VIRY.CZ

Dobrý den,
chápu, že název vlákna působí hloupě - běžně vím, kde UAC vypnout, ale na otcově počítači obvyklé postupy nefungují.

Počítač nabídne potvrzení instalace software, obrazovka zešediví, ale po odkliknutí "Ano" okénko zmizí a obrazovka zůstane zašedlá. Když zkouším instalaci čehokoliv, nelze ji dokončit, protože UAC nic neudělá ani po kliknutí na Ano. Vypnout UAC pomocí příkazového řádku a umazání registrů také nejde, protože mě UAC nenechá spustit RegEdit.

Otec má instalaci Windows 7 a v nejhorším případě jsem schopný provést reinstall, ale chci se zeptat, zda nemůže být jiné řešení.

Děkuji všem za pomoc.

Edit. ještě chci doplnit, že cokoliv, co vyžaduje spuštění přes Admin práva, není možné, protože to zase UAC nepovolí, proto nemůžu vložit log z RSIT.

Dobrý den,
zkoušel jste UAC vypnout v nouzovém režimu? Popř. i s nově vytvořeným profilem?

Nevím, co se od minule změnilo, ale najednou jde RSIT použít. Posílám oba logy, co mi to vyplivlo a děkuji předem za kontrolu.


info.txt logfile of random's system information tool 1.09 2011-08-31 16:34:06

======Uninstall list======

Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10t_Plugin.exe -maintain plugin
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader X (10.0.1) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA0000000001}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe Support Advisor-->msiexec /qb /x {2DF60AEE-A193-03CC-2287-64B91E318D8E}
Adobe Support Advisor-->MsiExec.exe /I{2DF60AEE-A193-03CC-2287-64B91E318D8E}
Adobe SVG Viewer 3.0-->C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Aktualizace pro Microsoft Outlook Social Connector (KB2441641)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-0000-0000000FF1CE}" "{06C62E6B-B559-416A-9954-07C67F50F84A}" "1029" "0"
AutoCAD 2009 - English-->C:\Program Files\AutoCAD 2009\Setup\Setup.exe /P {5783F2D7-7001-0409-0002-0060B0CE6BBA} /M ACAD
Balíček ovladače systému Windows - Intel (NETwLv32) net (06/15/2010 13.2.0.137)-->C:\PROGRA~1\DIFX\25C232B9F73C1237\DPInst32.exe /u C:\Windows\System32\DriverStore\FileRepository\netwlv32.inf_x86_neutral_d9c7e9f1d12e891d\netwlv32.inf
Balíček ovladače systému Windows - Intel (NETwNs32) net (07/14/2010 13.3.0.24)-->C:\PROGRA~1\DIFX\25C232B9F73C1237\DPInst32.exe /u C:\Windows\System32\DriverStore\FileRepository\netwns32.inf_x86_neutral_7a46d1897649a6a9\netwns32.inf
Balíček ovladače systému Windows - Intel net (06/15/2010 13.2.0.137)-->C:\PROGRA~1\DIFX\25C232B9F73C1237\DPInst32.exe /u C:\Windows\System32\DriverStore\FileRepository\netwlv64.inf_x86_neutral_4257dd239352bdab\netwlv64.inf
Balíček ovladače systému Windows - Intel net (07/14/2010 13.3.0.24)-->C:\PROGRA~1\DIFX\25C232B9F73C1237\DPInst32.exe /u C:\Windows\System32\DriverStore\FileRepository\netwns64.inf_x86_neutral_21f0f37904910bd6\netwns64.inf
Broadcom 802.11 Wireless LAN Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
Definition update for Microsoft Office 2010 (KB982726)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{06C723B9-ADF5-42BC-B949-D14D6C6628B9}" "1029" "0"
DHTML Editing Component-->MsiExec.exe /I{2EA870FA-585F-4187-903D-CB9FFD21E2E0}
FastStone Image Viewer 4.3-->C:\Program Files\FastStone Image Viewer\uninst.exe
Google Earth-->MsiExec.exe /X{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Instalación de DivX-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
jZip-->C:\PROGRA~1\jZip\UNWISE.EXE /U C:\PROGRA~1\jZip\INSTALL.LOG
Kaspersky Internet Security 2011-->MsiExec.exe /I{66F1F013-008F-4875-B283-5A814B820347}
Kaspersky Internet Security 2011-->MsiExec.exe /I{66F1F013-008F-4875-B283-5A814B820347}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Antimalware-->MsiExec.exe /X{05BFB060-4F22-4710-B0A2-2801A1B606C5}
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{91140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-0000-0000000FF1CE}
