Že jsem hledal na forech jak zjistit ten nebo co to je "log" a tam byl ten ComboFix tak jsem to skusil ale už vím že to nemám používat a nevím přesně jak funguje tak jsem ho odstranil z NTB.
Tady dávám ty dva z RSIT.
info
info.txt logfile of random's system information tool 1.09 2012-10-02 17:27:54
======Uninstall list======
-->MsiExec /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{47FA2C44-D148-4DBC-AF60-B91934AA4842}
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_278_Plugin.exe -maintain plugin
Adobe Reader X (10.1.4) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Advanced Tactical Center™ 1.0-->"C:\Program Files (x86)\Advanced Tactical Center\unins000.exe"
AIDA64 Extreme Edition v2.20-->"C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\unins000.exe"
Amnesia - The Dark Descent -->"C:\Program Files (x86)\Amnesia - The Dark Descent\unins000.exe"
Asmedia ASM104x USB 3.0 Host Controller Driver-->MsiExec.exe /X{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}
Assassin's Creed Brotherhood-->"C:\Program Files (x86)\InstallShield Installation Information\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}\setup.exe" -runfromtemp -l0x0005 -removeonly
Assassin's Creed II-->"C:\Program Files (x86)\InstallShield Installation Information\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}\setup.exe" -runfromtemp -l0x0005 -removeonly
ASUS AI Recovery-->MsiExec.exe /I{38253529-D97D-4901-AE53-5CC9736D3A2E}
ASUS FancyStart-->MsiExec.exe /I{2B81872B-A054-48DA-BE3B-FA5C164C303A}
ASUS K3 Series ScreenSaver-->C:\Windows\ASUS K3 Series ScreenSaver Uninstaller.exe
ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->MsiExec.exe /X{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
ATK Package-->MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
aTube Catcher-->C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\uninstall.exe
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
BitTorrent-->"C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /UNINSTALL
Borderlands-->MsiExec.exe /X{52B65911-1559-4ED5-9461-46957FDD48CD}
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Čeština pro GTA IV v1.0.7.0 1.0.7.0-->C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\Uninstall.exe
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Dear Esther-->"C:\Program Files (x86)\thechineseroom\Dear Esther\unins000.exe"
Dokan Library 0.6.0-->"C:\Program Files (x86)\Dokan\DokanLibrary\DokanUninstall.exe"
Driver San Francisco-->"C:\Program Files (x86)\Ubisoft\Driver San Francisco\Uninstall\Uninstall.exe"
DVD Decrypter (Remove Only)-->"C:\Program Files (x86)\DVD Decrypter\uninstall.exe"
Facebook Video Calling 1.2.0.159-->MsiExec.exe /X{7CAC6A44-C3DE-4153-ACA6-7524602C789E}
FastStone Image Viewer 4.6-->C:\Program Files (x86)\FastStone Image Viewer\uninst.exe
FlatOut2-->"E:\Program Files\FlatOut2\unins000.exe"
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
GamePark-->"C:\Program Files (x86)\GamePark\unins000.exe"
Gas Guzzlers Combat Carnage-->"E:\Program Files (x86)\Gamepires\Gas Guzzlers Combat Carnage\unins000.exe"
GIMP 2.6.12-->"C:\Program Files (x86)\GIMP-2.0\setup\unins000.exe"
Grand Theft Auto IV - Episodes From Liberty City-->"C:\Program Files (x86)\Grand Theft Auto IV - Episodes From Liberty City\Uninstall\unins000.exe"
Grand Theft Auto IV-->"C:\Program Files (x86)\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0009 -removeonly
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8301}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8302}
Grand Theft Auto: Episodes from Liberty City-->MsiExec.exe /I{5454083B-1308-4485-BF17-111000038701}
GTA IV: San Andreas-->"C:\Program Files (x86)\InstallShield Installation Information\{1DDD8AFF-A4F9-4836-9A24-EC5DFA4D1E36}\Setup.exe" -runfromtemp -l0x0405 -removeonly
High-Definition Video Playback 10-->MsiExec.exe /X{237CCB62-8454-43E3-B158-3ACD0134852E}
HP USB Disk Storage Format Tool-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}\Setup.exe" -l0x9 anything
HTC BMP USB Driver-->MsiExec.exe /I{31A559C1-9E4D-423B-9DD3-34A6C5398752}
HTC Driver Installer-->MsiExec.exe /X{6D6664A9-3342-4948-9B7E-034EFE366F0F}
