Prosím o kontrolu logu, zpomalený systém a výkon nestále na 50%. Děkuji.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Figo at 2011-06-19 15:12:29
Microsoft Windows 7 Professional
System drive C: has 20 GB (5%) free of 370 GB
Total RAM: 6075 MB (71% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Protector Suite\upeksvr.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2f7ee992-4ab6-4445-a550-fd2aa39e195c -SystemEventPortName:HostProcess-15992123-8c1e-4a9d-bbbd-88b1f9211c85 -IoCancelEventPortName:HostProcess-443ee8e1-9819-454a-9472-5f47a74b2424 -NonStateChangingEventPortName:HostProcess-1497ba36-ab69-40a6-98db-a8dcebd9d628 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:48026512-642e-40ce-a68b-5cec3453f502
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k HsfXAudioService
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe"
"C:\Program Files\Common Files\Nitro PDF\Express\2.0\NitroPDFExpressDriverServicex64.exe"
C:\Windows\SysWOW64\NLSSRV32.EXE
"C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe"
"C:\Program Files\Sony\Network Utility\NSUService.exe"
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {20A6A363-393F-43F0-B477-C4BD184079A2}
"C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe" /Stationary
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe" -RunBySCM
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Apoint\Apoint.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\Java\jre6\bin\jusched.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\Apoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\Sony\Network Utility\LANUtil.exe"
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Program Files\Apoint\Apvfb.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\Protector Suite\psqltray.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-cabcf5be-51fa-4130-88ba-bb17f1d1a23d -SystemEventPortName:HostProcess-b9380e3d-67c1-45fa-9245-7ed05a992f24 -IoCancelEventPortName:HostProcess-7cbc849d-5ad0-4cb8-a0f8-dab2f5dd5f3f -NonStateChangingEventPortName:HostProcess-07f0284c-daf6-40dc-9928-806492c1d999 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c87fd610-2990-4c0a-b088-215d14fbb9b9
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
"C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe"
"C:\Program Files (x86)\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe" /watchfiles
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{91C88BCC-D807-4803-B12E-BB13B1EF0DA4}
{5C0EAF66-652E-434E-A775-B2DBAC12199F}
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-798f58da-ee28-45af-a963-8e9012afe029 -SystemEventPortName:HostProcess-8dfa2591-35b3-4514-ba48-47682675699e -IoCancelEventPortName:HostProcess-e9fbb6c2-453c-486d-8dd1-e94c0767f688 -NonStateChangingEventPortName:HostProcess-bca64d63-f8f1-4be6-b301-6a211ac79354 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:98d7ad99-82bf-46c9-9fd1-dbb7f22469e4
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskeng.exe {C88F7D50-8A9D-4E15-80EB-3318407296AA}
"C:\Program Files\totalcmd\TOTALCMD.EXE"
"I:\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\RMSchedule.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2009-10-14 346736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2009-10-14 318960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-07 43520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-14 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-10-14 761840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-10-14 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-01-05 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2009-10-14 346736]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-14 256112]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-08-27 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-08-27 387608]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-08-27 365592]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-08-22 16336416]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-03 7833120]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-08-03 1833504]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2009-07-27 208384]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-07 171520]
"PSQLLauncher"=C:\Program Files\Protector Suite\launcher.exe [2009-07-20 84744]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-11 689488]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-11-18 2919168]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"=C:\Program Files\Sony\Network Utility\LANUtil.exe [2009-08-11 350640]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"ISUSPM Startup"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2009-05-26 317288]
"MarketingTools"=C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe [2009-10-14 26624]
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe []
"USBToolTip"=C:\Program Files (x86)\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [2004-04-23 192512]
"PCLEPCI"=C:\PROGRA~2\Pinnacle\PPE\PPE.EXE [2004-02-03 49152]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"NokiaMServer"=C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []
"Nokia FastStart"=C:\Program Files (x86)\Nokia\Nokia Music\NokiaMusic.exe [2008-12-03 2372840]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"SSDMonitor"=C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2010-11-15 112600]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-27 259584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\Protector Suite\psqlpwd.dll [2009-07-20 135944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Protector Suite\psqlpwd.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"HideFastUserSwitching"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2011-06-19 15:12:29 ----D---- C:\rsit
2011-06-19 15:12:29 ----D---- C:\Program Files\trend micro
2011-06-19 15:08:38 ----D---- C:\Windows\temp
2011-06-19 15:08:37 ----A---- C:\ComboFix.txt
2011-06-19 15:01:05 ----D---- C:\$RECYCLE.BIN
2011-06-19 14:51:45 ----A---- C:\Windows\zip.exe
2011-06-19 14:51:45 ----A---- C:\Windows\SWSC.exe
2011-06-19 14:51:45 ----A---- C:\Windows\SWREG.exe
2011-06-19 14:51:45 ----A---- C:\Windows\sed.exe
2011-06-19 14:51:45 ----A---- C:\Windows\PEV.exe
2011-06-19 14:51:45 ----A---- C:\Windows\NIRCMD.exe
2011-06-19 14:51:45 ----A---- C:\Windows\MBR.exe
2011-06-19 14:51:45 ----A---- C:\Windows\grep.exe
2011-06-19 14:51:42 ----D---- C:\Windows\ERDNT
2011-06-19 14:51:38 ----D---- C:\Qoobox
2011-06-19 14:38:52 ----D---- C:\Program Files (x86)\CCleaner
2011-06-16 18:40:15 ----D---- C:\ec3aaf37dbc220267a08998367
2011-06-16 11:16:27 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-06-16 11:16:27 ----A---- C:\Windows\system32\oleaut32.dll
2011-06-16 11:16:26 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-06-16 11:16:25 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-06-16 11:16:25 ----A---- C:\Windows\system32\drivers\afd.sys
2011-06-16 11:16:22 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-06-16 11:16:22 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-06-16 11:16:22 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-06-16 11:16:19 ----A---- C:\Windows\system32\win32k.sys
2011-06-16 11:16:17 ----A---- C:\Windows\system32\mshtml.dll
2011-06-16 11:16:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-06-16 11:16:13 ----A---- C:\Windows\system32\ieframe.dll
2011-06-16 11:16:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-06-16 11:16:05 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-06-16 11:16:05 ----A---- C:\Windows\system32\urlmon.dll
2011-06-16 11:16:05 ----A---- C:\Windows\system32\iertutil.dll
2011-06-16 11:16:03 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-06-16 11:15:59 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-06-16 11:15:59 ----A---- C:\Windows\system32\msfeeds.dll
2011-06-16 11:15:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-06-16 11:15:58 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-06-16 11:15:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-06-16 11:15:58 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-06-16 11:15:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-06-16 11:15:58 ----A---- C:\Windows\system32\wininet.dll
2011-06-16 11:15:58 ----A---- C:\Windows\system32\mstime.dll
2011-06-16 11:15:58 ----A---- C:\Windows\system32\ieui.dll
2011-06-16 11:15:58 ----A---- C:\Windows\system32\iepeers.dll
2011-06-16 11:15:58 ----A---- C:\Windows\system32\iedkcs32.dll
2011-06-16 11:15:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-06-16 11:15:57 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-06-16 11:15:57 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-06-16 11:15:57 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-06-16 11:15:57 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-06-16 11:15:57 ----A---- C:\Windows\system32\mshtmled.dll
2011-06-16 11:15:57 ----A---- C:\Windows\system32\msfeedssync.exe
2011-06-16 11:15:57 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-06-16 11:15:57 ----A---- C:\Windows\system32\licmgr10.dll
2011-06-16 11:15:57 ----A---- C:\Windows\system32\jsproxy.dll
2011-06-16 11:15:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-06-16 11:15:47 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-06-16 11:15:47 ----A---- C:\Windows\system32\drivers\srv.sys