Microsoft Security Client-->MsiExec.exe /I{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Mozilla Firefox (3.6.20)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (3.1.12)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
Panzer General 2 WARZONE edition-->c:\panzer2\UnInstall_29494.exe
PANZERS - Phase1-->C:\PROGRA~1\PANZER~1\UNINST~1\UNWISE.EXE C:\PROGRA~1\PANZER~1\UNINST~1\INSTALL.LOG
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
RealNetworks - Microsoft Visual C++ 2008 Runtime-->MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}
RealPlayer-->c:\program files\real\realplayer\Update\r1puninst.exe RealNetworks|RealPlayer|12.0
Realtek Ethernet Controller Driver For Windows Vista and Later-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
Security Update for Microsoft Excel 2010 (KB2523021)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{AA9E4C48-857D-4558-A4F4-343CA7680277}" "1029" "0"
Security Update for Microsoft InfoPath 2010 (KB2510065)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{3C6C6854-EB6B-455C-B0A6-9871F0538028}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2289078)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{1D1A4F08-2F17-475B-BA72-476CE5992FEE}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2289161)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{F134C2C6-30B3-4169-A325-58482B4CE6FC}" "1029" "0"
Security Update for Microsoft PowerPoint 2010 (KB2519975)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{45D7C5CD-B967-44AF-9DAB-E5C8545558AD}" "1029" "0"
Security Update for Microsoft Publisher 2010 (KB2409055)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{C3C277D5-36E3-4B1A-926A-175B2BC019CF}" "1029" "0"
Security Update for Microsoft Word 2010 (KB2345000)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}" "1029" "0"
Skype Toolbars-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.3-->MsiExec.exe /X{5335DADB-34BA-4AE8-A519-648D78498846}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
Update for Microsoft Office 2010 (KB2202188)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{86B7A074-265D-420C-9E1E-7A920EF0ECA7}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{556146F7-74AE-4E0A-B64F-5B8B93469F61}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{B5516874-E926-4BFD-B412-D0E70112F244}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{D6CE7280-6EE3-419A-8F47-DB111C040B1B}" "1029" "0"
Update for Microsoft Office 2010 (KB2494150)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}" "1029" "0"
Update for Microsoft Office 2010 (KB2523113)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{C0FF04BF-A05E-408B-81CA-B7FACDA508A3}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2493983)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{309EEC22-83CE-4109-B019-BA9392FAA322}" "1029" "0"
Update for Microsoft Outlook Social Connector (KB2441641)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{A10DC2B7-6FDA-4C17-9DF0-6A834CAC4306}" "1029" "0"
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======System event log======

Computer Name: Patrick-PC
Event Code: 7036
Message: Stav služby Služba Výčet přenosných zařízení byl změněn na: Zastaveno
Record Number: 26152
Source Name: Service Control Manager
Time Written: 20110307161757.530269-000
Event Type: Informace
User:

Computer Name: Patrick-PC
Event Code: 7036
Message: Stav služby Ochrana softwaru byl změněn na: Spuštěno
Record Number: 26151
Source Name: Service Control Manager
Time Written: 20110307161756.889233-000
Event Type: Informace
User:

Computer Name: Patrick-PC
Event Code: 7036
Message: Stav služby Google Update Service (gupdate) byl změněn na: Spuštěno
Record Number: 26150
Source Name: Service Control Manager
Time Written: 20110307161756.542213-000
Event Type: Informace
User:

Computer Name: Patrick-PC
Event Code: 7036
Message: Stav služby Mezipaměť písem Windows byl změněn na: Spuštěno
Record Number: 26149
Source Name: Service Control Manager
Time Written: 20110307161755.179135-000
Event Type: Informace
User:

Computer Name: Patrick-PC
Event Code: 7036
Message: Stav služby Microsoft .NET Framework NGEN v4.0.30319_X86 byl změněn na: Zastaveno
Record Number: 26148
Source Name: Service Control Manager
Time Written: 20110307161754.281083-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: 37L4247D28-05
Event Code: 1001
Message: Chybný blok , typ 0
Název události: PnPGenericDriverFound
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1: x86
P2: USB\VID_090C&PID_137B&REV_0304&MI_00
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x86_93446a238a8da610cf29a23ebaa4548aeeb7bd3c_cab_0698f066

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 87f1f799-202e-11e0-a100-ad387f0ab438
Stav hlášení: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20110114223505.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20110114223501.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20110114223459.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110114223455.903688-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247D28-05
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20110114223456.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: 37L4247D28-05
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247D28-05$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110114223433.580049-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247D28-05$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110114223433.564449-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x2b9e4
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110114223433.330448-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110114223431.957646-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110114223431.942046-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11\Driver;C:\Program Files\jZip;C:\Program Files\Common Files\Adobe\AGL
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 37 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=2502

-----------------EOF-----------------

Logfile of random's system information tool 1.09 (written by random/random)
Run by Patrick at 2011-08-31 16:32:51
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 23 GB (32%) free of 72 GB
Total RAM: 2935 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:34:03, on 31.8.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
C:\Windows\system32\taskeng.exe
C:\Users\Patrick\RSIT.exe
C:\Program Files\trend micro\Patrick.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2233703
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (file missing)
O2 - BHO: EmailBHO - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - C:\Program Files\jZip\WebmailPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Adobe Reader Synchronizer] "C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Ban phím ao - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{488160CC-D510-47BF-84EC-2880A39CE7A1}: NameServer = 192.168.100.50
O17 - HKLM\System\CS1\Services\Tcpip\..\{488160CC-D510-47BF-84EC-2880A39CE7A1}: NameServer = 192.168.100.50
O17 - HKLM\System\CS2\Services\Tcpip\..\{488160CC-D510-47BF-84EC-2880A39CE7A1}: NameServer = 192.168.100.50
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Dich vu Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

--
End of file - 8140 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3175355173-2656484283-1122100114-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3175355173-2656484283-1122100114-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\7suo4d0t.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
prefs.js - "extensions.enabledItems" - "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3, KavAntiBanner@Kaspersky.ru:11.0.1.400, linkfilter@kaspersky.ru:11.0.1.400, {09ec805c-cb2e-4d53-b0d3-a75a428b81c7}:3.3.3.2, engine@conduit.com:3.3.3.2, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.20"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 2233703&q="

"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647]
"Description"=12.0.1.647
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
KavAntiBanner@Kaspersky.ru
linkfilter@kaspersky.ru
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nppl3260.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsjsrealplayerplugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npnul32.dll
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\7suo4d0t.default\extensions\
engine@conduit.com
{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}
{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\7suo4d0t.default\searchplugins\
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-06-15 386264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll [2010-07-01 68280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{647FD14A-C4F1-46F4-8FC3-0B40F54226F7}]
jZip Webmail plugin - C:\Program Files\jZip\WebmailPlugin.dll [2008-07-02 591296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll [2010-07-01 191160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2011-02-22 352976]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"TkBellExe"=c:\program files\real\realplayer\Update\realsched.exe [2011-06-15 273544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Google Update"=C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-15 136176]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-04-18 15146376]
"Adobe Reader Synchronizer"=C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe [2011-01-30 1219488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-15 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2010-08-25 171032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2010-08-25 136216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2010-03-16 718208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2010-08-25 170520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-06-15 273544]

