Dobrý den, poprosil bych o kontrolu logu z RSIT. Přikládám oba logy, které mi RSIT vyplivlo a děkuji pro kontrolu.
info.txt logfile of random's system information tool 1.09 2013-01-16 01:12:39
======Uninstall list======
Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
-->MsiExec /X{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}
µTorrent-->"D:\Programs\utorrent\uTorrent.exe" /UNINSTALL
3DMark06-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -l0x9 -removeonly
7-Zip 9.20 (x64 edition)-->MsiExec.exe /I{23170F69-40C1-2702-0920-000001000000}
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_Plugin.exe -maintain plugin
Adobe Reader X (10.1.5) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Aktualizace NVIDIA 1.11.3-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{21A172EB-A8FA-4AD2-A5C9-D2ABA46B7E1A}\NVI2.DLL",UninstallPackage Display.Update
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
Apple Application Support-->MsiExec.exe /I{F5266D28-E0B2-4130-BFC5-EE155AD514DC}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
ASUS Xonar DX Audio Driver-->C:\Windows\System32\cmeauoxy.exe /rm /ppcioxygen
aTube Catcher-->D:\Programs\atube catcher\aTube Catcher 2.0\uninstall.exe
Avira Free Antivirus-->D:\Programs\Avira\Avira\AntiVir Desktop\setup.exe /REMOVE
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Canon MP Navigator EX 1.2-->"C:\Program Files (x86)\Canon\MP Navigator EX 1.2\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 1.2\uninst.ini
Canon MP190 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series /L0x0005
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon Utilities Easy-PhotoPrint EX-->D:\Programs\Tiskárna\Easy-PhotoPrint EX\uninst.exe uninst.ini
Canon Utilities Solution Menu-->C:\Program Files (x86)\Canon\SolutionMenu\uninst.exe uninst.ini
CCleaner-->"D:\Programs\Ccleaner\uninst.exe"
CDBurnerXP-->"D:\Programs\cdburnerXP\CDBurnerXP\unins000.exe"
CoD RconTool-->D:\Programs\Rcontool-old\Uninstal.exe
DiRT 3 Profile Import version 1.0-->"C:\Users\Ryder\Documents\My Games\DiRT3\savegame\unins000.exe"
DiRT 3-->MsiExec.exe /I{434D0FA0-1558-4D8E-AC3D-BD1000008400}
DiRT 3-->MsiExec.exe /X{434D0FA0-1558-4D8E-AC3D-BD1000008400}
EVEREST Ultimate Edition v5.50-->"D:\Programs\everest\EVEREST Ultimate Edition\unins000.exe"
FeedReader-->"D:\Programs\Softicker\FeedReader30\unins000.exe"
Final Fantasy 8 v1.2.31 reloaded-->"D:\Games\ff8\Final Fantasy 8\unins000.exe"
Fraps (remove only)-->"D:\Programs\Fraps\uninstall.exe"
Futuremark SystemInfo-->"C:\Program Files (x86)\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0009 -removeonly
GamePark-->"D:\Programs\gamepark client\GamePark\unins000.exe"
GameTracker Lite-->D:\Programs\gametracker\gametracker-uninst.exe
Gaming Mouse-->"C:\Program Files (x86)\Cyber Snipa Stinger Mouse\uninstall.exe"
Goalzone-->C:\Windows\GPInstall.exe "/UNINST=D:\Games\goalzone\UnInst.log" "/APPNAME=Goalzone"
Google Earth Plug-in-->MsiExec.exe /X{33286280-8617-11E1-8FF6-B8AC6F97B88E}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HD Tune 2.55-->"D:\Programs\Hd tune\HD Tune\unins000.exe"
HLSW v1.4.0.2-->"D:\Programs\Hlsw\HLSW\unins000.exe"
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B6E073B9-F238-379A-AA45-D323CD308DAE} /parameterfolder Client
Inkjet Printer/Scanner Extended Survey Program-->C:\Program Files (x86)\Canon\IJPLM\SETUP.EXE -R
Java 7 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217010FF}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{8FB1B528-E260-451E-9B55-E9152F94B80B}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F97E3841-CA9D-4964-9D64-26066241D26F}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Standard 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall STANDARD /dll OSETUP.DLL