2011-06-16 11:14:13 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-06-16 11:14:13 ----A---- C:\Windows\system32\inetcomm.dll
2011-05-23 20:28:17 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2011-05-23 20:28:17 ----A---- C:\Windows\system32\poqexec.exe
======List of files/folders modified in the last 1 months======
2011-06-19 15:12:29 ----RD---- C:\Program Files
2011-06-19 15:12:15 ----A---- C:\Windows\wincmd.ini
2011-06-19 15:08:39 ----D---- C:\Windows\system32\drivers
2011-06-19 15:08:38 ----AD---- C:\Windows
2011-06-19 15:01:37 ----A---- C:\Windows\system.ini
2011-06-19 15:01:19 ----D---- C:\Windows\system32\config
2011-06-19 15:01:00 ----D---- C:\Windows\system32\drivers\etc
2011-06-19 15:00:03 ----RD---- C:\Program Files (x86)
2011-06-19 14:58:15 ----D---- C:\Program Files (x86)\ESET
2011-06-19 14:56:29 ----D---- C:\Windows\SYSWOW64\drivers
2011-06-19 14:56:29 ----D---- C:\Windows\SysWOW64
2011-06-19 14:56:29 ----D---- C:\Windows\System32
2011-06-19 14:56:29 ----D---- C:\Windows\AppPatch
2011-06-19 14:56:26 ----D---- C:\Program Files\Common Files
2011-06-19 14:56:26 ----D---- C:\Program Files (x86)\Common Files
2011-06-19 14:51:57 ----SHD---- C:\System Volume Information
2011-06-19 14:51:42 ----D---- C:\Windows\Prefetch
2011-06-19 14:47:14 ----D---- C:\===Dokumenty===
2011-06-19 14:45:10 ----D---- C:\Windows\Minidump
2011-06-19 14:45:10 ----D---- C:\Windows\debug
2011-06-19 14:42:58 ----D---- C:\Windows\inf
2011-06-19 14:42:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-06-19 14:37:33 ----D---- C:\ProgramData\Norton
2011-06-19 14:37:27 ----D---- C:\Windows\system32\Tasks
2011-06-19 14:37:26 ----D---- C:\Windows\Tasks
2011-06-19 14:37:26 ----D---- C:\ProgramData\Symantec
2011-06-19 14:36:03 ----D---- C:\Windows\tracing
2011-06-19 14:27:58 ----AD---- C:\ProgramData\TEMP
2011-06-17 00:41:29 ----D---- C:\Windows\winsxs
2011-06-16 22:58:06 ----D---- C:\Program Files (x86)\Internet Explorer
2011-06-16 22:58:05 ----D---- C:\Windows\SYSWOW64\migration
2011-06-16 22:58:05 ----D---- C:\Program Files\Internet Explorer
2011-06-16 22:58:04 ----D---- C:\Windows\system32\migration
2011-06-16 18:40:18 ----A---- C:\Windows\system32\MRT.exe
2011-06-16 18:40:13 ----SHD---- C:\Windows\Installer
2011-06-16 18:40:12 ----D---- C:\ProgramData\Microsoft Help
2011-06-16 18:35:04 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-06-16 18:34:08 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-06-16 15:18:48 ----D---- C:\Program Files (x86)\Google
2011-06-16 11:14:07 ----D---- C:\Windows\system32\catroot2
2011-06-16 11:14:07 ----D---- C:\Windows\system32\catroot
2011-06-09 09:13:05 ----D---- C:\Windows\system32\appmgmt
2011-06-09 09:13:04 ----D---- C:\ProgramData
2011-06-08 08:06:06 ----D---- C:\Users\Figo\AppData\Roaming\skypePM
2011-06-08 06:57:27 ----D---- C:\ProgramData\CanonIJPLM
2011-06-08 06:57:27 ----D---- C:\ProgramData\CanonIJ
2011-06-07 16:43:41 ----D---- C:\Users\Figo\AppData\Roaming\Audacity
2011-06-07 10:19:55 ----A---- C:\Windows\ODBC.INI
2011-06-06 07:46:34 ----D---- C:\Program Files (x86)\Registry Mechanic
2011-06-05 17:13:54 ----D---- C:\Users\Figo\AppData\Roaming\Skype
2011-05-25 19:34:13 ----D---- C:\Windows\ModemLogs
2011-05-23 23:13:00 ----D---- C:\Windows\system32\NDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-24 408600]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-08-12 55856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 shpf;Sony HDD Protection Filter Driver; C:\Windows\system32\DRIVERS\shpf.sys [2009-05-28 25120]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-11-21 834544]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-09-16 308296]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-09-23 66304]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-12-31 360712]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-09-03 170104]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 126320]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2009-06-30 17024]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimssn64.sys [2009-07-22 86528]
R2 risdptsk;risdptsk; C:\Windows\system32\DRIVERS\risdsn64.sys [2009-07-22 76288]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2009-07-27 250928]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-21 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-21 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-07-21 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-21 21160]
R3 CAXHWAZL;CAXHWAZL; C:\Windows\system32\DRIVERS\CAXHWAZL.sys [2009-06-30 292864]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y62x64.sys [2009-06-30 287960]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\CAX_DPV.sys [2009-06-30 1485824]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-03 1762080]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-24 261120]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-22 5435904]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2009-06-11 11392]
R3 SPI;Sony Programmable I/O Control Device; C:\Windows\system32\DRIVERS\SonyPI.sys [2009-06-11 17536]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-09-23 187904]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-09-23 95232]
S1 PCLEPCI;PCLEPCI; \??\C:\Windows\system32\drivers\pclepci.sys []
S2 VPN-1;VPN-1 Module; C:\Windows\System32\drivers\vpn.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-08-27 7370176]
S3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-09-16 102472]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-09-16 40904]
S3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-09-16 49480]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-12-02 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-12-02 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2010-12-02 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2010-12-02 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 5504]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-12-02 9216]
S3 USB28xxBGA;PCTV 330e/800e Device; C:\Windows\system32\DRIVERS\emBDA64.sys [2007-08-08 576640]
S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM64.sys [2007-08-08 54528]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2010-12-02 9216]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-11 30312]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-11-18 810144]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-01-12 341312]
R2 NitroExpressDriverReadSpool;NitroPDFExpressDriverCreatorReadSpool; C:\Program Files\Common Files\Nitro PDF\Express\2.0\NitroPDFExpressDriverServicex64.exe [2009-12-15 341296]
R2 nlsX86cc;NLS Service; C:\Windows\SysWOW64\NLSSRV32.EXE [2011-01-12 68928]
R2 NMSAccessU;NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [2009-11-12 71096]
R2 NSUService;NSUService; C:\Program Files\Sony\Network Utility\NSUService.exe [2009-06-11 361472]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-08-22 382496]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 632792]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-08-03 177696]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2009-07-01 204648]
R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2009-08-22 411496]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-07-23 642920]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2009-07-23 206336]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-10-20 630272]
R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2009-07-23 313264]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-10-14 133104]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-06-26 362992]
S2 SR_Service;Check Point VPN-1 Securemote service; C:\Program Files (x86)\CheckPoint\SecuRemote\bin\SR_Service.exe [2007-05-24 106586]
S2 SR_Watchdog;Check Point VPN-1 Securemote watchdog; C:\Program Files (x86)\CheckPoint\SecuRemote\bin\SR_Watchdog.exe [2007-05-24 36955]
S2 TwonkyMedia;TwonkyMedia; C:\Program Files (x86)\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe [2009-01-29 102400]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-07 109056]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-11-18 42360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-10-14 133104]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-14 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-06-26 313840]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [2009-07-23 69632]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-04-27 1255736]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zpomalení PC, 50% vytížený procesor
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Zpomalení PC, 50% vytížený procesor
Zdravim a pekny den preji 
Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit
Ten ComboFix Vam poradil kdo 
Vy jej umite aplikovat, lustit jeho log a docistit jej pomoci skriptu
Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit Ten ComboFix Vam poradil kdo Vy jej umite aplikovat, lustit jeho log a docistit jej pomoci skriptu "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Zpomalení PC, 50% vytížený procesor
Dobry den,
ComboFix byl, přiznávám, bez jakékoliv znalosti chyba. Nejdříve jsem ho projel CCleanerem a pak spustil ComboFix.
