat ve výše uvedených krocích OTM se povedlo zdárně restart taky pak jsem chtěl spustil Hijack abych vytvořil log , ale zde již nastal první problém při pokusu o spštění se mě zeptal v jakém programu ho chci otevřít. Toto jsem vyřešil pomocí spustit jako správce . Nastal však další problém , že když jsem chtěl odinstalovat AsC nešlo to odinstalace problikla a nic najel jsem do složky s tím že to odinstaluju pomocí uninstalatoru taktéž se nepovedlo taktéž otázka pomocí jakého programu chci otevřít(tento problém nevyřešil ani spuštění pomocí správce) u Internet exploreru taktéž tento problém , který se povedl zase chvilkově vřešit pomocí spustit jako správce.toť zatím vše a zde je log


Logfile of random's system information tool 1.08 (written by random/random)
Run by Leyaa at 2013-11-12 21:10:25
Microsoft Windows 7 Home Premium
System drive C: has 113 GB (48%) free of 238 GB
Total RAM: 8191 MB (84% free)


======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
ATKOSD.exe
KBFiltr.exe
taskeng.exe {3DE54AD7-703A-490E-A642-AA6F9B8DB325}
WDC.exe
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "176995408848151011222327642653939969245422162844366354-765942700-221973428
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\TortoiseSVN\bin\TSVNCache.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Leyaa\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-09 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL [2013-04-24 659264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-09 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}]
Rich Media Player - C:\Users\Leyaa\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll [2013-03-12 120600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2011-08-22 621440]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-03-29 13513288]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-11 1028896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2013-11-11 1813928]
"DAEMON Tools Lite"=C:\PROGRA~2\DAEMON~1\DTLite.exe [2013-11-11 3675352]
"uTorrent"=C:\Users\Leyaa\AppData\Roaming\uTorrent\utorrent.exe [2013-11-11 891904]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Driver Genius"= []
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2013-11-11 322208]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2013-11-11 178848]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2013-11-11 105016]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-11 958576]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-11-11 254336]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-10-31 2349392]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-11-12 3568312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.exe - open - C:\Windows\svchost.com "%1" %*
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-11-12 21:07:18 ----D---- C:\_OTM
2013-11-12 19:42:32 ----D---- C:\ProgramData\LogMeIn
2013-11-12 19:25:58 ----D---- C:\AdwCleaner
2013-11-12 19:25:31 ----D---- C:\Users\Leyaa\AppData\Roaming\AVAST Software
2013-11-12 19:22:19 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-11-12 19:22:18 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-11-12 19:22:18 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-11-12 19:22:18 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-11-12 19:22:18 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-11-12 19:22:17 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-11-12 19:22:16 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-11-12 19:22:16 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-11-12 19:22:12 ----A---- C:\Windows\system32\aswBoot.exe
2013-11-12 19:21:50 ----D---- C:\Program Files\AVAST Software
2013-11-12 19:21:15 ----D---- C:\ProgramData\AVAST Software
2013-11-12 19:04:05 ----D---- C:\rsit
2013-11-12 19:04:05 ----D---- C:\Program Files\trend micro
2013-11-11 22:51:07 ----AH---- C:\Windows\system32\hamachi.sys
2013-11-11 22:51:01 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2013-11-11 19:47:18 ----D---- C:\Program Files\CCleaner
2013-11-11 19:19:48 ----D---- C:\Users\Leyaa\AppData\Roaming\Malwarebytes
2013-11-11 19:19:40 ----D---- C:\ProgramData\Malwarebytes
2013-11-11 19:19:39 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-11 19:19:39 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-11-11 19:07:56 ----D---- C:\Users\Leyaa\AppData\Roaming\TeamViewer
2013-11-10 19:16:50 ----A---- C:\Windows\directx.sys
2013-11-10 15:49:49 ----D---- C:\Users\Leyaa\AppData\Roaming\WinRAR
2013-11-10 15:49:26 ----D---- C:\Program Files (x86)\WinRAR
2013-11-10 12:40:57 ----D---- C:\Program Files (x86)\ProtectDisc Driver Installer
2013-11-10 12:40:42 ----D---- C:\Users\Leyaa\AppData\Roaming\ProtectDISC
2013-11-10 12:26:21 ----D---- C:\Program Files (x86)\Quadriga Games
2013-11-09 21:46:42 ----D---- C:\Users\Leyaa\AppData\Roaming\NVIDIA
2013-11-09 21:42:10 ----D---- C:\Users\Leyaa\AppData\Roaming\.minecraft
2013-11-09 21:35:16 ----D---- C:\ProgramData\Oracle
2013-11-09 21:35:14 ----D---- C:\ProgramData\Sun
2013-11-09 21:35:04 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-11-09 21:35:01 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-11-09 21:35:01 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-11-09 21:35:01 ----A---- C:\Windows\SYSWOW64\java.exe
2013-11-09 21:34:51 ----D---- C:\Program Files (x86)\Java
2013-11-09 20:05:56 ----D---- C:\Users\Leyaa\AppData\Roaming\uTorrent
2013-11-09 11:41:12 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-11-09 11:41:07 ----D---- C:\Users\Leyaa\AppData\Roaming\DAEMON Tools Lite
2013-11-09 11:41:05 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-11-09 11:40:35 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-10-31 20:34:28 ----D---- C:\Users\Leyaa\AppData\Roaming\Mumble
2013-10-31 20:32:49 ----D---- C:\Program Files (x86)\Mumble
2013-10-24 21:16:24 ----D---- C:\Program Files (x86)\7-Zip
2013-10-24 20:38:02 ----D---- C:\Users\Leyaa\AppData\Roaming\Acreon
2013-10-13 18:20:56 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe

======List of files/folders modified in the last 1 months======

2013-11-12 21:09:30 ----D---- C:\Windows\Temp
2013-11-12 21:08:54 ----D---- C:\ProgramData\NVIDIA
2013-11-12 21:07:58 ----D---- C:\Users\Leyaa\AppData\Roaming\TS3Client
2013-11-12 21:07:37 ----D---- C:\Windows
2013-11-12 21:07:00 ----D---- C:\Windows\Prefetch
2013-11-12 19:42:32 ----HD---- C:\ProgramData
2013-11-12 19:34:07 ----D---- C:\Windows\System32
2013-11-12 19:34:07 ----D---- C:\Windows\inf
2013-11-12 19:34:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-12 19:28:40 ----SHD---- C:\System Volume Information
2013-11-12 19:26:54 ----RD---- C:\Program Files (x86)
2013-11-12 19:22:27 ----D---- C:\Windows\system32\Tasks
2013-11-12 19:22:19 ----D---- C:\Windows\system32\drivers
2013-11-12 19:22:12 ----D---- C:\Windows\winsxs
2013-11-12 19:21:50 ----RD---- C:\Program Files
2013-11-11 23:51:16 ----D---- C:\Windows\system32\config
2013-11-11 22:51:12 ----SHD---- C:\Windows\Installer
2013-11-11 19:49:11 ----D---- C:\Program Files (x86)\Steam
2013-11-11 19:49:01 ----D---- C:\Windows\Logs
2013-11-11 19:47:18 ----D---- C:\Windows\Tasks
2013-11-11 19:47:18 ----D---- C:\Program Files (x86)\Google
2013-11-11 19:41:53 ----D---- C:\Windows\system32\wdi
2013-11-10 12:39:41 ----RSD---- C:\Windows\assembly
2013-11-10 12:38:02 ----D---- C:\Program Files (x86)\Common Files
2013-11-09 21:35:04 ----D---- C:\Windows\SysWOW64
2013-11-09 21:34:46 ----D---- C:\Windows\system32\catroot2
2013-11-09 20:52:54 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-11-09 11:41:57 ----D---- C:\Windows\system32\catroot
2013-11-09 11:41:51 ----D---- C:\Windows\system32\DriverStore
2013-10-28 12:52:53 ----D---- C:\Windows\system32\NDF
2013-10-27 09:17:29 ----D---- C:\Program Files\TeamSpeak 3 Client
2013-10-26 15:44:43 ----D---- C:\Windows\system32\LogFiles
2013-10-26 15:13:07 ----SD---- C:\ProgramData\Microsoft
2013-10-20 13:24:33 ----D---- C:\Program Files (x86)\Origin
2013-10-14 06:42:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-14 06:28:58 ----SHD---- C:\Boot
2013-10-13 16:02:28 ----D---- C:\ProgramData\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-11-12 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-11-12 205320]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2010-04-09 244328]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-11-12 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-11-12 1032416]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-11-12 409832]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-11-12 65264]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-11-09 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-11-12 38984]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-11-12 84328]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2011-08-22 117760]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-03-30 3379272]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-06-16 196384]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2010-03-23 29800]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-08-20 39200]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-09-22 872152]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-12 1799680]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2008-05-07 14464]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-05 65640]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-04-19 574272]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-07-24 105120]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-12 50344]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-10-31 2756944]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-11 377104]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-08-27 14997280]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-09-12 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-08-27 2155296]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-10-06 76888]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-02-20 239176]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-09-12 414496]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-11-11 89136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-11-11 565672]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-09-22 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[ceddrik]

