VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím Vás o kontrolu mého logu

https://forum.viry.cz:443/viewtopic.php?t=108532

Stránka 1 z 1

Prosím Vás o kontrolu mého logu

Napsal: 16 led 2011 09:18
od Michal Prosek
Dobrý den mám podezření, že jsem si neprozřetelně stáhl nějakou havěť. Prosím Vás o kontrolu logu. Díky moc

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrátor at 2011-01-16 09:10:00
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 29 GB (11%) free of 273 GB
Total RAM: 3070 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:10:16, on 16.1.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Apoint\Apoint.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Sony\HotKey Utility\HKServ.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Users\Administrátor\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrátor\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrátor\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\windows defender\MSASCui.exe
C:\Users\Administrátor\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Public\Downloads\Antiviry\RSIT.exe
C:\Program Files\trend micro\Administrátor.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{AD112630-818A-4953-8572-2DA90711DC5D}: NameServer = 212.158.128.2,212.158.128.3
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1ca274e7c19cde0) (gupdate1ca274e7c19cde0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7552 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{8EC79E92-3498-4F7F-AA6B-58EB46C2478D}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-11-25 382720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-08-27 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2007-06-10 118784]
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2007-09-19 311296]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-10-30 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-10-30 8429568]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-10-30 81920]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-02-12 1794320]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-01-13 3396624]
"HKSERV.EXE"=C:\Program Files\Sony\HotKey Utility\HKserv.exe [2004-06-29 122880]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Administrátor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\Windows\system32\VESWinlogon.dll [2007-08-15 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll [2009-10-02 128360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-01-16 09:10:00 ----D---- C:\rsit
2011-01-12 21:14:17 ----A---- C:\Windows\system32\odbc32.dll
2011-01-12 21:14:10 ----A---- C:\Windows\system32\sdclt.exe
2011-01-06 22:58:39 ----D---- C:\Users\Administrátor\AppData\Roaming\Clones
2011-01-04 22:59:18 ----D---- C:\Users\Administrátor\AppData\Roaming\AnvSoft
2011-01-04 22:59:16 ----D---- C:\Program Files\AnvSoft
2011-01-04 21:54:24 ----SHD---- C:\$RECYCLE.BIN
2011-01-04 18:44:39 ----D---- C:\Windows\temp
2011-01-03 23:32:02 ----D---- C:\Windows\ERDNT
2011-01-03 06:50:52 ----D---- C:\Users\Administrátor\AppData\Roaming\Malwarebytes
2011-01-03 06:49:05 ----D---- C:\ProgramData\Malwarebytes
2011-01-03 06:48:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-12-30 22:43:08 ----A---- C:\Windows\system32\iertutil.dll
2010-12-30 22:43:07 ----A---- C:\Windows\system32\mshtml.dll
2010-12-30 22:43:06 ----A---- C:\Windows\system32\mstime.dll
2010-12-30 22:43:06 ----A---- C:\Windows\system32\ieframe.dll
2010-12-30 22:43:01 ----A---- C:\Windows\system32\ie4uinit.exe
2010-12-30 22:42:59 ----A---- C:\Windows\system32\wininet.dll
2010-12-30 22:42:59 ----A---- C:\Windows\system32\urlmon.dll
2010-12-30 22:42:59 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-30 22:42:58 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-30 22:42:58 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-30 22:42:57 ----A---- C:\Windows\system32\occache.dll
2010-12-30 22:42:57 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-30 22:42:57 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-30 22:42:57 ----A---- C:\Windows\system32\ieUnatt.exe
2010-12-30 22:42:57 ----A---- C:\Windows\system32\ieui.dll
2010-12-30 22:42:57 ----A---- C:\Windows\system32\iesysprep.dll
2010-12-30 22:42:57 ----A---- C:\Windows\system32\iesetup.dll
2010-12-30 22:42:57 ----A---- C:\Windows\system32\iepeers.dll
2010-12-30 22:42:56 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-30 22:42:56 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-30 22:42:56 ----A---- C:\Windows\system32\iernonce.dll
2010-12-30 22:42:26 ----A---- C:\Windows\system32\tzres.dll
2010-12-30 22:41:48 ----A---- C:\Windows\system32\atmlib.dll
2010-12-30 22:41:48 ----A---- C:\Windows\system32\atmfd.dll
2010-12-30 22:41:46 ----A---- C:\Windows\system32\fontsub.dll
2010-12-30 22:41:39 ----A---- C:\Windows\system32\taskschd.dll
2010-12-30 22:41:39 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-30 22:41:38 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-30 22:41:38 ----A---- C:\Windows\system32\taskeng.exe
2010-12-30 22:41:38 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-30 22:41:33 ----A---- C:\Windows\system32\consent.exe
2010-12-30 16:13:12 ----D---- C:\Program Files\Oddworld Inhabitants