info.txt logfile of random's system information tool 1.08 2011-06-19 15:12:31
======Uninstall list======
Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
-->"C:\Program Files (x86)\InstallShield Installation Information\{70991E0A-1108-437E-BA7D-085702C670C0}\setup.exe" -runfromtemp -l0x0009 -removeonly
-->"C:\Program Files (x86)\InstallShield Installation Information\{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}\setup.exe" -runfromtemp -l0x0009 -removeonly
-->"C:\Program Files (x86)\InstallShield Installation Information\{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}\setup.exe" -runfromtemp -l0x0009 -removeonly
-->C:\Program Files (x86)\InstallShield Installation Information\{36C41D70-56F5-4E2B-81DA-6BEB7502D7A1}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files (x86)\InstallShield Installation Information\{3D173DC5-4AE5-4B3F-9819-3977DD11B1D0}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files (x86)\InstallShield Installation Information\{B2C4A8C4-AA20-425D-9FEE-C78039238C81}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files (x86)\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe -runfromtemp -l0x0009 -removeonly
602XML Filler-->MsiExec.exe /X{892994D3-5963-4877-A8DB-629607E8E928}
64 Bit HP CIO Components Installer-->MsiExec.exe /I{68451E5C-0A9C-4D5C-8D06-6E296242E908}
ACDSee 5.0 Standard-->MsiExec.exe /I{AF5E8D43-49AD-4BE7-A941-2BB0A8CACA62}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop 7.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files (x86)\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files (x86)\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 9.4.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A94000000001}
Alps Pointing-device for VAIO-->%ProgramFiles%\Apoint\Uninstap.exe ADDREMOVE
ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x9
ArcSoft WebCam Companion 3-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}\Setup.exe" -l0x9
Asistent pro přihlášení ke službě Windows Live-->MsiExec.exe /I{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}
aTube Catcher 1.0-->"C:\Program Files (x86)\DsNET Corp\aTube Catcher 1.0\unins000.exe"
Audacity 1.3.2 (Unicode)-->"C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\unins000.exe"
Baby-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DE98DCB3-8A2F-429C-B765-E4A711302FF8}\setup.exe" -l0x5
Balíček ovladače systému Windows - Nokia Modem (05/22/2008 3.8)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_amd64_neutral_e9f51c3024f00984\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia Modem (05/22/2008 7.00.0.1)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_amd64_neutral_351182ebabdcc209\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_amd64_neutral_66865278b97741ee\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_amd64_neutral_1c66f9881bdc58ed\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\F4092DA208C2C970\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfdx6_8A3BAB842294F8D9255C3CF2A3B1CECAEEB8EA7E\pccsmcfdx64.inf
BS.Player FREE-->"C:\Program Files (x86)\Webteh\BSplayer\uninstall.exe"
Business Contact Manager for Outlook 2007 SP2-->"C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe" /remove {B32C4059-6E7A-41EF-AD20-56DF1872B923}
Business Contact Manager for Outlook 2007 SP2-->MsiExec.exe /X{B32C4059-6E7A-41EF-AD20-56DF1872B923}
Canon MP Navigator EX 2.0-->"C:\Program Files (x86)\Canon\MP Navigator EX 2.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 2.0\uninst.ini
Canon Utilities Solution Menu-->C:\Program Files (x86)\Canon\SolutionMenu\uninst.exe uninst.ini
CanoScan LiDE 100 Scanner Driver-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413 /L0x0005
CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files (x86)\CDBurnerXP\unins000.exe"
Click to Disc-->C:\Program Files (x86)\InstallShield Installation Information\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}\setup.exe -runfromtemp -l0x0009 -removeonly
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
CorelDRAW Graphics Suite X3-->MsiExec.exe /I{63218538-4A69-497F-8455-904261B0E9E4}
DAEMON Tools Toolbar-->C:\Program Files (x86)\DAEMON Tools Toolbar\uninst.exe
DevalVR plugin for Internet Explorer (remove)-->C:\Program Files (x86)\DevalVR\installdevalvr.exe /u
Dipito Osobní Vyhledávač 1.2-->"C:\Program Files (x86)\Dipito\unins000.exe"
DivX Plus DirectShow Filters-->C:\ProgramData\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
EAX Unified-->C:\Windows\IsUninst.exe -f"C:\Program Files (x86)\Creative\EAX Unified\Uninst.isu"
eBay Icon-->C:\Users\Figo\AppData\Roaming\Desktopicon\uninst.exe
Ekonomický systém Money S3-->C:\Program Files (x86)\CIGLER SOFTWARE\Common Files\Money S3\Setup\Uninst.exe
EN-->MsiExec.exe /I{32A72502-BC2C-4C39-ACEA-BC3D463F0697}
FIFA 10-->MsiExec.exe /X{11202615-E557-4ECF-9B86-F59C81E52909}
FontNav-->MsiExec.exe /I{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}
Free Mp3 Wma Converter V 1.81-->"C:\Program Files (x86)\Free Audio Pack\unins000.exe"
Google Earth-->MsiExec.exe /X{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\Installer\setup.exe" --uninstall --system-level
Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HDAUDIO SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU64m.exe -U -ISnZ1700w.INF
Check Point VPN-1 SecuRemote/SecureClient NGX R60 HFA2-->MsiExec.exe /X{057f6911-35fd-4c8d-883f-11b8814480c9}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Inkjet Printer/Scanner Extended Survey Program-->C:\Program Files (x86)\Canon\IJPLM\SETUP.EXE -R
Intel® Matrix Storage Manager-->C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 14 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86416014FF}
Java(TM) 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
LAME v3.98.2 for Audacity-->"C:\Program Files (x86)\Lame for Audacity\unins000.exe"
Lingea Lexicon 2000-->C:\Windows\LgUninst.exe C:\Program Files (x86)\Lingea\Lex2000\Setup.exe
Mafia Game-->C:\Windows\system32\MafiaSetup.exe
MAtis - demo verze 2.2.4.5-->"C:\Program Files (x86)\MAtisDemo\unins000.exe"
MediaMonkey 2.2-->"C:\Program Files (x86)\MediaMonkey\unins000.exe"
Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A40409-6000-11D3-8CFE-0150048383C9}
Microsoft Office 2007 Primary Interop Assemblies-->MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Small Business Connectivity Components-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005-->"c:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{B636C9B9-A3F2-4DCE-ADCC-72E095018385}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570-->MsiExec.exe /X{8338783A-0968-3B85-AFC7-BAAE0A63DC50}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ Run Time Lib Setup-->MsiExec.exe /X{AAF4238F-7C29-451D-9925-C753271A5728}
Movier 1.0.12-->C:\Program Files (x86)\Movier\uninst.exe
Mozilla Firefox (3.6.11)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSVC80_x64_v2-->MsiExec.exe /I{4D668D4F-FAA2-4726-834C-31F4614F312E}
MSVC80_x64-->MsiExec.exe /I{68660049-8D48-427C-9FF7-139D8340CDC0}
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
Music Transfer-->C:\Program Files (x86)\InstallShield Installation Information\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}\setup.exe -runfromtemp -l0x0009 -removeonly
NAVIGON Fresh 2.0.0-->C:\Program Files (x86)\NAVIGON\NAVIGON Fresh\uninst.exe
NAVIGON Sync 1.0-->C:\Program Files (x86)\NAVIGON\NAVIGON Sync\uninst.exe
Network ScanGear Ver.2.21-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{BBE3E502-F1D6-4FC9-9844-CC0850B7C516} UNINSTALL
Nitro PDF Express-->MsiExec.exe /X{8C71FDC3-B70C-4B6E-9664-32FD3EB3AA39}
Nitro PDF Professional-->MsiExec.exe /X{EB8FF6C8-811B-4395-8584-EF4C7A0C8199}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{D22AFEDF-6A5B-459D-A9EA-D16E422E4C18}
Nokia Home Media Server-->MsiExec.exe /X{0EEB3C40-2A8C-4045-B3F9-13C4A5C490C0}
Nokia Map Loader-->MsiExec.exe /I{45D4F727-43B5-49CD-B474-B9866A8F4FB8}
Nokia Maps Updater 1.0.12-->"C:\Program Files (x86)\Nokia\Nokia Maps Updater\Uninstall Information\unins000.exe"
Nokia Music-->MsiExec.exe /I{9333DA9B-4F8C-4580-88A7-F12D7B10DC2A}
Nokia Ovi Application Installer 6.85.3011-->msiexec /qn /x {42B74521-4706-412A-9A27-AED12B83E886}
Nokia Ovi Application Installer-->MsiExec.exe /I{42B74521-4706-412A-9A27-AED12B83E886}
Nokia Ovi Content Copier 6.85.3011-->msiexec /qn /x {6442DEDF-AC2F-4CBA-85DE-42E459C5006C}
Nokia Ovi Content Copier-->MsiExec.exe /X{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}
Nokia Ovi One Touch Access 6.85.3011-->msiexec /qn /x {4AE48A64-6C6A-4E5A-95FA-55F5131DECF9}
Nokia Ovi One Touch Access-->MsiExec.exe /I{4AE48A64-6C6A-4E5A-95FA-55F5131DECF9}
Nokia Ovi Suite-->MsiExec.exe /I{6A588FD3-104A-4517-91B1-D85AD27FA487}
Nokia Ovi System Utilities 6.85.3013-->msiexec /qn /x {82388E38-FDFD-4D36-9D35-EA720F9467D6}
Nokia Ovi System Utilities-->MsiExec.exe /X{82388E38-FDFD-4D36-9D35-EA720F9467D6}
Nokia PC Suite-->C:\ProgramData\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_cze.exe
Nokia PC Suite-->MsiExec.exe /I{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}
Nokia Photos-->MsiExec.exe /I{EB938616-16BB-491E-A5A0-CA4AB4167BB4}
Nokia Software Updater-->MsiExec.exe /X{82B4F1D8-FB2E-4A89-B648-0A0596E239CA}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
Ovladače videa společnosti Pinnacle-->MsiExec.exe /X{5EB90C06-964F-4195-B83E-BD7E55C88415}
PC Connectivity Solution-->MsiExec.exe /I{A5A70E61-FEAB-4CEC-977C-BE0EF8DC05AB}
PDFCreator-->C:\Program Files (x86)\PDFCreator\unins000.exe
PDP 2009.01-->"C:\Program Files (x86)\LEGIS\PDP2009\unins000.exe"