HTC Sync-->MsiExec.exe /I{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}
Intel PROSet Wireless-->Intel PROSet Wireless
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Internet Explorer Toolbar 4.6 by SweetPacks-->MsiExec.exe /X{774C0434-9948-4DEE-A14E-69CDD316E36C}
Java 7 Update 6-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217006FF}
K-Lite Codec Pack 8.0.0 (Full)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
L.A. Noire-->"C:\Program Files (x86)\InstallShield Installation Information\{915726DF-7891-444A-AA03-0DF1D64F561A}\setup.exe" -runfromtemp -l0x0809 -removeonly
LogMeIn Hamachi-->C:\Windows\SysWOW64\\msiexec.exe /i {B8ABD8C7-991E-4A70-B5A3-20C6FC680680} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}
Mafia-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "E:\Program Files (x86)\Cenega Czech\Mafia\Uninstall\setup.exe" -l0x5
Microsoft Age of Empires II: The Conquerors Expansion-->"C:\Program Files (x86)\Microsoft Games\Age of Empires II\UNINSTALX.EXE" /runtemp /addremove
Microsoft Age of Empires II-->"C:\Program Files (x86)\Microsoft Games\Age of Empires II\UNINSTAL.EXE" /runtemp /uninstall
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{A1C962E2-2426-49C6-A38B-9A07E40D607C}
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)-->MsiExec.exe /X{41785C66-90F2-40CE-8CB5-1C94BFC97280}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
Microsoft Primary Interoperability Assemblies 2010-->MsiExec.exe /X{FA8E7AF5-C70E-3274-9740-9E697FBD5BB7}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Minecraft Cracked-->C:\Users\Bíďa\AppData\Roaming\.minecraft\Uninstall.exe
Mozilla Firefox 15.0 (x86 cs)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSXML 4.0 SP3 Parser-->MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94}
Nero 10 Menu TemplatePack Basic-->MsiExec.exe /X{63AA3EAB-23BB-48B2-9AD0-44F878075604}
Nero 10 Movie ThemePack Basic-->MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}
Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}
Nero BackItUp 10-->MsiExec.exe /X{68AB6930-5BFF-4FF6-923B-516A91984FE6}
Nero Burning ROM 10-->MsiExec.exe /X{7A5D731D-B4B3-490E-B339-75685712BAAB}
Nero BurningROM 10 Help (CHM)-->MsiExec.exe /X{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}
Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00}
Nero BurnRights 10-->MsiExec.exe /X{943CFD7D-5336-47AF-9418-E02473A5A517}
Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}
Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8}
Nero CoverDesigner 10-->MsiExec.exe /X{FCF00A6E-FB58-477A-ABE9-232907105521}
Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC}
Nero DiscSpeed 10-->MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C}
Nero Dolby Files 10-->MsiExec.exe /X{C3580AC4-C827-4332-B935-9A282ED5BB97}
Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98}
Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7}
Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E}
Nero InfoTool 10-->MsiExec.exe /X{F412B4AF-388C-4FF5-9B2F-33DB1C536953}
Nero MediaHub 10 Help (CHM)-->MsiExec.exe /X{F467862A-D9CA-47ED-8D81-B4B3C9399272}
Nero MediaHub 10-->MsiExec.exe /X{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}
Nero Multimedia Suite 10-->MsiExec.exe /I{277C1559-4CF7-44FF-8D07-98AA9C13AABD}
Nero Recode 10 Help (CHM)-->MsiExec.exe /X{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}
Nero Recode 10-->MsiExec.exe /X{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}
Nero RescueAgent 10 Help (CHM)-->MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7}
Nero RescueAgent 10-->MsiExec.exe /X{E337E787-CF61-4B7B-B84F-509202A54023}
Nero SoundTrax 10 Help (CHM)-->MsiExec.exe /X{16987E99-C95C-4513-9239-7B44A0A71DB5}
Nero SoundTrax 10-->MsiExec.exe /X{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}
Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}
Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}
Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
Nero Vision 10 Help (CHM)-->MsiExec.exe /X{329411A0-19F3-4740-874F-17400B126F27}
Nero Vision 10-->MsiExec.exe /X{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}