======List of files/folders modified in the last 1 months======

2011-01-16 09:10:14 ----D---- C:\Program Files\trend micro
2011-01-16 08:47:13 ----D---- C:\Windows\Tasks
2011-01-16 08:43:57 ----D---- C:\Windows\system32\drivers
2011-01-16 08:43:04 ----D---- C:\Windows\Big Brain Wolf
2011-01-16 08:32:28 ----D---- C:\Program Files
2011-01-16 08:31:52 ----D---- C:\Windows\Prefetch
2011-01-16 08:30:36 ----D---- C:\Windows\System32
2011-01-16 08:30:36 ----A---- C:\Windows\system32\wrap_oal.dll
2011-01-16 08:30:36 ----A---- C:\Windows\system32\OpenAL32.dll
2011-01-16 08:10:01 ----D---- C:\Program Files\FreeRapid
2011-01-16 01:40:47 ----SHD---- C:\System Volume Information
2011-01-15 19:21:27 ----D---- C:\Windows
2011-01-14 17:20:11 ----D---- C:\Users\Administrátor\AppData\Roaming\Skype
2011-01-14 17:04:07 ----D---- C:\Users\Administrátor\AppData\Roaming\skypePM
2011-01-14 00:40:37 ----D---- C:\Windows\system32\catroot2
2011-01-13 09:47:32 ----A---- C:\Windows\system32\aswBoot.exe
2011-01-12 21:18:31 ----A---- C:\Windows\system32\mrt.exe
2011-01-12 21:18:19 ----D---- C:\Windows\winsxs
2011-01-12 21:17:34 ----SHD---- C:\Windows\Installer
2011-01-12 21:17:22 ----D---- C:\ProgramData\Microsoft Help
2011-01-12 21:13:58 ----D---- C:\Windows\system32\catroot
2011-01-08 10:04:41 ----D---- C:\Windows\inf
2011-01-08 10:04:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-06 23:22:02 ----D---- C:\Program Files\Steam
2011-01-06 23:18:39 ----D---- C:\Program Files\Common Files\Steam
2011-01-05 17:46:16 ----D---- C:\Users\Administrátor\AppData\Roaming\MahJong Suite
2011-01-04 18:20:19 ----A---- C:\Windows\system.ini
2011-01-04 18:06:49 ----D---- C:\Windows\AppPatch
2011-01-04 18:06:46 ----D---- C:\Program Files\Common Files
2011-01-03 07:04:28 ----D---- C:\Program Files\Microsoft Silverlight
2011-01-03 07:04:14 ----D---- C:\Windows\nap
2011-01-03 06:49:05 ----D---- C:\ProgramData
2011-01-02 09:57:45 ----D---- C:\Windows\system32\Tasks
2010-12-30 23:49:31 ----D---- C:\Windows\rescache
2010-12-30 23:29:38 ----D---- C:\Windows\system32\migration
2010-12-30 23:29:38 ----D---- C:\Program Files\Windows Mail
2010-12-30 23:29:38 ----D---- C:\Program Files\Internet Explorer
2010-12-30 22:49:28 ----D---- C:\Windows\system32\cs-CZ
2010-12-30 22:44:45 ----D---- C:\Windows\Debug
2010-12-23 18:05:37 ----D---- C:\Program Files\Winamp
2010-12-23 18:04:58 ----D---- C:\Program Files\Winamp Detect