Pinnacle Instant DVD Recorder-->MsiExec.exe /X{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}
Pinnacle PCI Performance Enhancer-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3E5A81BA-4702-490A-B729-0BFF6E7CBF96}\setup.exe" -l0x5
Pinnacle Studio 12-->MsiExec.exe /I{D041EB9E-890A-4098-8F94-51DA194AC72A}
PlayReady PC Runtime amd64-->MsiExec.exe /X{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}
Pro Evolution Soccer 2010-->MsiExec.exe /X{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}
Prostředí Windows XP Mode-->MsiExec.exe /X{1374CC63-B520-4f3f-98E8-E9020BF01CFF}
Protector Suite 2009-->MsiExec.exe /I{CB974C3D-D101-4411-8F54-DCDC58DED815}
RACE 07 Offline-->"C:\==Hry==\Race 07\unins000.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Registry Mechanic 10.0-->"C:\Program Files (x86)\Registry Mechanic\unins000.exe" /Log
Roxio Central Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
Roxio Central Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
Roxio Central Core-->MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB}
Roxio Central Data-->MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693}
Roxio Central Tools-->MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
Roxio Easy Media Creator 10 LJ-->C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe /x {537BF16E-7412-448C-95D8-846E85A1D817}
Roxio Easy Media Creator Home-->MsiExec.exe /I{FE51662F-D8F6-43B5-99D9-D4894AF00F83}
Sada Compatibility Pack pro systém Office 2007-->MsiExec.exe /X{90120000-0020-0405-0000-0000000FF1CE}
Scan2PDF 1.6-->"C:\Program Files (x86)\Scan2PDF\unins000.exe"
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB2509488)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD0DE453-0804-4495-9C91-33D0F9AA5463}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft Office 2007 System (KB2541012)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD907315-705A-4475-A1A0-2A1245803E4D}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB2541007)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A0173254-F442-4D04-9154-43FA157B83D0}
Security Update for Microsoft Office Groove 2007 (KB2494047)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F}
Security Update for Microsoft Office InfoPath 2007 (KB2510061)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5D930261-AA5B-48D1-931F-425C9D767490}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
Security Update for Microsoft Office Publisher 2007 (KB2284697)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A4CDE54-2403-483D-8D9A-15E3264410DF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Setting Utility Series-->"C:\Program Files (x86)\InstallShield Installation Information\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}\setup.exe" -runfromtemp -l0x0009 -removeonly
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SolveigMM AVI Trimmer-->"C:\Program Files (x86)\Solveig Multimedia\SolveigMM AVI Trimmer\Uninstall.exe" "C:\Program Files (x86)\Solveig Multimedia\SolveigMM AVI Trimmer\install.log" -u
Sony Picture Utility-->C:\Program Files (x86)\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe -runfromtemp -l0x0009 uninstall -removeonly
StreamTorrent 1.0-->"C:\Program Files (x86)\StreamTorrent 1.0\uninstall.exe"
SureThing Express Labeler-->"C:\Program Files (x86)\SureThing Express Labeler\unins000.exe"
Total Commander (Remove or Repair)-->c:\program files\totalcmd\tcuninst.exe
TwonkyMedia-->C:\Program Files (x86)\Nokia\Nokia Home Media Server\\Media Server\UninstallTwonkyMedia.exe
Update for 2007 Microsoft Office System (KB2284654)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 System (KB2539530)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Outlook 2007 (KB2509470)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1365864D-4C58-489D-9982-844D75691CCC}
Update for Outlook 2007 Junk Email Filter (KB2536413)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {95DF5260-331D-4FFD-A2D5-C64164751945}
Update Manager-->MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}
VAIO Control Center-->"C:\Program Files (x86)\InstallShield Installation Information\{72042FA6-5609-489F-A8EA-3C2DD650F667}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Data Restore Tool-->C:\Program Files (x86)\InstallShield Installation Information\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}\setup.exe -runfromtemp -l0x0009 -removeonly
VAIO Entertainment Platform-->"C:\Program Files (x86)\InstallShield Installation Information\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Event Service-->"C:\Program Files (x86)\InstallShield Installation Information\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Gate-->"C:\Program Files (x86)\InstallShield Installation Information\{A7C30414-2382-4086-B0D6-01A88ABA21C3}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Marketing Tools-->C:\Program Files (x86)\Sony\Marketing Tools\Uninstaller.exe /bootstrap
VAIO Power Management-->"C:\Program Files (x86)\InstallShield Installation Information\{5F5867F0-2D23-4338-A206-01A76C823924}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Premium Partners 1.00-->C:\Program Files (x86)\Sony Corporation\VAIO Partners\Uninstall.exe
VAIO Presentation Support-->"C:\Program Files (x86)\InstallShield Installation Information\{2018C019-30D9-4240-8C01-0865C10DCF5A}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Smart Network-->"C:\Program Files (x86)\InstallShield Installation Information\{3B659FAD-E772-44A3-B7E7-560FF084669F}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Transfer Support-->"C:\Program Files (x86)\InstallShield Installation Information\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Update 4-->"C:\Program Files (x86)\InstallShield Installation Information\{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Wallpaper Contents-->"C:\Program Files (x86)\InstallShield Installation Information\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Z screensaver-->C:\Program Files (x86)\VAIO Z screensavers\Z_screensaver.exe -prepareUninstall
VBA-->MsiExec.exe /I{C94E45B0-6AA6-4FB9-9AAE-22085F631880}
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
VD64Inst-->MsiExec.exe /I{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}
WIDCOMM Bluetooth Software-->MsiExec.exe /X{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
Windows Live Call-->MsiExec.exe /I{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{D9D754A1-EAC5-406C-A28B-C49B1E846711}
Windows Live Messenger-->MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe
YouTube Downloader 2.6.5-->"C:\Program Files (x86)\YouTube Downloader\uninstall.exe"
======System event log======
Computer Name: Diamond
Event Code: 7036
Message: Stav služby Machine Debug Manager byl změněn na: Spuštěno
Record Number: 246846
Source Name: Service Control Manager
Time Written: 20110312124905.347916-000
Event Type: Informace
User:
Computer Name: Diamond
Event Code: 7036
Message: Stav služby Inkjet Printer/Scanner Extended Survey Program byl změněn na: Spuštěno
Record Number: 246845
Source Name: Service Control Manager
Time Written: 20110312124905.347916-000
Event Type: Informace
User:
Computer Name: Diamond
Event Code: 7036
Message: Stav služby HsfXAudioService byl změněn na: Spuštěno
Record Number: 246844
Source Name: Service Control Manager
Time Written: 20110312124904.309912-000
Event Type: Informace
User:
Computer Name: Diamond
Event Code: 7036
Message: Stav služby Bluetooth Service byl změněn na: Spuštěno
Record Number: 246843
Source Name: Service Control Manager
Time Written: 20110312124904.118910-000
Event Type: Informace
User:
Computer Name: Diamond
Event Code: 7036
Message: Stav služby Šifrování byl změněn na: Spuštěno
Record Number: 246842
Source Name: Service Control Manager
Time Written: 20110312124903.856908-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: Diamond
Event Code: 0
Message: Služba byla úspěšně spuštěna.
Record Number: 55797
Source Name: WDSmartWareBackgroundService
Time Written: 20101127115857.000000-000
Event Type: Informace
User:
Computer Name: Diamond
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 55796
Source Name: Microsoft-Windows-WMI
Time Written: 20101127115857.000000-000
Event Type: Informace
User:
Computer Name: Diamond
Event Code: 0
Message: WDSmartWare Background Service Started!
Record Number: 55795
Source Name: WDSmartWareBackgroundService
Time Written: 20101127115857.000000-000
Event Type: Informace
User:
Computer Name: Diamond
Event Code: 0
Message:
Record Number: 55794
Source Name: VAIO Event Service
Time Written: 20101127115849.000000-000
Event Type: Informace
User:
Computer Name: Diamond
Event Code: 1
Message: The service is started.
Record Number: 55793
Source Name: IJPLMSVC
Time Written: 20101127115847.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: Diamond
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 119340
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110404042616.724079-000
Event Type: Úspěšný audit
User:
Computer Name: Diamond
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DIAMOND$
Doména účtu: DOMA
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x294
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 119339
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110404042616.724079-000
Event Type: Úspěšný audit
User:
Computer Name: Diamond
Event Code: 4647
Message: Odhlášení spuštěné uživatelem:
Předmět:
ID zabezpečení: S-1-5-21-879916149-732287809-1153946699-1003
Název účtu: Figo
Doména účtu: Diamond
ID přihlášení: 0x31a0b
Tato událost je generována, pokud je spuštěno odhlášení. Není povolena žádná další uživatelem spuštěná akce. Tuto událost lze interpretovat jako událost odhlášení.
Record Number: 119338
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110404042616.146878-000
Event Type: Úspěšný audit
User:
Computer Name: Diamond
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.
Předmět:
ID zabezpečení: S-1-5-21-879916149-732287809-1153946699-1003
Název účtu: Figo
Doména účtu: Diamond
ID přihlášení: 0x31a0b
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Účet, jehož pověření bylo použito:
Název účtu: 90400227
Doména účtu: vsskb
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Cílový server:
Název cílového serveru: adpra050.vsskb.cz
Další informace: adpra050.vsskb.cz
Informace o procesu:
ID procesu: 0xff8
Název procesu: C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
Informace o síti:
Síťová adresa: -
Port: -
Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 119337
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110404042546.253213-000
Event Type: Úspěšný audit
User:
Computer Name: Diamond
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.
Předmět:
ID zabezpečení: S-1-5-21-879916149-732287809-1153946699-1003
Název účtu: Figo
Doména účtu: Diamond
ID přihlášení: 0x31a0b
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Účet, jehož pověření bylo použito:
Název účtu: 90400227
Doména účtu: vsskb
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Cílový server:
Název cílového serveru: adpra050.vsskb.cz
Další informace: adpra050.vsskb.cz
Informace o procesu:
ID procesu: 0xff8
Název procesu: C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
Informace o síti:
Síťová adresa: -
Port: -
Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 119336
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110404042544.802411-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\PC Connectivity Solution;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\WIDCOMM\Bluetooth Software;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared;C:\Program Files (x86)\Common Files\DivX Shared;C:\Program Files (x86)\Pinnacle\Shared Files
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"configsetroot"=%SystemRoot%\ConfigSetRoot
"TFS_DIR"=C:\Program Files\Protector Suite\
"RoxioCentral"=C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\
"EMC_AUTOPLAY"=C:\Program Files (x86)\Common Files\Roxio Shared\
-----------------EOF-----------------
ComboFix byl, přiznávám, bez jakékoliv znalosti chyba. Nejdříve jsem ho projel CCleanerem a pak spustil ComboFix.
info.txt logfile of random's system information tool 1.08 2011-06-19 15:12:31
======Uninstall list======
Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
-->"C:\Program Files (x86)\InstallShield Installation Information\{70991E0A-1108-437E-BA7D-085702C670C0}\setup.exe" -runfromtemp -l0x0009 -removeonly
-->"C:\Program Files (x86)\InstallShield Installation Information\{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}\setup.exe" -runfromtemp -l0x0009 -removeonly
-->"C:\Program Files (x86)\InstallShield Installation Information\{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}\setup.exe" -runfromtemp -l0x0009 -removeonly
-->C:\Program Files (x86)\InstallShield Installation Information\{36C41D70-56F5-4E2B-81DA-6BEB7502D7A1}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files (x86)\InstallShield Installation Information\{3D173DC5-4AE5-4B3F-9819-3977DD11B1D0}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files (x86)\InstallShield Installation Information\{B2C4A8C4-AA20-425D-9FEE-C78039238C81}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files (x86)\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe -runfromtemp -l0x0009 -removeonly
602XML Filler-->MsiExec.exe /X{892994D3-5963-4877-A8DB-629607E8E928}
64 Bit HP CIO Components Installer-->MsiExec.exe /I{68451E5C-0A9C-4D5C-8D06-6E296242E908}
ACDSee 5.0 Standard-->MsiExec.exe /I{AF5E8D43-49AD-4BE7-A941-2BB0A8CACA62}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop 7.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files (x86)\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files (x86)\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 9.4.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A94000000001}
Alps Pointing-device for VAIO-->%ProgramFiles%\Apoint\Uninstap.exe ADDREMOVE
ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x9
ArcSoft WebCam Companion 3-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}\Setup.exe" -l0x9
Asistent pro přihlášení ke službě Windows Live-->MsiExec.exe /I{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}
aTube Catcher 1.0-->"C:\Program Files (x86)\DsNET Corp\aTube Catcher 1.0\unins000.exe"
Audacity 1.3.2 (Unicode)-->"C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\unins000.exe"
Baby-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DE98DCB3-8A2F-429C-B765-E4A711302FF8}\setup.exe" -l0x5
Balíček ovladače systému Windows - Nokia Modem (05/22/2008 3.8)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_amd64_neutral_e9f51c3024f00984\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia Modem (05/22/2008 7.00.0.1)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_amd64_neutral_351182ebabdcc209\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_amd64_neutral_66865278b97741ee\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_amd64_neutral_1c66f9881bdc58ed\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\F4092DA208C2C970\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfdx6_8A3BAB842294F8D9255C3CF2A3B1CECAEEB8EA7E\pccsmcfdx64.inf
BS.Player FREE-->"C:\Program Files (x86)\Webteh\BSplayer\uninstall.exe"
Business Contact Manager for Outlook 2007 SP2-->"C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe" /remove {B32C4059-6E7A-41EF-AD20-56DF1872B923}
Business Contact Manager for Outlook 2007 SP2-->MsiExec.exe /X{B32C4059-6E7A-41EF-AD20-56DF1872B923}
Canon MP Navigator EX 2.0-->"C:\Program Files (x86)\Canon\MP Navigator EX 2.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 2.0\uninst.ini
Canon Utilities Solution Menu-->C:\Program Files (x86)\Canon\SolutionMenu\uninst.exe uninst.ini
CanoScan LiDE 100 Scanner Driver-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413 /L0x0005
CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files (x86)\CDBurnerXP\unins000.exe"
Click to Disc-->C:\Program Files (x86)\InstallShield Installation Information\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}\setup.exe -runfromtemp -l0x0009 -removeonly
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
CorelDRAW Graphics Suite X3-->MsiExec.exe /I{63218538-4A69-497F-8455-904261B0E9E4}
DAEMON Tools Toolbar-->C:\Program Files (x86)\DAEMON Tools Toolbar\uninst.exe
DevalVR plugin for Internet Explorer (remove)-->C:\Program Files (x86)\DevalVR\installdevalvr.exe /u
Dipito Osobní Vyhledávač 1.2-->"C:\Program Files (x86)\Dipito\unins000.exe"
DivX Plus DirectShow Filters-->C:\ProgramData\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
EAX Unified-->C:\Windows\IsUninst.exe -f"C:\Program Files (x86)\Creative\EAX Unified\Uninst.isu"
eBay Icon-->C:\Users\Figo\AppData\Roaming\Desktopicon\uninst.exe
Ekonomický systém Money S3-->C:\Program Files (x86)\CIGLER SOFTWARE\Common Files\Money S3\Setup\Uninst.exe
EN-->MsiExec.exe /I{32A72502-BC2C-4C39-ACEA-BC3D463F0697}
FIFA 10-->MsiExec.exe /X{11202615-E557-4ECF-9B86-F59C81E52909}
FontNav-->MsiExec.exe /I{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}
Free Mp3 Wma Converter V 1.81-->"C:\Program Files (x86)\Free Audio Pack\unins000.exe"
Google Earth-->MsiExec.exe /X{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\Installer\setup.exe" --uninstall --system-level
Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HDAUDIO SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU64m.exe -U -ISnZ1700w.INF
Check Point VPN-1 SecuRemote/SecureClient NGX R60 HFA2-->MsiExec.exe /X{057f6911-35fd-4c8d-883f-11b8814480c9}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Inkjet Printer/Scanner Extended Survey Program-->C:\Program Files (x86)\Canon\IJPLM\SETUP.EXE -R
Intel® Matrix Storage Manager-->C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 14 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86416014FF}
Java(TM) 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
LAME v3.98.2 for Audacity-->"C:\Program Files (x86)\Lame for Audacity\unins000.exe"
Lingea Lexicon 2000-->C:\Windows\LgUninst.exe C:\Program Files (x86)\Lingea\Lex2000\Setup.exe
Mafia Game-->C:\Windows\system32\MafiaSetup.exe
MAtis - demo verze 2.2.4.5-->"C:\Program Files (x86)\MAtisDemo\unins000.exe"
MediaMonkey 2.2-->"C:\Program Files (x86)\MediaMonkey\unins000.exe"
Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A40409-6000-11D3-8CFE-0150048383C9}
Microsoft Office 2007 Primary Interop Assemblies-->MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Small Business Connectivity Components-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005-->"c:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{B636C9B9-A3F2-4DCE-ADCC-72E095018385}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570-->MsiExec.exe /X{8338783A-0968-3B85-AFC7-BAAE0A63DC50}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ Run Time Lib Setup-->MsiExec.exe /X{AAF4238F-7C29-451D-9925-C753271A5728}
Movier 1.0.12-->C:\Program Files (x86)\Movier\uninst.exe
Mozilla Firefox (3.6.11)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSVC80_x64_v2-->MsiExec.exe /I{4D668D4F-FAA2-4726-834C-31F4614F312E}
MSVC80_x64-->MsiExec.exe /I{68660049-8D48-427C-9FF7-139D8340CDC0}
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
Music Transfer-->C:\Program Files (x86)\InstallShield Installation Information\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}\setup.exe -runfromtemp -l0x0009 -removeonly
NAVIGON Fresh 2.0.0-->C:\Program Files (x86)\NAVIGON\NAVIGON Fresh\uninst.exe
NAVIGON Sync 1.0-->C:\Program Files (x86)\NAVIGON\NAVIGON Sync\uninst.exe
Network ScanGear Ver.2.21-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{BBE3E502-F1D6-4FC9-9844-CC0850B7C516} UNINSTALL
Nitro PDF Express-->MsiExec.exe /X{8C71FDC3-B70C-4B6E-9664-32FD3EB3AA39}
Nitro PDF Professional-->MsiExec.exe /X{EB8FF6C8-811B-4395-8584-EF4C7A0C8199}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{D22AFEDF-6A5B-459D-A9EA-D16E422E4C18}
Nokia Home Media Server-->MsiExec.exe /X{0EEB3C40-2A8C-4045-B3F9-13C4A5C490C0}
Nokia Map Loader-->MsiExec.exe /I{45D4F727-43B5-49CD-B474-B9866A8F4FB8}
Nokia Maps Updater 1.0.12-->"C:\Program Files (x86)\Nokia\Nokia Maps Updater\Uninstall Information\unins000.exe"
Nokia Music-->MsiExec.exe /I{9333DA9B-4F8C-4580-88A7-F12D7B10DC2A}
Nokia Ovi Application Installer 6.85.3011-->msiexec /qn /x {42B74521-4706-412A-9A27-AED12B83E886}
Nokia Ovi Application Installer-->MsiExec.exe /I{42B74521-4706-412A-9A27-AED12B83E886}
Nokia Ovi Content Copier 6.85.3011-->msiexec /qn /x {6442DEDF-AC2F-4CBA-85DE-42E459C5006C}
Nokia Ovi Content Copier-->MsiExec.exe /X{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}
Nokia Ovi One Touch Access 6.85.3011-->msiexec /qn /x {4AE48A64-6C6A-4E5A-95FA-55F5131DECF9}
Nokia Ovi One Touch Access-->MsiExec.exe /I{4AE48A64-6C6A-4E5A-95FA-55F5131DECF9}
Nokia Ovi Suite-->MsiExec.exe /I{6A588FD3-104A-4517-91B1-D85AD27FA487}
Nokia Ovi System Utilities 6.85.3013-->msiexec /qn /x {82388E38-FDFD-4D36-9D35-EA720F9467D6}
Nokia Ovi System Utilities-->MsiExec.exe /X{82388E38-FDFD-4D36-9D35-EA720F9467D6}
Nokia PC Suite-->C:\ProgramData\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_cze.exe
Nokia PC Suite-->MsiExec.exe /I{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}
Nokia Photos-->MsiExec.exe /I{EB938616-16BB-491E-A5A0-CA4AB4167BB4}
Nokia Software Updater-->MsiExec.exe /X{82B4F1D8-FB2E-4A89-B648-0A0596E239CA}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
Ovladače videa společnosti Pinnacle-->MsiExec.exe /X{5EB90C06-964F-4195-B83E-BD7E55C88415}
PC Connectivity Solution-->MsiExec.exe /I{A5A70E61-FEAB-4CEC-977C-BE0EF8DC05AB}
PDFCreator-->C:\Program Files (x86)\PDFCreator\unins000.exe
PDP 2009.01-->"C:\Program Files (x86)\LEGIS\PDP2009\unins000.exe"
Pinnacle Instant DVD Recorder-->MsiExec.exe /X{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}
Pinnacle PCI Performance Enhancer-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3E5A81BA-4702-490A-B729-0BFF6E7CBF96}\setup.exe" -l0x5
Pinnacle Studio 12-->MsiExec.exe /I{D041EB9E-890A-4098-8F94-51DA194AC72A}
PlayReady PC Runtime amd64-->MsiExec.exe /X{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}
Pro Evolution Soccer 2010-->MsiExec.exe /X{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}
Prostředí Windows XP Mode-->MsiExec.exe /X{1374CC63-B520-4f3f-98E8-E9020BF01CFF}
Protector Suite 2009-->MsiExec.exe /I{CB974C3D-D101-4411-8F54-DCDC58DED815}
RACE 07 Offline-->"C:\==Hry==\Race 07\unins000.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Registry Mechanic 10.0-->"C:\Program Files (x86)\Registry Mechanic\unins000.exe" /Log
Roxio Central Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
Roxio Central Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
Roxio Central Core-->MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB}
Roxio Central Data-->MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693}
Roxio Central Tools-->MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
Roxio Easy Media Creator 10 LJ-->C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe /x {537BF16E-7412-448C-95D8-846E85A1D817}
Roxio Easy Media Creator Home-->MsiExec.exe /I{FE51662F-D8F6-43B5-99D9-D4894AF00F83}
Sada Compatibility Pack pro systém Office 2007-->MsiExec.exe /X{90120000-0020-0405-0000-0000000FF1CE}
Scan2PDF 1.6-->"C:\Program Files (x86)\Scan2PDF\unins000.exe"
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB2509488)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD0DE453-0804-4495-9C91-33D0F9AA5463}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft Office 2007 System (KB2541012)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD907315-705A-4475-A1A0-2A1245803E4D}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB2541007)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A0173254-F442-4D04-9154-43FA157B83D0}
Security Update for Microsoft Office Groove 2007 (KB2494047)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F}
Security Update for Microsoft Office InfoPath 2007 (KB2510061)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5D930261-AA5B-48D1-931F-425C9D767490}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
Security Update for Microsoft Office Publisher 2007 (KB2284697)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A4CDE54-2403-483D-8D9A-15E3264410DF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Setting Utility Series-->"C:\Program Files (x86)\InstallShield Installation Information\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}\setup.exe" -runfromtemp -l0x0009 -removeonly
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SolveigMM AVI Trimmer-->"C:\Program Files (x86)\Solveig Multimedia\SolveigMM AVI Trimmer\Uninstall.exe" "C:\Program Files (x86)\Solveig Multimedia\SolveigMM AVI Trimmer\install.log" -u
Sony Picture Utility-->C:\Program Files (x86)\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe -runfromtemp -l0x0009 uninstall -removeonly
StreamTorrent 1.0-->"C:\Program Files (x86)\StreamTorrent 1.0\uninstall.exe"
SureThing Express Labeler-->"C:\Program Files (x86)\SureThing Express Labeler\unins000.exe"
Total Commander (Remove or Repair)-->c:\program files\totalcmd\tcuninst.exe
TwonkyMedia-->C:\Program Files (x86)\Nokia\Nokia Home Media Server\\Media Server\UninstallTwonkyMedia.exe
Update for 2007 Microsoft Office System (KB2284654)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 System (KB2539530)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Outlook 2007 (KB2509470)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1365864D-4C58-489D-9982-844D75691CCC}
Update for Outlook 2007 Junk Email Filter (KB2536413)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {95DF5260-331D-4FFD-A2D5-C64164751945}
Update Manager-->MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}
VAIO Control Center-->"C:\Program Files (x86)\InstallShield Installation Information\{72042FA6-5609-489F-A8EA-3C2DD650F667}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Data Restore Tool-->C:\Program Files (x86)\InstallShield Installation Information\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}\setup.exe -runfromtemp -l0x0009 -removeonly
VAIO Entertainment Platform-->"C:\Program Files (x86)\InstallShield Installation Information\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Event Service-->"C:\Program Files (x86)\InstallShield Installation Information\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Gate-->"C:\Program Files (x86)\InstallShield Installation Information\{A7C30414-2382-4086-B0D6-01A88ABA21C3}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Marketing Tools-->C:\Program Files (x86)\Sony\Marketing Tools\Uninstaller.exe /bootstrap
VAIO Power Management-->"C:\Program Files (x86)\InstallShield Installation Information\{5F5867F0-2D23-4338-A206-01A76C823924}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Premium Partners 1.00-->C:\Program Files (x86)\Sony Corporation\VAIO Partners\Uninstall.exe
VAIO Presentation Support-->"C:\Program Files (x86)\InstallShield Installation Information\{2018C019-30D9-4240-8C01-0865C10DCF5A}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Smart Network-->"C:\Program Files (x86)\InstallShield Installation Information\{3B659FAD-E772-44A3-B7E7-560FF084669F}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Transfer Support-->"C:\Program Files (x86)\InstallShield Installation Information\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Update 4-->"C:\Program Files (x86)\InstallShield Installation Information\{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Wallpaper Contents-->"C:\Program Files (x86)\InstallShield Installation Information\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Z screensaver-->C:\Program Files (x86)\VAIO Z screensavers\Z_screensaver.exe -prepareUninstall
VBA-->MsiExec.exe /I{C94E45B0-6AA6-4FB9-9AAE-22085F631880}
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
VD64Inst-->MsiExec.exe /I{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}
WIDCOMM Bluetooth Software-->MsiExec.exe /X{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
Windows Live Call-->MsiExec.exe /I{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{D9D754A1-EAC5-406C-A28B-C49B1E846711}
Windows Live Messenger-->MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe
YouTube Downloader 2.6.5-->"C:\Program Files (x86)\YouTube Downloader\uninstall.exe"
======System event log======
Computer Name: Diamond
Event Code: 7036
Message: Stav služby Machine Debug Manager byl změněn na: Spuštěno
Record Number: 246846
Source Name: Service Control Manager
Time Written: 20110312124905.347916-000
Event Type: Informace
User:
Computer Name: Diamond
Event Code: 7036
Message: Stav služby Inkjet Printer/Scanner Extended Survey Program byl změněn na: Spuštěno
Record Number: 246845
Source Name: Service Control Manager
Time Written: 20110312124905.347916-000
Event Type: Informace
User:
Computer Name: Diamond
Event Code: 7036
Message: Stav služby HsfXAudioService byl změněn na: Spuštěno
Record Number: 246844
Source Name: Service Control Manager
Time Written: 20110312124904.309912-000
Event Type: Informace
User:
Computer Name: Diamond
Event Code: 7036
Message: Stav služby Bluetooth Service byl změněn na: Spuštěno
Record Number: 246843
Source Name: Service Control Manager
Time Written: 20110312124904.118910-000
Event Type: Informace
User:
Computer Name: Diamond
Event Code: 7036
Message: Stav služby Šifrování byl změněn na: Spuštěno
Record Number: 246842
Source Name: Service Control Manager
Time Written: 20110312124903.856908-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: Diamond
Event Code: 0
Message: Služba byla úspěšně spuštěna.
Record Number: 55797
Source Name: WDSmartWareBackgroundService
Time Written: 20101127115857.000000-000
Event Type: Informace
User:
Computer Name: Diamond
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 55796
Source Name: Microsoft-Windows-WMI
Time Written: 20101127115857.000000-000
Event Type: Informace
User:
Computer Name: Diamond
Event Code: 0
Message: WDSmartWare Background Service Started!
Record Number: 55795
Source Name: WDSmartWareBackgroundService
Time Written: 20101127115857.000000-000
Event Type: Informace
User:
Computer Name: Diamond
Event Code: 0
Message:
Record Number: 55794
Source Name: VAIO Event Service
Time Written: 20101127115849.000000-000
Event Type: Informace
User:
Computer Name: Diamond
Event Code: 1
Message: The service is started.
Record Number: 55793
Source Name: IJPLMSVC
Time Written: 20101127115847.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: Diamond
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 119340
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110404042616.724079-000
Event Type: Úspěšný audit
User:
Computer Name: Diamond
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DIAMOND$
Doména účtu: DOMA
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x294
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 119339
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110404042616.724079-000
Event Type: Úspěšný audit
User:
Computer Name: Diamond
Event Code: 4647
Message: Odhlášení spuštěné uživatelem:
Předmět:
ID zabezpečení: S-1-5-21-879916149-732287809-1153946699-1003
Název účtu: Figo
Doména účtu: Diamond
ID přihlášení: 0x31a0b
Tato událost je generována, pokud je spuštěno odhlášení. Není povolena žádná další uživatelem spuštěná akce. Tuto událost lze interpretovat jako událost odhlášení.
Record Number: 119338
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110404042616.146878-000
Event Type: Úspěšný audit
User:
Computer Name: Diamond
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.
Předmět:
ID zabezpečení: S-1-5-21-879916149-732287809-1153946699-1003
Název účtu: Figo
Doména účtu: Diamond
ID přihlášení: 0x31a0b
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Účet, jehož pověření bylo použito:
Název účtu: 90400227
Doména účtu: vsskb
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Cílový server:
Název cílového serveru: adpra050.vsskb.cz
Další informace: adpra050.vsskb.cz
Informace o procesu:
ID procesu: 0xff8
Název procesu: C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
Informace o síti:
Síťová adresa: -
Port: -
Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 119337
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110404042546.253213-000
Event Type: Úspěšný audit
User:
Computer Name: Diamond
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.
Předmět:
ID zabezpečení: S-1-5-21-879916149-732287809-1153946699-1003
Název účtu: Figo
Doména účtu: Diamond
ID přihlášení: 0x31a0b
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Účet, jehož pověření bylo použito:
Název účtu: 90400227
Doména účtu: vsskb
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Cílový server:
Název cílového serveru: adpra050.vsskb.cz
Další informace: adpra050.vsskb.cz
Informace o procesu:
ID procesu: 0xff8
Název procesu: C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
Informace o síti:
Síťová adresa: -
Port: -
Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 119336
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110404042544.802411-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\PC Connectivity Solution;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\WIDCOMM\Bluetooth Software;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared;C:\Program Files (x86)\Common Files\DivX Shared;C:\Program Files (x86)\Pinnacle\Shared Files
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"configsetroot"=%SystemRoot%\ConfigSetRoot
"TFS_DIR"=C:\Program Files\Protector Suite\
"RoxioCentral"=C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\
"EMC_AUTOPLAY"=C:\Program Files (x86)\Common Files\Roxio Shared\
-----------------EOF-----------------
Re: Zpomalení PC, 50% vytížený procesor
Predpokladam, ze ten NOD32 mate legalni = zakoupena licence Vlozte mi sem log z CFka - je ulozen v c:\combofix.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Zpomalení PC, 50% vytížený procesor
NOD legální není, CF smazal MiNODLogina po použití.
ComboFix 11-06-17.04 - Figo 19.06.2011 14:53:01.1.2 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.6075.4298 [GMT 2:00]
Spuštěný z: c:\users\Figo\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\ESET\MiNODLogin
c:\program files (x86)\ESET\MiNODLogin\servidores.xml
c:\program files (x86)\UNWISE.EXE
c:\users\Figo\AppData\Roaming\.#
c:\users\Figo\AppData\Roaming\.#\MBX@11C8@1E32740.###
c:\users\Figo\AppData\Roaming\.#\MBX@11C8@1E32770.###
c:\users\Figo\AppData\Roaming\.#\MBX@1684@752740.###
c:\users\Figo\AppData\Roaming\.#\MBX@1684@752770.###
c:\users\Figo\AppData\Roaming\Desktopicon
c:\users\Figo\AppData\Roaming\Desktopicon\eBay.ico
c:\users\Figo\AppData\Roaming\Desktopicon\uninst.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-19 do 2011-06-19 )))))))))))))))))))))))))))))))
.
.
2011-06-19 12:58 . 2011-06-19 12:58 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-06-19 12:58 . 2011-06-19 12:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-19 12:38 . 2011-06-19 12:38 -------- d-----w- c:\program files (x86)\CCleaner
2011-06-17 10:31 . 2011-05-09 22:00 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5701BA3B-3657-4D57-9891-AC6932115838}\mpengine.dll
2011-06-16 16:40 . 2011-06-16 16:40 -------- d-----w- C:\ec3aaf37dbc220267a08998367
2011-06-16 09:14 . 2011-05-03 05:21 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-16 09:14 . 2011-05-03 04:50 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-05-23 18:28 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-23 18:28 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-10 19:46 . 2010-01-30 16:17 65536 ----a-r- c:\users\Figo\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
2011-04-09 06:45 . 2011-05-11 05:50 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:13 . 2011-05-11 05:50 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-11 05:50 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2009-08-11 350640]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
"ISUSPM Startup"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-05-26 317288]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2009-10-14 26624]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"USBToolTip"="c:\program files (x86)\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" [2004-04-23 192512]
"PCLEPCI"="c:\progra~2\Pinnacle\PPE\PPE.EXE" [2004-02-03 49152]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"Nokia FastStart"="c:\program files (x86)\Nokia\Nokia Music\NokiaMusic.exe" [2008-12-03 2372840]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-11-15 112600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-4-27 113664]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-2 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"HideFastUserSwitching"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-07-01 18:49 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Protector Suite\psqlpwd.dll
.
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-10-14 133104]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-06-26 362992]
R2 TwonkyMedia;TwonkyMedia;c:\program files (x86)\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe [2009-01-29 102400]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-10-14 133104]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-06-26 313840]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\DRIVERS\shpf.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-11-18 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-01-12 341312]
S2 NitroExpressDriverReadSpool;NitroPDFExpressDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Express\2.0\NitroPDFExpressDriverServicex64.exe [2009-12-15 341296]
S2 nlsX86cc;NLS Service;c:\windows\SysWOW64\NLSSRV32.EXE [2011-01-12 68928]
S2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2009-06-11 361472]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 632792]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-08-03 177696]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-08-22 411496]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-07-22 642920]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [x]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys [x]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [x]
S3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\DRIVERS\SonyPI.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-10-14 10:13]
.
2011-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-10-14 10:13]
.
2011-06-18 c:\windows\Tasks\RMSchedule.job
- c:\program files (x86)\Registry Mechanic\RegMech.exe [2011-04-10 15:05]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2009-07-20 21:18 5943048 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2009-07-20 21:18 5943048 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF23722.cfxxe" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-27 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-27 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-27 365592]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-22 16336416]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-03 7833120]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-08-03 1833504]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-07 171520]
"PSQLLauncher"="c:\program files\Protector Suite\launcher.exe" [2009-07-20 84744]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-11 689488]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-11-18 2919168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://login.szn.cz/?language=cz&remember=0&set_disableSSL=0&set_forceSSL=0&loggedURL=http%3A%2F%2Femail.seznam.cz%2Fticket&serviceId=email&emailLogout=1
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} - hxxps://www.mojedatovaschranka.cz/static/pages/ ... b?3,14,8,0
FF - ProfilePath - c:\users\Figo\AppData\Roaming\Mozilla\Firefox\Profiles\pw22dbd2.default\
FF - prefs.js: browser.startup.homepage - hxxp://login.szn.cz/?language=cz&remember=0&set_disableSSL=0&set_forceSSL=0&loggedURL=http%3A%2F%2Femail.seznam.cz%2Fticket&serviceId=email&emailLogout=1|http://login.szn.cz/?language=cz&rememb ... ilLogout=1
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: 602XML Filler: xmlfiller@software602.cz - c:\program files (x86)\Mozilla Firefox\extensions\xmlfiller@software602.cz
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
AddRemove-eBay Icon - c:\users\Figo\AppData\Roaming\Desktopicon\uninst.exe
AddRemove-Mafia Game - c:\windows\system32\MafiaSetup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\CDBurnerXP\NMSAccessU.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
.
**************************************************************************
.
Celkový čas: 2011-06-19 15:08:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-06-19 13:08
.
Před spuštěním: Volných bajtů: 21 972 529 152
Po spuštění: Volných bajtů: 20 952 973 312
.
- - End Of File - - 84430690B232BE3E7ABD228716A190DA
ComboFix 11-06-17.04 - Figo 19.06.2011 14:53:01.1.2 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.6075.4298 [GMT 2:00]
Spuštěný z: c:\users\Figo\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\ESET\MiNODLogin
c:\program files (x86)\ESET\MiNODLogin\servidores.xml
c:\program files (x86)\UNWISE.EXE
c:\users\Figo\AppData\Roaming\.#
c:\users\Figo\AppData\Roaming\.#\MBX@11C8@1E32740.###
c:\users\Figo\AppData\Roaming\.#\MBX@11C8@1E32770.###
c:\users\Figo\AppData\Roaming\.#\MBX@1684@752740.###
c:\users\Figo\AppData\Roaming\.#\MBX@1684@752770.###
c:\users\Figo\AppData\Roaming\Desktopicon
c:\users\Figo\AppData\Roaming\Desktopicon\eBay.ico
c:\users\Figo\AppData\Roaming\Desktopicon\uninst.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-19 do 2011-06-19 )))))))))))))))))))))))))))))))
.
.
2011-06-19 12:58 . 2011-06-19 12:58 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-06-19 12:58 . 2011-06-19 12:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-19 12:38 . 2011-06-19 12:38 -------- d-----w- c:\program files (x86)\CCleaner
2011-06-17 10:31 . 2011-05-09 22:00 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5701BA3B-3657-4D57-9891-AC6932115838}\mpengine.dll
2011-06-16 16:40 . 2011-06-16 16:40 -------- d-----w- C:\ec3aaf37dbc220267a08998367
2011-06-16 09:14 . 2011-05-03 05:21 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-16 09:14 . 2011-05-03 04:50 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-05-23 18:28 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-23 18:28 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-10 19:46 . 2010-01-30 16:17 65536 ----a-r- c:\users\Figo\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
2011-04-09 06:45 . 2011-05-11 05:50 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:13 . 2011-05-11 05:50 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-11 05:50 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2009-08-11 350640]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
"ISUSPM Startup"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-05-26 317288]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2009-10-14 26624]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"USBToolTip"="c:\program files (x86)\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" [2004-04-23 192512]
"PCLEPCI"="c:\progra~2\Pinnacle\PPE\PPE.EXE" [2004-02-03 49152]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"Nokia FastStart"="c:\program files (x86)\Nokia\Nokia Music\NokiaMusic.exe" [2008-12-03 2372840]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-11-15 112600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-4-27 113664]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-2 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"HideFastUserSwitching"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-07-01 18:49 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Protector Suite\psqlpwd.dll
.
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-10-14 133104]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-06-26 362992]
R2 TwonkyMedia;TwonkyMedia;c:\program files (x86)\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe [2009-01-29 102400]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-10-14 133104]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-06-26 313840]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\DRIVERS\shpf.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-11-18 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-01-12 341312]
S2 NitroExpressDriverReadSpool;NitroPDFExpressDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Express\2.0\NitroPDFExpressDriverServicex64.exe [2009-12-15 341296]
S2 nlsX86cc;NLS Service;c:\windows\SysWOW64\NLSSRV32.EXE [2011-01-12 68928]
S2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2009-06-11 361472]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 632792]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-08-03 177696]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-08-22 411496]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-07-22 642920]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [x]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys [x]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [x]
S3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\DRIVERS\SonyPI.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-10-14 10:13]
.
2011-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-10-14 10:13]
.
2011-06-18 c:\windows\Tasks\RMSchedule.job
- c:\program files (x86)\Registry Mechanic\RegMech.exe [2011-04-10 15:05]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2009-07-20 21:18 5943048 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2009-07-20 21:18 5943048 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF23722.cfxxe" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-27 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-27 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-27 365592]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-22 16336416]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-03 7833120]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-08-03 1833504]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-07 171520]
"PSQLLauncher"="c:\program files\Protector Suite\launcher.exe" [2009-07-20 84744]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-11 689488]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-11-18 2919168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://login.szn.cz/?language=cz&remember=0&set_disableSSL=0&set_forceSSL=0&loggedURL=http%3A%2F%2Femail.seznam.cz%2Fticket&serviceId=email&emailLogout=1
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} - hxxps://www.mojedatovaschranka.cz/static/pages/ ... b?3,14,8,0
FF - ProfilePath - c:\users\Figo\AppData\Roaming\Mozilla\Firefox\Profiles\pw22dbd2.default\
FF - prefs.js: browser.startup.homepage - hxxp://login.szn.cz/?language=cz&remember=0&set_disableSSL=0&set_forceSSL=0&loggedURL=http%3A%2F%2Femail.seznam.cz%2Fticket&serviceId=email&emailLogout=1|http://login.szn.cz/?language=cz&rememb ... ilLogout=1
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: 602XML Filler: xmlfiller@software602.cz - c:\program files (x86)\Mozilla Firefox\extensions\xmlfiller@software602.cz
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
AddRemove-eBay Icon - c:\users\Figo\AppData\Roaming\Desktopicon\uninst.exe
AddRemove-Mafia Game - c:\windows\system32\MafiaSetup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\CDBurnerXP\NMSAccessU.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
.
**************************************************************************
.
Celkový čas: 2011-06-19 15:08:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-06-19 13:08
.
Před spuštěním: Volných bajtů: 21 972 529 152
Po spuštění: Volných bajtů: 20 952 973 312
.
- - End Of File - - 84430690B232BE3E7ABD228716A190DA
Re: Zpomalení PC, 50% vytížený procesor
A samotne windows legalni jsou Pravidla fora jste cetl "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Zpomalení PC, 50% vytížený procesor
Windows legalní jsou a pravidla fora znám, už jednou jste mi pomohli. Akorád nyní se mi zdál tento bratrův notebook neuvěřitelně pomalý, tak sem slíbil, že se na to podívám. Systém byl rok jen používám bez jakékoliv údržby.
Re: Zpomalení PC, 50% vytížený procesor
A neni neco v pravidlech ohledne nelegalniho SW (zabezpeceni)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?