Jo a ještě se mi na ploše objevily dva soubory s názvem desktop.ini

[Rudy]

Log již vypadá OK. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Měly by zmizet i ty desktop.ini. Nastala nějaká změna? Na ty odinastalace zkuste total uninstall: http://www.stahuj.centrum.cz/utility_a_ ... uninstall/ .

[ceddrik]

Ntb se zrychlil , odinstalace pomocí všeho programu taky proběhla v pořádku. Teď jedinné co mě trápí je problém se spouštěním programů. Kterýkoliv exe když chci spustit vyskočí okno Otevřít v programu....Nevím z jakého důvodu ,či jaká příčina způsobila tento problém. NEchce se mi spouštět každý program jako správce + si myslím , že to bude něco záludnějšího

[Rudy]

Zkuste obnovu systému k datu, kdy korektně fungoval.

[ceddrik]

Tak vrámci vaší rady jsem chtěl přistoupit k bodu obnovení , ale ono ejhle žádný tam není...ikdyž by býti měl....vím minimálně o 3 bodech obnovení které tam měly býti za poslední měsíc vytvořeny , ale není tam ani jeden

[ceddrik]

Takže vzhledem k tomu že jsem nenašel body obnovy pokusil sem se hledat pomoc u microsoftu a použil viz odkaz níže http://support.microsoft.com/kb/2688326 ... orMeAlways takže nakonec tento problém je taky nejspíše vyřešen neboť programy jdou spustit již normálně. Po použití odkazu a fixitu windows resetován a nabíhal neskutečně dlouho tak snad se opravilo vše jak mělo. Teď bych Vás chtěl poprosit o nějaké schrnutí dané situace a odpověď na otázku může příčina těchto problémů býti nějaký vir jako třeba neshta? Je vše v pořádku tudíž nemusím míti strach? s virem neshta jsem už co dočinění měl a nerad bych znovu reinstaloval windows ze strachu o osobní data a hesla k bankovnictví třeba

[Rudy]

Tak vir by tam být neměl. AdWary a zbytečnosti jsme vyházeli. Myslím že prolomení hesel odtud nehrozí. FixIT někdy pomůže, někdy ne.

[ceddrik]

V tuto chvíli Vám o5 děkuji za vaši profesionální pomoc . Počítač se tváři v pohodě tak uvidíme v opačném případě se zde zase obrátím