Nero WaveEditor 10 Help (CHM)-->MsiExec.exe /X{7A295D8F-484B-4FFB-89AB-C1FD497591FE}
Nero WaveEditor 10-->MsiExec.exe /X{EDCDFAD5-DF80-4600-A493-E9DAD6810230}
NVIDIA PhysX-->MsiExec.exe /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}
OpenOffice.org 3.3-->MsiExec.exe /I{10B43A43-FF73-47FD-83E8-A503E84F9ED6}
Origin-->C:\Program Files (x86)\Origin\OriginUninstall.exe
OSCAR Editor-->MsiExec.exe /I{0F3BEAD5-4368-4CBC-9876-11B8475DE285}
PC Wizard 2010.1.96-->"C:\Program Files (x86)\CPUID\PC Wizard 2010\unins000.exe"
Plane Arcade-->C:\Program Files (x86)\Plane Arcade\uninstall.exe
PowerISO-->"C:\Program Files (x86)\PowerISO\uninstall.exe"
PunkBuster Services-->C:\Users\Bíďa\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe -u
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\SETUP.EXE -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
Realtek USB 2.0 Reader Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{62BBB2F0-E220-4821-A564-730807D2C34D}\setup.exe" -runfromtemp -removeonly
Rockstar Games Social Club-->C:\Program Files (x86)\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe
S.T.A.L.K.E.R. - Call of Pripyat [v1.6.01]-->"C:\Program Files (x86)\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\unins000.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.10-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
Sonic Focus-->MsiExec.exe /I{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}
SpeedFan (remove only)-->"C:\Program Files (x86)\SpeedFan\uninstall.exe"
SweetIM for Messenger 3.7-->MsiExec.exe /X{7683B745-6060-41FD-AA75-0BBB383FEAD4}
TeamSpeak 3 Client-->"C:\Program Files (x86)\TeamSpeak 3 Client\uninstall.exe"
TechPowerUp GPU-Z-->"C:\Program Files (x86)\GPU-Z\uninstall.exe"
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Tough Trucks - Modified Monsters-->C:\PROGRA~2\ACTIVI~2\TOUGHT~1\UNWISE.EXE C:\PROGRA~2\ACTIVI~2\TOUGHT~1\INSTALL.LOG
Tough Trucks-->MsiExec.exe /I{8EDA7DAC-9020-4132-B80D-756A912A1D32}
Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended
Update for Office 2007 (KB934391)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
Update for Office 2007 (KB934393)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}
Update Manager for SweetPacks 1.0-->MsiExec.exe /X{FB697452-8CA4-46B4-98B1-165C922A2EF3}
VirtualDJ PRO Full-->MsiExec.exe /I{4769E972-2E92-49C5-B6F9-465EFD0C4D94}
WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
Wings of Prey (Collector's Edition)-->"C:\Program Files (x86)\Gaijin\Wings of Prey (Collector's Edition)\unins000.exe"
Wireless Console 3-->MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}
World of Tanks v.0.7.0-->"C:\Program Files (x86)\World_of_Tanks\unins000.exe"
World of Warplanes-->"C:\Games\World_of_Warplanes\unins000.exe"
X7 Oscar Editor-->"C:\Program Files (x86)\InstallShield Installation Information\{0F3BEAD5-4368-4CBC-9876-11B8475DE285}\setup.exe" -runfromtemp -l0x0409 -removeonly
Yandex.Bar v barvách Seznamu 5.4 pro Internet Explorer-->MsiExec.exe /X{7627A1A6-437E-43D1-A5D5-D4B1AFD2A3EB}
======System event log======
Computer Name: Bíďa-PC
Event Code: 7036
Message: Stav služby Funkčnost aplikací byl změněn na: Spuštěno
Record Number: 85217
Source Name: Service Control Manager
Time Written: 20120424125357.990866-000
Event Type: Informace
User:
Computer Name: Bíďa-PC
Event Code: 7036
Message: Stav služby Sekundární přihlašování byl změněn na: Spuštěno
Record Number: 85216
Source Name: Service Control Manager
Time Written: 20120424125357.540840-000
Event Type: Informace
User:
Computer Name: Bíďa-PC
Event Code: 7036
Message: Stav služby Defragmentace disku byl změněn na: Zastaveno
Record Number: 85215
Source Name: Service Control Manager
Time Written: 20120424124137.238497-000
Event Type: Informace
User:
Computer Name: Bíďa-PC
Event Code: 7036
Message: Stav služby Instalační služba modulů systému Windows byl změněn na: Zastaveno
Record Number: 85214
Source Name: Service Control Manager
Time Written: 20120424123606.896603-000
Event Type: Informace
User:
Computer Name: Bíďa-PC
Event Code: 7040
Message: Režim spuštění služby Instalační služba modulů systému Windows byl změněn z automatické spouštění na spouštění na vyžádání.