C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2010-07-01 228024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2011-08-31 16:32:52 ----D---- C:\Program Files\trend micro
2011-08-31 16:32:51 ----D---- C:\rsit
2011-08-28 10:58:27 ----D---- C:\ProgramData\ABBYY
2011-08-28 10:57:01 ----D---- C:\Users\Patrick\AppData\Roaming\ABBYY
2011-08-26 22:28:28 ----SHD---- C:\Config.Msi
2011-08-24 11:20:43 ----A---- C:\Windows\system32\tzres.dll
2011-08-22 09:28:17 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-22 09:28:16 ----A---- C:\Windows\system32\iertutil.dll
2011-08-22 09:28:15 ----A---- C:\Windows\system32\jscript.dll
2011-08-22 09:28:15 ----A---- C:\Windows\system32\ieui.dll
2011-08-22 09:28:14 ----A---- C:\Windows\system32\wininet.dll
2011-08-22 09:28:14 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-22 09:28:14 ----A---- C:\Windows\system32\jscript9.dll
2011-08-22 09:28:13 ----A---- C:\Windows\system32\urlmon.dll
2011-08-22 09:28:13 ----A---- C:\Windows\system32\url.dll
2011-08-22 09:28:13 ----A---- C:\Windows\system32\ieframe.dll
2011-08-22 09:28:11 ----A---- C:\Windows\system32\mshtml.dll
2011-08-21 15:40:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-21 15:40:15 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-08-21 15:40:14 ----A---- C:\Windows\system32\xmllite.dll
2011-08-21 15:40:13 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-21 15:40:09 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-21 15:40:07 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-21 15:40:07 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-21 15:40:07 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-21 15:40:07 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-21 15:40:07 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-21 15:40:07 ----A---- C:\Windows\system32\winsrv.dll
2011-08-21 15:40:07 ----A---- C:\Windows\system32\KernelBase.dll
2011-08-21 15:40:07 ----A---- C:\Windows\system32\kernel32.dll
2011-08-21 15:40:07 ----A---- C:\Windows\system32\conhost.exe
2011-08-21 15:40:06 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-21 15:40:06 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-21 15:40:06 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-21 15:40:06 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-21 15:40:06 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-21 15:40:06 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-21 15:40:06 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-21 15:40:06 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-21 15:40:06 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-21 15:40:06 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-21 15:40:05 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-21 15:40:05 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-21 15:40:05 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-21 15:40:05 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-21 15:40:05 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-21 15:40:05 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-21 15:40:05 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-21 15:40:05 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-21 15:40:05 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-21 15:40:05 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-21 15:40:05 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-21 15:40:05 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-21 15:40:04 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-21 15:40:03 ----A---- C:\Windows\system32\odbcjt32.dll
2011-08-21 15:40:03 ----A---- C:\Windows\system32\odbccu32.dll
2011-08-21 15:40:03 ----A---- C:\Windows\system32\odbccr32.dll
2011-08-21 15:40:03 ----A---- C:\Windows\system32\odbccp32.dll
2011-08-21 15:40:02 ----A---- C:\Windows\system32\odbctrac.dll
2011-08-04 14:22:49 ----A---- C:\Windows\system32\msls31.dll
2011-08-04 14:22:48 ----A---- C:\Windows\system32\msrating.dll
2011-08-04 14:22:48 ----A---- C:\Windows\system32\msfeedssync.exe
2011-08-04 14:22:48 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-08-04 14:22:48 ----A---- C:\Windows\system32\IEAdvpack.dll
2011-08-04 14:22:47 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-08-04 14:22:47 ----A---- C:\Windows\system32\mshtmler.dll
2011-08-04 14:22:47 ----A---- C:\Windows\system32\iesysprep.dll
2011-08-04 14:22:47 ----A---- C:\Windows\system32\ieakeng.dll
2011-08-04 14:22:46 ----A---- C:\Windows\system32\iesetup.dll
2011-08-04 14:22:46 ----A---- C:\Windows\system32\iernonce.dll
2011-08-04 14:22:46 ----A---- C:\Windows\system32\ieapfltr.dll
2011-08-04 14:22:46 ----A---- C:\Windows\system32\ieapfltr.dat
2011-08-04 14:22:46 ----A---- C:\Windows\system32\ie4uinit.exe
2011-08-04 14:22:46 ----A---- C:\Windows\system32\icardie.dll
2011-08-04 14:22:46 ----A---- C:\Windows\system32\dxtrans.dll
2011-08-04 14:22:46 ----A---- C:\Windows\system32\dxtmsft.dll
2011-08-04 14:22:45 ----A---- C:\Windows\system32\wextract.exe
2011-08-04 14:22:45 ----A---- C:\Windows\system32\webcheck.dll
2011-08-04 14:22:45 ----A---- C:\Windows\system32\vbscript.dll
2011-08-04 14:22:45 ----A---- C:\Windows\system32\occache.dll
2011-08-04 14:22:45 ----A---- C:\Windows\system32\msfeeds.dll
2011-08-04 14:22:45 ----A---- C:\Windows\system32\licmgr10.dll
2011-08-04 14:22:45 ----A---- C:\Windows\system32\inseng.dll
2011-08-04 14:22:45 ----A---- C:\Windows\system32\iexpress.exe
2011-08-04 14:22:45 ----A---- C:\Windows\system32\ieUnatt.exe
2011-08-04 14:22:45 ----A---- C:\Windows\system32\iedkcs32.dll
2011-08-04 14:22:44 ----A---- C:\Windows\system32\pngfilt.dll
2011-08-04 14:22:44 ----A---- C:\Windows\system32\mshta.exe
2011-08-04 14:22:44 ----A---- C:\Windows\system32\imgutil.dll
2011-08-04 14:22:44 ----A---- C:\Windows\system32\iepeers.dll
2011-08-04 14:22:44 ----A---- C:\Windows\system32\ieakui.dll
2011-08-04 14:22:44 ----A---- C:\Windows\system32\ieaksie.dll
2011-08-04 14:22:44 ----A---- C:\Windows\system32\admparse.dll
2011-08-04 13:53:22 ----D---- C:\Windows\system32\SPReview
2011-08-04 13:51:23 ----D---- C:\Windows\system32\EventProviders

======List of files/folders modified in the last 1 month======

2011-08-31 16:32:52 ----RD---- C:\Program Files
2011-08-31 16:32:28 ----D---- C:\Windows\Temp
2011-08-31 16:18:54 ----D---- C:\ProgramData\Kaspersky Lab
2011-08-31 16:17:21 ----D---- C:\Windows\System32
2011-08-31 16:17:21 ----D---- C:\Windows\inf
2011-08-31 16:17:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-31 12:58:18 ----D---- C:\Users\Patrick\AppData\Roaming\Skype
2011-08-31 12:46:40 ----D---- C:\Windows\Prefetch
2011-08-31 11:33:52 ----D---- C:\Windows\system32\config
2011-08-31 11:20:34 ----D---- C:\Windows\system32\catroot2
2011-08-31 11:19:46 ----D---- C:\Users\Patrick\AppData\Roaming\skypePM
2011-08-30 10:37:26 ----SHD---- C:\System Volume Information
2011-08-30 10:14:22 ----RSD---- C:\Windows\assembly
2011-08-30 10:14:22 ----D---- C:\Windows\Microsoft.NET
2011-08-30 10:03:09 ----SHD---- C:\Windows\Installer
2011-08-29 22:13:35 ----D---- C:\Windows\Tasks
2011-08-29 22:13:35 ----D---- C:\Windows\system32\wfp
2011-08-29 22:13:35 ----D---- C:\Windows\system32\DriverStore
2011-08-29 22:13:35 ----D---- C:\Windows
2011-08-29 22:13:34 ----D---- C:\Windows\system32\wbem
2011-08-29 22:13:34 ----D---- C:\Windows\system32\CodeIntegrity
2011-08-29 22:13:25 ----D---- C:\Windows\AppCompat
2011-08-29 22:13:24 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-08-29 22:13:24 ----D---- C:\ProgramData\Real
2011-08-29 22:13:14 ----D---- C:\Windows\registration
2011-08-29 22:12:23 ----HD---- C:\ProgramData
2011-08-29 12:25:18 ----D---- C:\ProgramData\Skype Extras
2011-08-25 18:28:17 ----D---- C:\Windows\rescache
2011-08-24 14:59:24 ----D---- C:\Windows\winsxs
2011-08-24 14:59:17 ----D---- C:\Windows\system32\cs-CZ
2011-08-24 11:20:07 ----D---- C:\Windows\system32\catroot
2011-08-23 11:40:14 ----D---- C:\Windows\system32\NDF
2011-08-23 11:19:09 ----D---- C:\Program Files\Mozilla Firefox
2011-08-22 11:45:42 ----D---- C:\Program Files\Mozilla Thunderbird
2011-08-22 09:44:42 ----D---- C:\Windows\system32\drivers
2011-08-22 09:44:41 ----D---- C:\Windows\system32\migration
2011-08-22 09:44:41 ----D---- C:\Program Files\Internet Explorer
2011-08-22 09:26:36 ----A---- C:\Windows\system32\MRT.exe
2011-08-22 09:26:10 ----D---- C:\ProgramData\Microsoft Help
2011-08-04 17:06:59 ----D---- C:\Windows\PolicyDefinitions
2011-08-04 17:06:58 ----D---- C:\Windows\system32\en-US
2011-08-04 16:53:28 ----D---- C:\Program Files\Windows Sidebar
2011-08-04 16:53:28 ----D---- C:\Program Files\Windows Portable Devices
2011-08-04 16:53:28 ----D---- C:\Program Files\Windows Media Player
2011-08-04 16:53:28 ----D---- C:\Program Files\Windows Mail
2011-08-04 16:53:28 ----D---- C:\Program Files\DVD Maker
2011-08-04 16:53:27 ----D---- C:\Program Files\Windows Photo Viewer
2011-08-04 16:53:27 ----D---- C:\Program Files\Windows Journal
2011-08-04 16:53:25 ----D---- C:\Program Files\Windows Defender
2011-08-04 16:53:24 ----D---- C:\Windows\servicing
2011-08-04 16:53:24 ----D---- C:\Windows\ehome
2011-08-04 16:53:17 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2011-08-04 16:53:16 ----D---- C:\Windows\system32\da-DK
2011-08-04 16:53:15 ----D---- C:\Windows\system32\sysprep
2011-08-04 16:53:15 ----D---- C:\Windows\system32\oobe
2011-08-04 16:53:14 ----D---- C:\Windows\system32\Setup