Microsoft Office Standard 2007-->MsiExec.exe /X{90120000-0012-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Mozilla Firefox 18.0 (x86 cs)-->D:\Programs\Mozilla12\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
NVIDIA Ovladač 3D Vision 310.70-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{21A172EB-A8FA-4AD2-A5C9-D2ABA46B7E1A}\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladač řídící jednotky 3D Vision 310.70-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{21A172EB-A8FA-4AD2-A5C9-D2ABA46B7E1A}\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA Ovladače grafiky 310.70-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{21A172EB-A8FA-4AD2-A5C9-D2ABA46B7E1A}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /I{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.12.1031-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{21A172EB-A8FA-4AD2-A5C9-D2ABA46B7E1A}\NVI2.DLL",UninstallPackage Display.PhysX
Open Design Alliance DWGdirectX V2-->"C:\ProgramData\{5F4A0654-FF74-4580-88EE-80B52056A065}\DWGSetup2_3_1.exe" REMOVE=TRUE MODIFY=FALSE
OpenAL-->"C:\Program Files (x86)\OpenAL\OpenALwEAX.exe" /U
OpenOffice.org 3.2-->MsiExec.exe /I{FAB43061-FEFB-46E8-A159-96710395DB5E}
PCschematic® ELautomation Education 10.0-->D:\Programs\pičovina\PCSELEDU\setup.exe /uninstall
PowerISO-->"D:\Programs\Power Iso\PowerISO\uninstall.exe"
Proxifier version 2.91-->"D:\Programs\proxifier\Proxifier\unins000.exe"
QuickTime-->MsiExec.exe /I{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}
Rapture3D 2.4.8 Game-->"C:\Program Files (x86)\BRS\unins000.exe"
Registrace uživatele zařízení Canon MP190 series-->C:\Program Files (x86)\Canon\IJEREG\MP190 series\UNINST.EXE
Richard Burns Rally-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{72CE541B-52BD-4FA1-8CD6-19341939AB21}
Samsung Kies-->"C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe" -runfromtemp -l0x0409 -removeonly
Samsung Kies-->MsiExec.exe /I{758C8301-2696-4855-AF45-534B1200980A}
SAMSUNG USB Driver for Mobile Phones-->D:\Programs\kies\USB Drivers\Uninstall.exe
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {C6997D22-CC93-4ED9-AD8A-02C3F3D2F1F9}
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {43171CAD-DC60-4E7B-9703-B2EC18001B9F}
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {EF5B5C7F-20CB-4A3A-AC3D-F5DE2C2BFDC7}
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {020B65AD-B2ED-4B35-92CA-DB56EFB864A5}
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition -->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {020B65AD-B2ED-4B35-92CA-DB56EFB864A5}
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {CAB47CC0-A98C-47DD-9FA1-C0416EC96ED5}
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {488F0918-97F9-4CD0-8AD5-8986A46AC962}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {718E87EC-6590-485A-B12D-C01D290EDB12}
Seismovision 3 (remove only)-->"D:\Programs\Seismovision\uninst_seis3.exe"
Skype™ 6.0-->MsiExec.exe /X{EA17F4FC-FDBF-4CF8-A529-2D983132D053}
Soldat 1.5.0-->"D:\Games\soldatek\Soldat\unins000.exe"
Sony Vegas Pro 8.0-->MsiExec.exe /X{7C9AD221-994C-45B2-B46D-26F5735158CF}
Spyware Terminator 2012-->"C:\Program Files (x86)\Spyware Terminator\unins000.exe"
The KMPlayer (remove only)-->"D:\Programs\KMplayer\The KMPlayer\uninstall.exe"
TZAC ANTICHEAT 2-->D:\Programs\TZ-AC\TZAC2\uninst.exe
Universal AntiCheat 3 v1.044-->"D:\Programs\UAC\UAC3\unins000.exe"
UnLock Root 2.22-->D:\Programs\Unlock root\Unlockroot\uninstunlockroot.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {620E77C0-CDFE-4C14-AAEB-830ABB65864C}
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {8153EC80-C988-4336-8DAF-6D99C0D26E0C}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {5DB2894C-2DA4-4DEF-A051-795AE799964A}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {A030537D-0034-46AD-A730-B1119786F607}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {C7351301-60F9-4B04-AFF6-600A4C98CE40}
VLC media player 2.0.2-->D:\Programs\VLC player\VLC\uninstall.exe
Winamp-->"D:\Programs\Winamp-\Winamp\UninstWA.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR-->D:\Programs\Winrar\uninstall.exe
WRC FIA World Rally Championship-->"C:\Program Files (x86)\InstallShield Installation Information\{B6E3F2A0-DDBB-4F0A-BA7C-09138605DDAC}\setup.exe" -runfromtemp -l0x0409 -removeonly
Xfire (remove only)-->"D:\Programs\xfire\uninst.exe"
======System event log======
Computer Name: Ryder-PC
Event Code: 7036
Message: Stav služby Služba Plánovač multimédií byl změněn na: Zastaveno
Record Number: 194527
Source Name: Service Control Manager
Time Written: 20120804152518.478451-000
Event Type: Informace
User:
Computer Name: Ryder-PC
Event Code: 7036
Message: Stav služby Služba Plánovač multimédií byl změněn na: Spuštěno
Record Number: 194526
Source Name: Service Control Manager
Time Written: 20120804151854.660498-000
Event Type: Informace
User:
Computer Name: Ryder-PC
Event Code: 7036
Message: Stav služby Služba Plánovač multimédií byl změněn na: Zastaveno
Record Number: 194525
Source Name: Service Control Manager
Time Written: 20120804151512.185773-000
Event Type: Informace
User:
Computer Name: Ryder-PC
Event Code: 7036
Message: Stav služby Adobe Flash Player Update Service byl změněn na: Zastaveno
Record Number: 194524
Source Name: Service Control Manager
Time Written: 20120804151400.204656-000
Event Type: Informace
User:
Computer Name: Ryder-PC
Event Code: 7036
Message: Stav služby Adobe Flash Player Update Service byl změněn na: Spuštěno
Record Number: 194523
Source Name: Service Control Manager
Time Written: 20120804151400.204656-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: Ryder-PC
Event Code: 4096
Message:
Record Number: 4458
Source Name: Avira AntiVir
Time Written: 20110502122805.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: Ryder-PC
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4457
Source Name: Microsoft-Windows-WMI
Time Written: 20110502122802.000000-000
Event Type: Informace
User:
Computer Name: Ryder-PC
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 4456
Source Name: Microsoft-Windows-WMI
Time Written: 20110502122759.000000-000
Event Type: Informace
User:
Computer Name: Ryder-PC
Event Code: 1
Message: The service is started.
Record Number: 4455
Source Name: IJPLMSVC
Time Written: 20110502122758.000000-000
Event Type: Informace
User:
Computer Name: Ryder-PC
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.
Record Number: 4454
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110502122754.149286-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
=====Security event log=====
Computer Name: Ryder-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: RYDER-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x260
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 37431
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120504175613.583168-000
Event Type: Úspěšný audit
User:
Computer Name: Ryder-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 37430
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120504175612.977133-000
Event Type: Úspěšný audit
User:
Computer Name: Ryder-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: RYDER-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x260
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 37429
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120504175612.977133-000
Event Type: Úspěšný audit
User:
Computer Name: Ryder-PC
Event Code: 4905
Message: Došlo k pokusu zrušit registraci zdroje události zabezpečení.