Record Number: 85213
Source Name: Service Control Manager
Time Written: 20120424123606.674590-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
=====Application event log=====
Computer Name: Bíďa-PC
Event Code: 2
Message:
Record Number: 2008065
Source Name: NVIDIA OpenGL Driver
Time Written: 20120908122109.000000-000
Event Type: Upozornění
User:
Computer Name: Bíďa-PC
Event Code: 2
Message:
Record Number: 2008064
Source Name: NVIDIA OpenGL Driver
Time Written: 20120908122109.000000-000
Event Type: Upozornění
User:
Computer Name: Bíďa-PC
Event Code: 2
Message:
Record Number: 2008063
Source Name: NVIDIA OpenGL Driver
Time Written: 20120908122109.000000-000
Event Type: Upozornění
User:
Computer Name: Bíďa-PC
Event Code: 2
Message:
Record Number: 2008062
Source Name: NVIDIA OpenGL Driver
Time Written: 20120908122109.000000-000
Event Type: Upozornění
User:
Computer Name: Bíďa-PC
Event Code: 2
Message:
Record Number: 2008061
Source Name: NVIDIA OpenGL Driver
Time Written: 20120908122109.000000-000
Event Type: Upozornění
User:
=====Security event log=====
Computer Name: Bíďa-PC
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: BÍĎA-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Účet, jehož pověření bylo použito:
Název účtu: Bíďa
Doména účtu: Bíďa-PC
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Cílový server:
Název cílového serveru: localhost
Další informace: localhost
Informace o procesu:
ID procesu: 0x38c
Název procesu: C:\Windows\System32\winlogon.exe
Informace o síti:
Síťová adresa: 127.0.0.1
Port: 0
Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 4790
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120303171411.740528-000
Event Type: Úspěšný audit
User:
Computer Name: Bíďa-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 4789
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120303121330.322702-000
Event Type: Úspěšný audit
User:
Computer Name: Bíďa-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: BÍĎA-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x358
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 4788
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120303121330.322702-000
Event Type: Úspěšný audit
User:
Computer Name: Bíďa-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 4787
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120303121029.185342-000
Event Type: Úspěšný audit
User:
Computer Name: Bíďa-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: BÍĎA-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x358
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 4786
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120303121029.185342-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files\Trend Micro\AMSP
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
-----------------EOF-----------------
"log"
Logfile of random's system information tool 1.09 (written by random/random)
Run by Bíďa at 2012-10-02 17:27:46
Microsoft Windows 7 Ultimate
System drive C: has 58 GB (23%) free of 252 GB
Total RAM: 8103 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:27:52, on 2.10.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe
C:\Users\Bíďa\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Bíďa.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://home.sweetim.com/?crg=3.1010000. ... 72896979F3}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://home.sweetim.com/?crg=3.1010000. ... 72896979F3}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O2 - BHO: Vizuální záložky - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Yandex.Bar - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"
http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DokanMounter - Unknown owner - C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13195 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Bíďa\AppData\Roaming\Mozilla\Firefox\Profiles\jrx9vtvf.default
prefs.js - "browser.startup.homepage" - "
http://www.seznam.cz/"
"{22C7F6C6-8D67-4534-92B5-529A0EC09405}"=C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\
"
wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.278 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.6.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Bíďa\AppData\Roaming\Mozilla\Firefox\Profiles\jrx9vtvf.default\extensions\
yasearch@yandex.ru