2011-08-04 16:53:14 ----D---- C:\Windows\system32\cs
2011-08-04 16:53:14 ----D---- C:\Windows\system32\AdvancedInstallers
2011-08-04 16:53:11 ----D---- C:\Windows\system32\sppui
2011-08-04 16:53:11 ----D---- C:\Windows\system32\manifeststore
2011-08-04 16:53:11 ----D---- C:\Windows\system32\es-ES
2011-08-04 16:53:10 ----D---- C:\Windows\system32\drivers\UMDF
2011-08-04 16:53:10 ----D---- C:\Windows\system32\drivers\cs-CZ
2011-08-04 16:53:08 ----D---- C:\Windows\system32\migwiz
2011-08-04 16:53:08 ----D---- C:\Windows\system32\Dism
2011-08-04 16:52:33 ----RSD---- C:\Windows\Fonts
2011-08-04 16:52:33 ----D---- C:\Windows\AppPatch
2011-08-04 16:52:19 ----D---- C:\Windows\system32\Boot
2011-08-04 14:22:58 ----D---- C:\Windows\Logs
2011-08-04 14:00:51 ----A---- C:\Windows\system32\msclmd.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2010-06-09 132184]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2010-06-09 11352]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2011-02-22 488024]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2010-04-22 22104]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKsl51d02586;MpKsl51d02586; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6A600105-0050-42BA-A1B4-62EEEA44421C}\MpKsl51d02586.sys [2011-08-31 28752]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-01-15 2709056]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-08-25 9024512]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S1 MpKsl075a28f3;MpKsl075a28f3; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CA41FC9D-6C25-4D06-B1CC-82FF6DF8DFAC}\MpKsl075a28f3.sys []
S1 MpKsl0bb371c6;MpKsl0bb371c6; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B3006DC7-67E7-4773-A55C-18C7B4523331}\MpKsl0bb371c6.sys []
S1 MpKsl311e46a7;MpKsl311e46a7; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3598D6BA-702B-42B5-B851-1FFB2F1AF995}\MpKsl311e46a7.sys []
S1 MpKsl42c7aad0;MpKsl42c7aad0; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AEFAE650-0E58-42E0-BFE4-2BF326412FC9}\MpKsl42c7aad0.sys []
S1 MpKsl48b4c1fd;MpKsl48b4c1fd; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{14313313-D43C-44BF-8625-AD04800D4D6D}\MpKsl48b4c1fd.sys []
S1 MpKsl75e1f164;MpKsl75e1f164; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F01170F5-EF75-47D5-8808-D4E886199C74}\MpKsl75e1f164.sys []
S1 MpKsl99808477;MpKsl99808477; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F503EDC3-B2C4-4EAB-84C8-D8B1CF08B3DE}\MpKsl99808477.sys []
S1 MpKsl9c1867e3;MpKsl9c1867e3; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F2B78128-C26B-4B44-AC6E-B2EA2F1FD08D}\MpKsl9c1867e3.sys []
S1 MpKslb0d2ebd7;MpKslb0d2ebd7; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F2B78128-C26B-4B44-AC6E-B2EA2F1FD08D}\MpKslb0d2ebd7.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2011-01-15 32256]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Dich vu Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2011-02-22 352976]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-19 136176]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2011-02-21 72704]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-02-17 85096]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-19 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

A zkoušel jste ten nouzový režim?

Dobrý den,
omlouvám se za pozdní odpověď, dříve jsem se nedostal k internetu. Řízení uživatelských účtů jsem už vypnul, děkuji za radu s nouzovým režimem. Počítač tak dejme tomu funguje - já bych ho už prohodil oknem - ale otci to zjevně nevadí. Nechci už jeho notebookem ztrácet ani váš ani můj čas a tak už asi není třeba něco hledat v logu. Vždy když mu /i s pomocí tohoto fóra/ dám notebook do pořádku, tak přijede po čtvrt roce ze zaměstnání v zahraničí a můžu začít nanovo. Teď už mu tam navíc nic "okatě" nevadí, a tak mi vysvětluje, jak už není potřeba něco řešit.

Ještě jednou díky za pomoc a přeji hezký den.

toon píše:Dobrý den,
omlouvám se za pozdní odpověď, dříve jsem se nedostal k internetu. Řízení uživatelských účtů jsem už vypnul, děkuji za radu s nouzovým režimem. Počítač tak dejme tomu funguje - já bych ho už prohodil oknem - ale otci to zjevně nevadí. Nechci už jeho notebookem ztrácet ani váš ani můj čas a tak už asi není třeba něco hledat v logu. Vždy když mu /i s pomocí tohoto fóra/ dám notebook do pořádku, tak přijede po čtvrt roce ze zaměstnání v zahraničí a můžu začít nanovo. Teď už mu tam navíc nic "okatě" nevadí, a tak mi vysvětluje, jak už není potřeba něco řešit.

Ještě jednou díky za pomoc a přeji hezký den.

Nemáte zač