Předmět
ID zabezpečení: S-1-5-18
Název účtu: RYDER-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Proces:
ID procesu: 0xe64
Název procesu: C:\Windows\System32\VSSVC.exe
Zdroj události:
Název zdroje: VSSAudit
ID zdroje události: 0x41950e
Record Number: 37428
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120504174104.145151-000
Event Type: Úspěšný audit
User:
Computer Name: Ryder-PC
Event Code: 4904
Message: Došlo k pokusu zaregistrovat zdroj události zabezpečení.
Předmět :
ID zabezpečení: S-1-5-18
Název účtu: RYDER-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Proces:
ID procesu: 0xe64
Název procesu: C:\Windows\System32\VSSVC.exe
Zdroj události:
Název zdroje: VSSAudit
ID zdroje události: 0x41950e
Record Number: 37427
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120504174104.145151-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;D:\Programs\Quicktime-apple\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"CLASSPATH"=.;D:\Programs\Java\lib\ext\QTJava.zip
"QTJAVA"=D:\Programs\Java\lib\ext\QTJava.zip
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Ryder at 2013-01-16 01:12:33
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 13 GB (9%) free of 150 GB
Total RAM: 4094 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:12:37, on 16.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\HsMgr.exe
C:\Program Files\ASUS Xonar DX Audio\Customapp\ASUSAUDIOCENTER.EXE
C:\Users\Ryder\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
D:\Programs\Avira\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\trend micro\Ryder.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programs\Java\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programs\Java\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "D:\Programs\Avira\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "D:\Programs\utorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [RSSGuard] C:\Users\Ryder\Desktop\rssguard-1.0.10-win\rssguard\rssguard.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ryder\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-21-2597100678-3333478538-1327677117-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2597100678-3333478538-1327677117-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Xfire.lnk = D:\Programs\xfire\Xfire.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Programs\MSOFFI~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programs\MSOFFI~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - D:\Programs\Avira\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - D:\Programs\Avira\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: GS In-Game Service - ClanServers Hosting LLC - D:\Programs\gametracker\GSInGameService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - D:\Programs\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Windows\
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7859 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"D:\Programs\Avira\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"D:\Programs\Avira\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
D:\Programs\gametracker\GSInGameService.exe
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
"D:\Programs\Alcohol120%\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"D:\Programs\Avira\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000644
taskeng.exe {31B30C84-2E0E-459C-A696-866707F3C855}
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe"
"C:\Windows\SysWOW64\HsMgr.exe" Envoke
"C:\Windows\system\HsMgr64.exe" Envoke
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\ASUS Xonar DX Audio\Customapp\ASUSAUDIOCENTER.EXE"
C:\Users\Ryder\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Users\Ryder\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"D:\Programs\Avira\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Ryder\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2597100678-3333478538-1327677117-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2597100678-3333478538-1327677117-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Ryder\AppData\Roaming\Mozilla\Firefox\Profiles\jp6i1yzz.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=undefined&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.10.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=D:\Programs\Java\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Programs\adobe reader\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
D:\Programs\Mozilla12\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
D:\Programs\Mozilla12\components\
binary.manifest
browsercomps.dll
D:\Programs\Mozilla12\plugins\
np-mswmp.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