C:\Users\Bíďa\AppData\Roaming\Mozilla\Firefox\Profiles\jrx9vtvf.default\searchplugins\
sweetim.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll [2010-09-18 185680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-08-21 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-18 234832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C93F72A2-2162-4BBA-A07A-F13663C297A6}]
Vizuální záložky - C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll [2011-10-13 2697528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-08-21 157672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-06-04 1310040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6} - Yandex.Bar - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll [2011-10-20 12336440]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-06-04 1310040]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
"SonicMasterTray"=C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [2010-07-09 984400]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-08-29 1996200]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"OscarEditor"=C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [2010-07-22 2636800]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"=C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:
http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601 []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\SysWOW64\nvinit.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.VP70"=vp7vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.iv41"=Ir41_32.ax
"vidc.iv50"=ir50_32.dll
"VIDC.FPS1"=frapsvid.dll
"VIDC.FMVC"=fmcodec.dll
"msacm.iac2"=C:\Windows\system32\iac25_32.ax
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-10-02 17:27:47 ----D---- C:\Program Files (x86)\trend micro
2012-10-02 17:27:46 ----D---- C:\rsit
2012-10-02 14:09:24 ----D---- C:\Windows\LastGood
2012-10-02 13:08:28 ----D---- C:\Users\Bíďa\AppData\Roaming\Notebook Hardware Control
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\wininet.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\wextract.exe
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\webcheck.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\vbscript.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\urlmon.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\url.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\pngfilt.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\occache.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\msrating.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\msls31.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\mshtmler.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\mshtml.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\mshta.exe
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\jscript9.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\jscript.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\inseng.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\imgutil.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\iexpress.exe
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\ieui.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\iesysprep.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\iesetup.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\iertutil.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\iernonce.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\iepeers.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\ieframe.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\ieapfltr.dat
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\ieakui.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\ieaksie.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\ieakeng.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\IEAdvpack.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\ie4uinit.exe
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\icardie.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2012-10-02 09:54:07 ----A---- C:\Windows\SysWOW64\admparse.dll
2012-10-02 09:37:02 ----A---- C:\Windows\SysWOW64\imagehlp.dll
2012-10-02 09:37:01 ----A---- C:\Windows\SysWOW64\wintrust.dll
2012-10-02 09:37:00 ----A---- C:\Windows\SysWOW64\wmi.dll
2012-10-01 20:27:33 ----SHD---- C:\$RECYCLE.BIN
2012-10-01 19:31:01 ----D---- C:\Windows\temp