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2010-02-12 130080]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2010-02-12 28704]
R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2007-09-19 10216]
R1 Inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2010-02-12 68640]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2009-01-23 142592]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-10-05 12672]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-18 11032]
R2 SymAFR;SymAFR; C:\Windows\system32\DRIVERS\SymAFR.sys [2009-09-12 15408]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-05 8192]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-06-10 140800]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-10-05 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-10-05 207360]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-10-30 7115072]
R3 R5U870FLx86;R5U870 UVC Lower Filter ; C:\Windows\System32\Drivers\R5U870FLx86.sys [2007-10-30 75008]
R3 R5U870FUx86;R5U870 UVC Upper Filter ; C:\Windows\System32\Drivers\R5U870FUx86.sys [2007-10-30 43904]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-08-29 9344]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-10-27 330240]
R3 ti21sony;ti21sony; C:\Windows\system32\drivers\ti21sony.sys [2007-06-06 812544]
R3 usbvideo;R5U870 (UVC) ; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-10-05 659968]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-10-05 246784]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-19 45696]
S3 a5djt5na;a5djt5na; C:\Windows\system32\drivers\a5djt5na.sys []
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-19 40448]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-10-10 81448]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2007-10-10 99880]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2007-10-10 28464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-10-10 17448]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-19 52608]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-01-16 47360]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys []
S3 uxkx1;ASUS MyCinema DiBcom based digital tuner device; C:\Windows\system32\DRIVERS\uxkx1.sys [2008-10-28 609280]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-03-02 29184]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-02-14 128104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-10 124832]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-02-12 692496]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\stacsv.exe [2007-10-27 102400]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-05 386560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 gupdate1ca274e7c19cde0;Služba Google Update (gupdate1ca274e7c19cde0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-27 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-27 194032]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-06-18 654848]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-01-06 403240]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 GameConsoleService;GameConsoleService; C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe []

-----------------EOF-----------------

Re: Prosím Vás o kontrolu mého logu

Napsal: 16 led 2011 09:23
od Michal Prosek
Někde na ploše se mi objevil tento log. Asi jsem trochu mimo..ale nevím kde se tam vzal. Pro jistotu přikládám.