D:\Programs\Mozilla12\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Ryder\AppData\Roaming\Mozilla\Firefox\Profiles\jp6i1yzz.default\extensions\
{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
C:\Users\Ryder\AppData\Roaming\Mozilla\Firefox\Profiles\jp6i1yzz.default\searchplugins\
askcom.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Programs\Java\bin\jp2ssv.dll [2012-12-25 170416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Programs\Java\bin\ssv.dll [2012-12-25 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Programs\Java\bin\jp2ssv.dll [2012-12-25 170416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2007-10-25 652624]
"Cmaudio8788"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Cmaudio8788GX"=C:\Windows\syswow64\HsMgr.exe [2008-07-11 200704]
"Cmaudio8788GX64"=C:\Windows\system\HsMgr64.exe [2008-07-11 282112]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"uTorrent"=D:\Programs\utorrent\uTorrent.exe [2012-12-10 969104]
"RSSGuard"=C:\Users\Ryder\Desktop\rssguard-1.0.10-win\rssguard\rssguard.exe []
"Google Update"=C:\Users\Ryder\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-11 116648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
D:\Programs\adobe reader\Reader\Reader_sl.exe [2012-12-18 38112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
D:\Programs\Alcohol120%\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-09-13 1840720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
D:\Programs\kies\Kies\KiesHelper.exe /s []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
D:\Programs\kies\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-08-07 21432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
D:\Programs\kies\Kies\Kies.exe [2012-08-07 960440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
D:\Programs\kies\Kies\KiesTrayAgent.exe [2012-08-07 3524536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
D:\Programs\Power Iso\PowerISO\PWRISOVM.EXE [2011-06-15 307200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\Programs\Quicktime-apple\QTTask.exe [2012-10-25 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2012-09-07 2777296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-09-07 3673808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
D:\Programs\Winamp-\Winamp\winampa.exe [2008-09-12 36352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ryder^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-06-07 1195520]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=D:\Programs\Avira\Avira\AntiVir Desktop\avgnt.exe [2012-12-04 384800]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
C:\Users\Ryder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Xfire.lnk - D:\Programs\xfire\Xfire.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2010-11-20 290304]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-01-16 01:12:33 ----D---- C:\rsit
2013-01-15 17:41:53 ----A---- C:\Windows\system32\mshtml.dll
2013-01-15 17:41:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-01-09 18:37:10 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-01-09 18:37:10 ----A---- C:\Windows\system32\win32spl.dll
2013-01-09 18:36:50 ----A---- C:\Windows\system32\msxml6.dll
2013-01-09 18:36:49 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-09 18:36:49 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-09 18:36:49 ----A---- C:\Windows\system32\msxml3.dll
2013-01-09 18:36:44 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-09 18:36:44 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-09 18:36:43 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-01-09 18:36:43 ----A---- C:\Windows\system32\usp10.dll
2013-01-09 18:36:41 ----A---- C:\Windows\system32\Wpc.dll
2013-01-09 18:36:40 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-01-09 18:36:40 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-01-09 18:36:40 ----A---- C:\Windows\system32\gameux.dll
2013-01-09 18:36:14 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-01-09 18:36:14 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-01-09 18:36:14 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-09 18:36:14 ----A---- C:\Windows\system32\kernel32.dll
2013-01-09 18:36:13 ----A---- C:\Windows\system32\wow64win.dll
2013-01-09 18:36:13 ----A---- C:\Windows\system32\wow64cpu.dll
2013-01-09 18:36:13 ----A---- C:\Windows\system32\wow64.dll
2013-01-09 18:36:13 ----A---- C:\Windows\system32\winsrv.dll
2013-01-09 18:36:13 ----A---- C:\Windows\system32\conhost.exe
2013-01-09 18:36:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-09 18:36:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 18:36:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 18:36:12 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 18:36:12 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 18:36:12 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 18:36:12 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-01-09 18:36:12 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-01-09 18:36:12 ----A---- C:\Windows\system32\ntvdm64.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 18:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 18:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 18:36:10 ----A---- C:\Windows\SYSWOW64\user.exe
2013-01-09 18:36:10 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-01-09 18:36:10 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-01-09 18:35:52 ----A---- C:\Windows\system32\taskhost.exe
2013-01-09 18:35:51 ----A---- C:\Windows\system32\win32k.sys
2013-01-03 01:20:45 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-01-03 01:20:19 ----A---- C:\Windows\system32\nvvsvc.exe
2013-01-03 01:20:19 ----A---- C:\Windows\system32\nvsvcr.dll
2013-01-03 01:20:19 ----A---- C:\Windows\system32\nvsvc64.dll
2013-01-03 01:20:19 ----A---- C:\Windows\system32\nvshext.dll
2013-01-03 01:20:19 ----A---- C:\Windows\system32\nvmctray.dll
2013-01-03 01:20:19 ----A---- C:\Windows\system32\nvcpl.dll
2013-01-03 01:19:12 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-01-03 01:19:12 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-01-03 01:19:12 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-01-03 01:19:12 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-01-03 01:19:12 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-01-03 01:19:12 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-01-03 01:19:12 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-01-03 01:19:12 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-01-03 01:19:12 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-01-03 01:19:12 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-01-03 01:19:12 ----A---- C:\Windows\system32\nvopencl.dll
2013-01-03 01:19:12 ----A---- C:\Windows\system32\nvoglv64.dll
2013-01-03 01:19:12 ----A---- C:\Windows\system32\nvdispgenco64.dll
2013-01-03 01:19:12 ----A---- C:\Windows\system32\nvdispco64.dll
2013-01-03 01:19:12 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-01-03 01:19:12 ----A---- C:\Windows\system32\nvcuvid.dll
2013-01-03 01:19:12 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-01-03 01:19:12 ----A---- C:\Windows\system32\nvcuda.dll
2013-01-03 01:19:12 ----A---- C:\Windows\system32\nvcompiler.dll
2013-01-03 01:19:12 ----A---- C:\Windows\system32\nvapi64.dll
2013-01-03 01:19:12 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-01-03 01:15:54 ----D---- C:\ProgramData\NVIDIA Corporation
2013-01-02 05:38:05 ----ASH---- C:\pagefile.sys
2012-12-31 17:01:04 ----D---- C:\Users\Ryder\AppData\Roaming\Avira
2012-12-31 16:54:55 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2012-12-31 16:54:55 ----A---- C:\Windows\system32\drivers\avipbb.sys
2012-12-31 16:54:55 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2012-12-31 16:54:49 ----D---- C:\ProgramData\Avira
2012-12-26 11:18:46 ----D---- C:\Users\Ryder\AppData\Roaming\Apple Computer
2012-12-25 22:22:08 ----D---- C:\ProgramData\Apple Computer
2012-12-25 22:20:54 ----D---- C:\ProgramData\Apple
2012-12-25 22:20:54 ----D---- C:\Program Files (x86)\Apple Software Update
2012-12-25 22:13:43 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2012-12-25 22:13:43 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-12-25 22:13:33 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2012-12-25 22:13:33 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-12-25 22:13:33 ----A---- C:\Windows\SYSWOW64\java.exe
2012-12-22 22:11:51 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-12-22 22:11:51 ----A---- C:\Windows\system32\atmlib.dll
2012-12-22 22:11:49 ----A---- C:\Windows\system32\atmfd.dll
2012-12-22 22:11:48 ----A---- C:\Windows\SYSWOW64\atmfd.dll
======List of files/folders modified in the last 1 month======
2013-01-16 01:12:35 ----D---- C:\Program Files\trend micro
2013-01-16 01:12:34 ----D---- C:\Windows\temp
2013-01-16 01:11:40 ----D---- C:\Users\Ryder\AppData\Roaming\Xfire
2013-01-16 01:11:36 ----D---- C:\Users\Ryder\AppData\Roaming\uTorrent
2013-01-16 01:09:33 ----D---- C:\ProgramData\NVIDIA
2013-01-16 00:33:38 ----D---- C:\Windows\system32\config
2013-01-16 00:33:23 ----D---- C:\Users\Ryder\AppData\Roaming\Skype
2013-01-15 21:47:28 ----D---- C:\Users\Ryder\AppData\Roaming\TS3Client
2013-01-15 21:38:45 ----D---- C:\Windows\SysWOW64
2013-01-15 21:38:43 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-01-15 19:23:52 ----D---- C:\Windows\System32
2013-01-15 19:23:26 ----SHD---- C:\System Volume Information
2013-01-15 17:40:26 ----D---- C:\Windows\system32\catroot2
2013-01-15 17:40:26 ----D---- C:\Windows\system32\catroot
2013-01-15 17:40:19 ----D---- C:\Windows\winsxs
2013-01-14 16:15:46 ----D---- C:\Windows\Microsoft.NET
2013-01-14 16:15:45 ----RSD---- C:\Windows\assembly
2013-01-13 18:39:56 ----SHD---- C:\Windows\Installer
2013-01-12 23:10:09 ----D---- C:\Users\Ryder\AppData\Roaming\vlc
2013-01-12 21:30:03 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-01-11 07:42:01 ----D---- C:\ProgramData\Xfire
2013-01-10 14:19:21 ----D---- C:\Windows\Prefetch
2013-01-10 14:16:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-01-10 14:16:30 ----D---- C:\Windows\system32\cs-CZ
2013-01-10 14:16:27 ----D---- C:\Windows\AppPatch
2013-01-10 00:21:05 ----D---- C:\ProgramData\Microsoft Help
2013-01-10 00:18:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-10 00:18:37 ----D---- C:\Windows\inf
2013-01-10 00:14:13 ----A---- C:\Windows\system32\MRT.exe
2013-01-09 20:14:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-01-08 13:42:14 ----D---- C:\Windows\system32\FxsTmp
2013-01-08 13:37:14 ----D---- C:\ProgramData\CanonIJPLM
2013-01-03 01:23:50 ----D---- C:\Windows
2013-01-03 01:21:23 ----D---- C:\Windows\system32\DriverStore
2013-01-03 01:20:54 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-01-03 01:20:45 ----RD---- C:\Program Files (x86)
2013-01-03 01:20:32 ----RD---- C:\Users
2013-01-03 01:20:30 ----D---- C:\Program Files\NVIDIA Corporation
2013-01-03 01:20:29 ----D---- C:\Temp
2013-01-03 01:20:09 ----D---- C:\Windows\Help
2013-01-03 01:19:48 ----D---- C:\Windows\system32\drivers
2013-01-03 01:15:54 ----D---- C:\ProgramData
2013-01-03 01:08:45 ----D---- C:\NVIDIA
2013-01-01 14:10:55 ----D---- C:\ProgramData\Spyware Terminator
2013-01-01 04:39:55 ----D---- C:\Windows\system32\Tasks
2012-12-28 17:38:33 ----SHD---- C:\$RECYCLE.BIN
2012-12-25 22:22:27 ----D---- C:\Program Files (x86)\Internet Explorer
2012-12-25 22:21:10 ----D---- C:\Program Files (x86)\Common Files
2012-12-25 22:13:19 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-12-19 18:40:56 ----D---- C:\Windows\rescache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-07-11 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-12-03 129216]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2011-06-15 93240]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-12-03 99912]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2011-12-07 51496]
R3 cmudaxp;ASUS Xonar DX Audio Interface; C:\Windows\system32\drivers\cmudaxp.sys [2011-03-10 2725376]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-06-04 99384]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-06-04 203320]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 tizeqdrv;tizeqdrv; \??\C:\Users\Ryder\AppData\Roaming\TZAC2\tizeq64.sys [2012-09-02 171704]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AntiVirService;Avira Real-Time Protection; D:\Programs\Avira\Avira\AntiVir Desktop\avguard.exe [2012-12-04 109344]
R2 AntiVirSchedulerService;Avira Scheduler; D:\Programs\Avira\Avira\AntiVir Desktop\sched.exe [2012-12-04 85280]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GS In-Game Service;GS In-Game Service; D:\Programs\gametracker\GSInGameService.exe [2011-11-10 1677072]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-12-01 890216]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-03 1259880]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-05-15 76888]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2011-11-22 1148632]
R2 StarWindServiceAE;StarWind AE Service; D:\Programs\Alcohol120%\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-30 382824]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-20 116648]
S2 SkypeUpdate;Skype Updater; D:\Programs\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-11-11 128928]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-20 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivní kontrola
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Re: Preventivní kontrola
Zdravim 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:reg [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"=- "RSSGuard"=- "Google Update"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ryder^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"=- :files C:\Users\Ryder\AppData\Roaming\Mozilla\Firefox\Profiles\jp6i1yzz.default\searchplugins\askcom.xml C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2597100678-3333478538-1327677117-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2597100678-3333478538-1327677117-1000UA.job %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivní kontrola
Abych pravdu řekl, měl jsem mozille uloženo nemálo panelů. Naštěstí jsem si je ale zálohoval 3 dny zpět, takže těch pár nebude problém dohledat.
All processes killed
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\RSSGuard deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ryder^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
========== FILES ==========
C:\Users\Ryder\AppData\Roaming\Mozilla\Firefox\Profiles\jp6i1yzz.default\searchplugins\askcom.xml moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2597100678-3333478538-1327677117-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2597100678-3333478538-1327677117-1000UA.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Error: Unble to create default HOSTS file!
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: Ryder
->Temp folder emptied: 759822202 bytes
->Temporary Internet Files folder emptied: 47748699 bytes
->Java cache emptied: 1849889 bytes
->FireFox cache emptied: 469130719 bytes
->Google Chrome cache emptied: 232073742 bytes
->Opera cache emptied: 58132372 bytes
->Flash cache emptied: 62311 bytes
User: UpdatusUser
User: UpdatusUser.Ryder-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1618992 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 246772400 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 657 bytes
RecycleBin emptied: 14648828632 bytes
Total Files Cleaned = 15 703,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: Ryder
->Flash cache emptied: 0 bytes
User: UpdatusUser
User: UpdatusUser.Ryder-PC
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Public
User: Ryder
->Java cache emptied: 0 bytes
User: UpdatusUser
User: UpdatusUser.Ryder-PC
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 01162013_184523
Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
C:\Users\Ryder\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
All processes killed
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\RSSGuard deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ryder^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
========== FILES ==========
C:\Users\Ryder\AppData\Roaming\Mozilla\Firefox\Profiles\jp6i1yzz.default\searchplugins\askcom.xml moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2597100678-3333478538-1327677117-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2597100678-3333478538-1327677117-1000UA.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Error: Unble to create default HOSTS file!
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: Ryder
->Temp folder emptied: 759822202 bytes
->Temporary Internet Files folder emptied: 47748699 bytes
->Java cache emptied: 1849889 bytes
->FireFox cache emptied: 469130719 bytes
->Google Chrome cache emptied: 232073742 bytes
->Opera cache emptied: 58132372 bytes
->Flash cache emptied: 62311 bytes
User: UpdatusUser
User: UpdatusUser.Ryder-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1618992 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 246772400 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 657 bytes
RecycleBin emptied: 14648828632 bytes
Total Files Cleaned = 15 703,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: Ryder
->Flash cache emptied: 0 bytes
User: UpdatusUser
User: UpdatusUser.Ryder-PC
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Public
User: Ryder
->Java cache emptied: 0 bytes
User: UpdatusUser
User: UpdatusUser.Ryder-PC
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 01162013_184523
Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
C:\Users\Ryder\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: Preventivní kontrola
Oni zmiznuly 
Ja tam odmazaval jen jeden nezadouci vyhledavac 
Ja tam odmazaval jen jeden nezadouci vyhledavac "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivní kontrola
A je už všechno v pořádku? Panelů jsem zase tolik neztratil. Způsob návratnosti panelů, ale asi neexstije
Re: Preventivní kontrola
Spise je mi divne, ze vubec zmizely T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?