2012-10-01 19:30:58 ----A---- C:\ComboFix.txt
2012-10-01 19:16:56 ----A---- C:\Windows\zip.exe
2012-10-01 19:16:56 ----A---- C:\Windows\SWSC.exe
2012-10-01 19:16:56 ----A---- C:\Windows\SWREG.exe
2012-10-01 19:16:56 ----A---- C:\Windows\sed.exe
2012-10-01 19:16:56 ----A---- C:\Windows\PEV.exe
2012-10-01 19:16:56 ----A---- C:\Windows\NIRCMD.exe
2012-10-01 19:16:56 ----A---- C:\Windows\MBR.exe
2012-10-01 19:16:56 ----A---- C:\Windows\grep.exe
2012-10-01 19:14:50 ----D---- C:\Qoobox
2012-10-01 19:14:36 ----D---- C:\Windows\erdnt
2012-10-01 14:28:44 ----A---- C:\Windows\SysWOW64\d2d1.dll
2012-10-01 14:28:40 ----A---- C:\Windows\SysWOW64\DWrite.dll
2012-10-01 14:28:38 ----A---- C:\Windows\SysWOW64\d3d10_1core.dll
2012-10-01 14:28:37 ----A---- C:\Windows\SysWOW64\d3d10warp.dll
2012-10-01 14:28:37 ----A---- C:\Windows\SysWOW64\d3d10_1.dll
2012-10-01 14:28:32 ----A---- C:\Windows\SysWOW64\srclient.dll
2012-10-01 14:27:46 ----A---- C:\Windows\SysWOW64\quartz.dll
2012-10-01 14:27:44 ----A---- C:\Windows\SysWOW64\qdvd.dll
2012-10-01 14:27:18 ----A---- C:\Windows\SysWOW64\ntshrui.dll
2012-10-01 14:27:06 ----A---- C:\Windows\SysWOW64\webio.dll
2012-10-01 14:27:02 ----A---- C:\Windows\SysWOW64\msxml6.dll
2012-10-01 14:27:02 ----A---- C:\Windows\SysWOW64\msxml3.dll
2012-10-01 14:26:54 ----A---- C:\Windows\SysWOW64\win32spl.dll
2012-10-01 14:26:54 ----A---- C:\Windows\splwow64.exe
2012-10-01 14:26:34 ----A---- C:\Windows\SysWOW64\shell32.dll
2012-10-01 14:26:32 ----A---- C:\Windows\SysWOW64\d3d10level9.dll
2012-10-01 14:26:26 ----A---- C:\Windows\SysWOW64\schannel.dll
2012-10-01 14:26:25 ----A---- C:\Windows\SysWOW64\ncrypt.dll
2012-10-01 14:26:24 ----A---- C:\Windows\SysWOW64\sspicli.dll
2012-10-01 14:26:24 ----A---- C:\Windows\SysWOW64\secur32.dll
2012-10-01 14:25:22 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2012-10-01 14:25:21 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2012-10-01 14:25:12 ----A---- C:\Windows\SysWOW64\msi.dll
2012-10-01 14:24:43 ----A---- C:\Windows\SysWOW64\crypt32.dll
2012-10-01 14:24:41 ----A---- C:\Windows\SysWOW64\cryptsvc.dll
2012-10-01 14:24:41 ----A---- C:\Windows\SysWOW64\cryptnet.dll
2012-10-01 14:24:27 ----A---- C:\Windows\SysWOW64\netapi32.dll
2012-10-01 14:24:27 ----A---- C:\Windows\SysWOW64\browcli.dll
2012-10-01 14:24:08 ----A---- C:\Windows\SysWOW64\msvcrt.dll
2012-10-01 14:16:59 ----A---- C:\Windows\SysWOW64\ntdll.dll
2012-10-01 14:13:35 ----A---- C:\Windows\SysWOW64\rdpcore.dll
2012-10-01 14:13:34 ----A---- C:\Windows\SysWOW64\packager.dll
2012-09-30 23:03:19 ----D---- C:\Windows\pss
2012-09-30 22:42:28 ----A---- C:\TDSSKiller.2.8.10.0_30.09.2012_22.42.28_log.txt
2012-09-29 19:28:46 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2012-09-23 12:19:28 ----D---- C:\Program Files (x86)\BitTorrent
2012-09-23 12:19:01 ----D---- C:\Users\Bíďa\AppData\Roaming\BitTorrent
2012-09-15 19:10:38 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-09-09 21:36:48 ----D---- C:\Program Files (x86)\Dokan
2012-09-07 19:16:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-09-04 17:20:28 ----D---- C:\ProgramData\SweetIM
2012-09-04 17:20:28 ----D---- C:\Program Files (x86)\SweetIM
======List of files/folders modified in the last 1 month======
2012-10-02 17:27:47 ----RD---- C:\Program Files (x86)
2012-10-02 17:22:27 ----D---- C:\Users\Bíďa\AppData\Roaming\Skype
2012-10-02 16:02:48 ----RSD---- C:\Windows\assembly
2012-10-02 16:02:48 ----D---- C:\Windows\Microsoft.NET
2012-10-02 14:46:48 ----D---- C:\Program Files (x86)\SpeedFan
2012-10-02 14:25:30 ----SHD---- C:\Windows\Installer
2012-10-02 14:24:56 ----D---- C:\Windows\SysWOW64
2012-10-02 14:24:32 ----D---- C:\Windows\winsxs
2012-10-02 14:24:19 ----D---- C:\Windows\System32
2012-10-02 14:23:57 ----D---- C:\Windows\inf
2012-10-02 14:12:48 ----SHD---- C:\System Volume Information
2012-10-02 14:09:44 ----D---- C:\Windows\debug
2012-10-02 14:09:24 ----D---- C:\Windows
2012-10-02 12:12:57 ----D---- C:\Windows\Panther
2012-10-02 10:20:44 ----RSD---- C:\Windows\Fonts
2012-10-02 10:20:44 ----D---- C:\Windows\ehome
2012-10-02 10:20:43 ----D---- C:\Windows\AppPatch
2012-10-02 10:20:42 ----D---- C:\Windows\SysWOW64\cs-CZ
2012-10-02 10:20:42 ----D---- C:\Program Files (x86)\Internet Explorer
2012-10-02 10:20:41 ----D---- C:\Windows\SysWOW64\migration
2012-10-02 10:20:41 ----D---- C:\Windows\SysWOW64\en-US
2012-10-02 10:20:37 ----D---- C:\Windows\PolicyDefinitions
2012-10-02 09:55:29 ----D---- C:\Windows\Logs
2012-10-01 21:08:44 ----D---- C:\Users\Bíďa\AppData\Roaming\TS3Client
2012-10-01 19:29:53 ----D---- C:\Windows\Tasks
2012-10-01 19:27:40 ----A---- C:\Windows\system.ini
2012-10-01 19:26:46 ----D---- C:\ProgramData
2012-10-01 19:23:16 ----D---- C:\Windows\SysWOW64\drivers
2012-10-01 19:23:14 ----D---- C:\Program Files (x86)\Common Files
2012-10-01 13:31:36 ----D---- C:\Program Files (x86)\World_of_Tanks
2012-09-30 22:53:21 ----D---- C:\Users\Bíďa\AppData\Roaming\DAEMON Tools Lite
2012-09-30 22:53:19 ----D---- C:\Users\Bíďa\AppData\Roaming\Media Player Classic
2012-09-30 22:52:00 ----D---- C:\Windows\ModemLogs
2012-09-29 19:26:35 ----D---- C:\Windows\SoftwareDistribution
2012-09-29 19:26:11 ----D---- C:\Windows\SysWOW64\directx
2012-09-29 18:05:40 ----HD---- C:\Program Files (x86)\Common Files\EAInstaller
2012-09-29 15:20:52 ----D---- C:\Program Files (x86)\UDK
2012-09-23 10:27:13 ----D---- C:\Windows\Prefetch
2012-09-20 20:08:35 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-09-12 13:56:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-09-09 22:04:18 ----SD---- C:\Users\Bíďa\AppData\Roaming\Microsoft
2012-09-09 10:27:32 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-09-08 14:21:23 ----D---- C:\Users\Bíďa\AppData\Roaming\.minecraft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys []
R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-25 17536]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R1 SCDEmu;SCDEmu; C:\Windows\SysWOW64\drivers\SCDEmu.sys []
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys []
R2 Dokan;Dokan; \??\C:\Windows\system32\drivers\dokan.sys []
R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys []
R2 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys []
R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys []
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys []
R3 ALSysIO;ALSysIO; \??\C:\Users\BA778D~1\AppData\Local\Temp\ALSysIO64.sys []
R3 AMPPAL;Virtuální adaptér Intel(R) Centrino(R) Bluetooth 3.0 + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys []
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys []
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys []
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys []
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys []
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
R3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys []
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys []
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys []
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 AMPPALP;Protokol Intel(R) Centrino(R) Bluetooth 3.0 + High Speed; C:\Windows\system32\DRIVERS\amppal.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 btmaudio;Intel Bluetooth Audio Service; C:\Windows\system32\drivers\btmaud.sys []
S3 cpuz134;cpuz134; \??\C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [2010-07-09 21480]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys []
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys []
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 vhidmini;CrazyRemote Hid Device; C:\Windows\system32\DRIVERS\crazyremote64.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys []
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe []
R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DokanMounter;DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [2011-01-10 14848]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-05-02 1517328]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-03-23 87040]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-04-08 75136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-05-02 844560]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 TiMiniService;TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-09-18 241488]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-20 250288]
S3 Amsp;Trend Micro Solution Platform; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2010-09-18 267480]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-07 114144]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Cetl jste si pravidla fora a dalsi veci ohledne CF - je jasne psano ze se nema spoustet bez doporuceni 
A nebo byla "koupena" nekde na internetu 