info.txt logfile of random's system information tool 1.06 2011-01-16 09:10:19

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
-->MsiExec.exe /I{0394CDC8-FABD-4ED8-B104-03393876DFDF}
-->MsiExec.exe /I{0D397393-9B50-4C52-84D5-77E344289F87}
-->MsiExec.exe /I{0F122737-72B2-4095-8B3E-7AAE753DFD3D}
-->MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
-->MsiExec.exe /I{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}
-->MsiExec.exe /I{83FFCFC7-88C6-41C6-8752-958A45325C82}
-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop Elements 6.0-->msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250}
Adobe Reader 8.1.6-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
Adobe Shockwave Player-->C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log
Alps Pointing-device for VAIO-->C:\Program Files\Apoint\Uninstap.exe ADDREMOVE
Any Audio Converter 3.0.7-->"C:\Program Files\AnvSoft\Any Audio Converter\unins000.exe"
Any Video Converter 2.5.5-->"C:\Program Files\Any Video Converter\unins000.exe"
ArtRage 2-->MsiExec.exe /X{13CB54D3-A7C9-4B23-89A4-6331368AFD30}
Atlantis - Sky Patrol (remove only)-->C:\Big Fish Games\Atlantis - Sky Patrol\Uninstall.exe
avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\pccs_bluetooth.inf_48f6f624\pccs_bluetooth.inf
Balíček ovladače systému Windows - Nokia Modem (02/23/2009 7.01.0.2)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_a366d9d6\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia Modem (02/24/2009 4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_9e7751a9\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia Modem (06/09/2010 4.5)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_8f891eb9\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_d3ed7b8f\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia Modem (10/12/2007 3.6)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_ee12375f\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Big Fish Games Center-->C:\Big Fish Games\Uninstall.exe
Big Fish Games Sudoku (remove only)-->C:\Big Fish Games\sudoku\Uninstall.exe
briblo Screen Saver-->C:\Windows\system32\briblo.scr /u
Browser Address Error Redirector-->regsvr32 /u /s "C:\PROGRA~1\GOOGLE~1\BAE.dll"
Burnout(TM) Paradise The Ultimate Box-->MsiExec.exe /X{9A996B6A-846E-4A89-B9C4-17546B7BE49F}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Click to Disc Editor-->C:\Program Files\InstallShield Installation Information\{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}\setup.exe -runfromtemp -l0x0409
Click to Disc-->C:\Program Files\InstallShield Installation Information\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}\setup.exe -runfromtemp -l0x0009 -removeonly
Color Efex Pro 3.0 Complete-->C:\Program Files\Adobe\Photoshop Elements 6.0\Plug-Ins\Nik Software\Color Efex Pro 3.0 Complete\uninstall.exe
COMODO Internet Security-->C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe -u
ConvertHelper 2.2-->"C:\Program Files\ConvertHelper\unins000.exe"
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
Dfine 2.0-->C:\Program Files\Adobe\Photoshop Elements 6.0\Plug-Ins\Nik Software\Dfine 2.0\uninstall.exe
Dfx for Adobe Photoshop-->"C:\ProgramData\{864FA027-3C5C-4FAB-BF26-FE61C4656AC5}\Dfx-Photoshop-v2.0.2.exe" REMOVE=TRUE MODIFY=FALSE
Dfx for Adobe Photoshop-->C:\ProgramData\{864FA027-3C5C-4FAB-BF26-FE61C4656AC5}\Dfx-Photoshop-v2.0.2.exe
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DSD Direct Player-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{533D0A8A-D7E7-4F15-BC9E-FF2916A6BAA7}\setup.exe" -l0x9 -removeonly
DSD Direct-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}\setup.exe" -l0x9 -removeonly
DSD Playback Plug-in-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{009E7FB7-1775-4D89-8956-F5C9A1C019FC}\setup.exe" -l0x9 -removeonly
Fences (Free)-->"C:\Program Files\Stardock\Object Desktop\Fences\UninstHelper.exe" /autouninstall fences
Fences-->"C:\ProgramData\{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B}\Fences.exe" REMOVE=TRUE MODIFY=FALSE
Fences-->C:\ProgramData\{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B}\Fences.exe
Firebird SQL Server - MAGIX Edition-->C:\Program Files\MAGIX\Common\Database\unwise.exe
FLIQLO Screen Saver-->C:\Windows\system32\FLIQLO.scr /u
FreeRIP v3.081-->"C:\Program Files\FreeRIP3\unins000.exe"
GearDrvs-->MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Google Earth-->MsiExec.exe /X{4286E640-B5FB-11DF-AC4B-005056C00008}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
HDAUDIO SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200\UIU32m.exe -U -ISnSZIRXz.inf
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HotKey Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BB311F54-39D6-4A03-8E18-053D1B2833D7}\Setup.exe" -l0x9
IDT Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{07D8511D-C9FE-4A93-933F-EAA5C8F20095}\setup.exe" -l0x9 -remove -removeonly
Instant Mode-->C:\Program Files\InstallShield Installation Information\{E6707034-D7A4-49B1-94D0-F5AACE46F06C}\setup.exe -runfromtemp -l0x0009 -removeonly
iWisoft Free Video Converter 1.2-->"C:\Program Files\iWisoft Free Video Converter\unins000.exe"
Java(TM) 6 Update 19-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
Lara Croft and the Guardian of Light-->"C:\Program Files\SQUARE ENIX - Eidos Interactive\Lara Croft and the Guardian of Light\unins000.exe"
Learning Essentials for Microsoft Office-->MsiExec.exe /X{B348E585-E872-41DF-8234-E2D49917CFBB}
MAGIX Music Maker 15 Premium Download version 15.0.1.8 (US)-->C:\Program Files\MAGIX\MusicMaker15Premium_Download_version\unwise.exe
MAGIX Screenshare 4.3.6.1987 (US)-->C:\Program Files\MAGIX\PCVisit\unwise.exe
MahJong Suite 2010 v7.0-->"C:\Program Files\MahJong Suite\unins000.exe"
Mahjong Towers Eternity (remove only)-->C:\Big Fish Games\Mahjong Towers Eternity\Uninstall.exe
Machinarium-->C:\Program Files\Machinarium\uninst.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{1FDA5A37-B22D-43FF-B582-B8964050DC13}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{86A4C6D9-29EE-4719-AFA1-BA3341862B83}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{6AFCA4E1-9B78-3640-8F72-A7BF33448200}
Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Moje první anglická slova (instalace na disk)-->C:\Program Files\Terasoft\AJ_slova\Uninstal.exe
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mp3tag v2.41-->C:\Program Files\Mp3tag\Mp3tagUninstall.EXE
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Mystery Case Files - Prime Suspects (remove only)-->C:\Big Fish Games\Mystery Case Files - Prime Suspects\Uninstall.exe
Nástroj pro odesílání služby Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Neighbours From Hell Compilation-->C:\Program Files\InstallShield Installation Information\{5C81E5B5-15C0-4196-8FEC-BE56FFAB9437}\setup.exe -runfromtemp -l0x0405
Nokia Connectivity Cable Driver-->MsiExec.exe /I{F1FDAA01-988C-423F-AC12-0D8F333943FD}
Nokia PC Suite-->C:\ProgramData\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Nokia_PC_Suite_cze_web.exe
Nokia PC Suite-->MsiExec.exe /I{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}
Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
Norton UAC Tool-->C:\Program Files\NortonUAC\NUACSetup.exe
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
ObjectDock-->C:\PROGRA~1\Stardock\OBJECT~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\INSTALL.LOG
Oddworld The Oddboxx-->"C:\Program Files\Oddworld Inhabitants\Oddworld The Oddboxx\unins000.exe"
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenMG Limited Patch 4.7-07-15-19-01-->C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-15-19-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.7.00-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
PC Connectivity Solution-->MsiExec.exe /I{45DF6D99-666D-41FA-8D62-0E183B6240F3}
Peggle Nights Deluxe 1.0-->C:\Program Files\PopCap Games\Peggle Nights Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Peggle Nights Deluxe\Install.log"
Peggle World of Warcraft Edition-->C:\Program Files\PopCap Games\Peggle World of Warcraft Edition\PopUninstall.exe "C:\Program Files\PopCap Games\Peggle World of Warcraft Edition\Install.log"
PhotoJoy-->MsiExec.exe /X{15482D1C-117B-4201-8D39-985A91ED8433}
PhotoJoy-->Msiexec.exe /x{15482D1C-117B-4201-8D39-985A91ED8433} /qf /L*V "%temp%\PjUninstallLog.log"
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
RealNetworks - Microsoft Visual C++ 2008 Runtime-->MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}
RealPlayer-->c:\program files\real\realplayer\Update\r1puninst.exe RealNetworks|RealPlayer|12.0
RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
Recuva-->"C:\Program Files\Recuva\uninst.exe"
Revo Uninstaller 1.85-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Roxio Activation Module-->MsiExec.exe /I{07159635-9DFE-4105-BFC0-2817DB540C68}
Roxio Easy Media Creator Home-->MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Setting Utility Series-->"C:\Program Files\InstallShield Installation Information\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}\setup.exe" -runfromtemp -l0x0009 -removeonly
Sharpener Pro 3.0-->C:\Program Files\Adobe\Photoshop Elements 6.0\Plug-Ins\Nik Software\Sharpener Pro 3.0\uninstall.exe
Silver Efex Pro-->C:\Program Files\Adobe\Photoshop Elements 6.0\Plug-Ins\Nik Software\Silver Efex Pro\uninstall.exe
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
SolSuite 2010 v10.2-->"C:\Program Files\SolSuite\unins000.exe"
SolSuite Graphics Pack Volume 2 - v2.17-->"C:\Program Files\SolSuite\unins001.exe"
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Text-To-Speech-Runtime-->MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
Tinker-->MsiExec.exe /I{584109EB-4A5E-4467-B3C4-5C1000008300}
Tinker-->MsiExec.exe /X{584109EB-4A5E-4467-B3C4-5C1000008300}
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Unlocker 1.9.0-->C:\Program Files\Unlocker\uninst.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VAIO BD Menu Data-->C:\Program Files\InstallShield Installation Information\{DF0415CC-0563-407F-B560-9B7F277122C5}\setup.exe -runfromtemp -l0x0009 -removeonly
VAIO Camera Capture Utility-->"C:\Program Files\InstallShield Installation Information\{6D2576EC-A0E9-418A-A09A-409933A3B6F4}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Data Restore Tool-->C:\Program Files\InstallShield Installation Information\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}\setup.exe -runfromtemp -l0x0009 -removeonly
VAIO DVD Menu Data Basic-->C:\Program Files\InstallShield Installation Information\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}\setup.exe -runfromtemp -l0x0009 -removeonly
VAIO Launcher-->"C:\Program Files\InstallShield Installation Information\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Movie Story Template Data-->C:\Program Files\InstallShield Installation Information\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}\setup.exe -runfromtemp -l0x0009 -removeonly
VAIO Movie Story-->C:\Program Files\InstallShield Installation Information\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}\setup.exe -runfromtemp -l0x0009 -removeonly
VAIO Power Management-->"C:\Program Files\InstallShield Installation Information\{802889F8-6AF5-45A5-9764-CA5B999E50FC}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Update 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48820099-ED7D-424B-890C-9A82EF00656D}\setup.exe" -l0x9 -removeonly
VAIO Wallpaper Contents-->"C:\Program Files\InstallShield Installation Information\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}\setup.exe" -runfromtemp -l0x0009 -removeonly
Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Virtual Villagers (remove only)-->C:\Big Fish Games\Virtual Villagers\Uninstall.exe
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Viveza-->C:\Program Files\Adobe\Photoshop Elements 6.0\Plug-Ins\Nik Software\Viveza\uninstall.exe
Web'n'walk 4G software-->C:\Windows\system32\4GCleanup.exe /selfdelete
WIDCOMM Bluetooth Software 6.1.0.2000-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinDVD BD for VAIO-->C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x0409
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
WinZip 12.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}
Wireless Switch Setting Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}\setup.exe" -l0x9 -removeonly
Worms Reloaded-->"C:\Program Files\Team17\Worms Reloaded\unins000.exe"
Xvid 1.2.1 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
Zoo Tycoon 2 - Marine Mania-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{B406605B-45FE-4D8F-8250-1E77479583AE}

=====HijackThis Backups=====

O13 - Gopher Prefix: [2010-02-08]
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file) [2010-02-08]
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file) [2010-02-08]
O23 - Service: GameConsoleService - Unknown owner - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe (file missing) [2010-02-08]
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file) [2010-02-08]
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file) [2010-02-08]
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file) [2010-02-08]
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file) [2010-02-08]
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file) [2010-02-08]
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file) [2010-02-08]
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file) [2010-02-08]
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - (no file) [2010-02-08]
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - (no file) [2010-02-08]
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2011-01-03]
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-01-03]
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" [2011-01-03]
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2011-01-03]
O4 - HKCU\..\Run: [Crisis.exe] C:\Users\Administrátor\AppData\Roaming\pVefdiTMTxLKa\egYxNFpXZtWbp\4.16.43.8632\Crisis.exe [2011-01-03]
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [2011-01-03]
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot [2011-01-03]
O4 - HKCU\..\Run: [Google Update] "C:\Users\Administrátor\AppData\Local\Google\Update\GoogleUpdate.exe" /c [2011-01-03]

======Security center information======

FW: COMODO Firewall
AS: COMODO Defense+
AS: Windows Defender

======System event log======

Computer Name: Admin-PC
Event Code: 51
Message: Na zařízení \Device\CdRom0 byla při operaci stránkování rozpoznána chyba.
Record Number: 60866
Source Name: cdrom
Time Written: 20081123172438.266200-000
Event Type: Upozornění
User:

Computer Name: Admin-PC
Event Code: 51
Message: Na zařízení \Device\CdRom0 byla při operaci stránkování rozpoznána chyba.
Record Number: 60865
Source Name: cdrom
Time Written: 20081123172438.245200-000
Event Type: Upozornění
User:

Computer Name: Admin-PC
Event Code: 51
Message: Na zařízení \Device\CdRom0 byla při operaci stránkování rozpoznána chyba.
Record Number: 60864
Source Name: cdrom
Time Written: 20081123172438.222200-000
Event Type: Upozornění
User:

Computer Name: Admin-PC
Event Code: 51
Message: Na zařízení \Device\CdRom0 byla při operaci stránkování rozpoznána chyba.
Record Number: 60863
Source Name: cdrom
Time Written: 20081123172438.202200-000
Event Type: Upozornění
User:

Computer Name: Admin-PC
Event Code: 51
Message: Na zařízení \Device\CdRom0 byla při operaci stránkování rozpoznána chyba.
Record Number: 60862
Source Name: cdrom
Time Written: 20081123172438.180200-000
Event Type: Upozornění
User:

=====Application event log=====

Computer Name: LH-71D1T84F2AT2
Event Code: 8225
Message: Služba VSS bude ukončena z důvodu události ukončení ze Správce řízení služeb.
Record Number: 1240
Source Name: VSS
Time Written: 20071229005033.000000-000
Event Type: Informace
User:

Computer Name: LH-71D1T84F2AT2
Event Code: 36
Message:
Record Number: 1239
Source Name: ccSvcHst
Time Written: 20071229005033.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: LH-71D1T84F2AT2
Event Code: 1013
Message: Služba Windows Search byla řádně zastavena.

Record Number: 1238
Source Name: Microsoft-Windows-Search
Time Written: 20071229005028.000000-000
Event Type: Informace
User:

Computer Name: LH-71D1T84F2AT2
Event Code: 0
Message:
Record Number: 1237
Source Name: GoogleDesktopManager
Time Written: 20071229005027.000000-000
Event Type: Informace
User:

Computer Name: LH-71D1T84F2AT2
Event Code: 0
Message:
Record Number: 1236
Source Name: GoogleDesktopManager
Time Written: 20071229005027.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Admin-PC
Event Code: 5056
Message: Byl proveden kryptografický samočinný test.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: ADMIN-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Modul: ncrypt.dll

Návratový kód: 0x0
Record Number: 44165
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090920145947.478611-000
Event Type: Úspěch auditu
User:

Computer Name: Admin-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 44164
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090920145946.698606-000
Event Type: Úspěch auditu
User:

Computer Name: Admin-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: ADMIN-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x28c
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 44163
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090920145946.698606-000
Event Type: Úspěch auditu
User:

Computer Name: Admin-PC
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: ADMIN-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Účet, jehož pověření bylo použito:
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Cílový server:
Název cílového serveru: localhost
Další informace: localhost

Informace o procesu:
ID procesu: 0x28c
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Síťová adresa: -
Port: -

Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 44162
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090920145946.698606-000
Event Type: Úspěch auditu
User:

Computer Name: Admin-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 44161
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090920145946.667406-000
Event Type: Úspěch auditu
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\Program Files\PC Connectivity Solution;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared;C:\Program Files\QuickTime\QTSystem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"configsetroot"=%SystemRoot%\ConfigSetRoot
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
"tvdumpflags"=8
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------

Re: Prosím Vás o kontrolu mého logu

Napsal: 16 led 2011 09:34
od motji
Hezké dopoledne :)

:arrow: Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT :!:
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Re: Prosím Vás o kontrolu mého logu

Napsal: 16 led 2011 09:49
od Michal Prosek
Hezké dopoledne i Vám mockrát díky za rychlou pomoc , už se na logu pracuje...

Re: Prosím Vás o kontrolu mého logu

Napsal: 16 led 2011 11:26
od motji
Já tu budu večer :)

Re: Prosím Vás o kontrolu mého logu

Napsal: 16 led 2011 20:24
od Michal Prosek
Dobrý večer přeji,tak jsem zpět...

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5529

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

16.1.2011 18:31:34
mbam-log-2011-01-16 (18-31-34).txt

Typ kontroly: Úplný test (C:\|)
Testované objekty: 386735
Uplynulý čas: 2 hodin, 6 minut, 59 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Re: Prosím Vás o kontrolu mého logu

Napsal: 16 led 2011 20:26
od motji
Proč máte podezdření na havět?
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz