Při prohlížení vyskakuje okno
Napsal: 12 pro 2013 07:49
Logfile of random's system information tool 1.09 (written by random/random)
Run by Marek at 2013-12-12 07:49:14
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 10 GB (3%) free of 288 GB
Total RAM: 3830 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:49:17, on 12.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Cobian Backup 10\Cobian.exe
C:\Program Files (x86)\HF Designer\dd.exe
C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Program Files (x86)\totalcmd\TOTALCMD.EXE
C:\Users\Marek\AppData\Roaming\Kingston\SecureTravelerDaemon.exe
C:\Users\Marek\AppData\Roaming\Kingston\SecureTravelerA.exe
C:\Program Files\trend micro\Marek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [File Sanitizer] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [NtVdmSrv] C:\windows\inf\ntvdm.vbe
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Cobian Backup 10] "C:\Program Files (x86)\Cobian Backup 10\Cobian.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Device Detection] C:\Program Files (x86)\HF Designer\dd.exe
O4 - HKCU\..\Run: [Cobian Backup 11] "C:\Program Files (x86)\Cobian Backup 10\Cobian.exe"
O4 - HKCU\..\Run: [NextLive] C:\windows\SysWOW64\rundll32.exe "C:\Users\Marek\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DB271D9E-1FC2-4EF1-B10E-418559DF8559}: NameServer = 192.168.71.34,192.168.71.35
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cobian Backup 11 Volume Shadow Copy Requester (cbVSCService11) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 10\cbVSCService11.exe
O23 - Service: DEBridge - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS64.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: ShrewSoft DNS Proxy Daemon (dtpd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: ShrewSoft IKE Daemon (iked) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\iked.exe
O23 - Service: ShrewSoft IPSEC Daemon (ipsecd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SureThing Labelflash service - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Ashampoo LiveTuner Service (WO_LiveService) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe
--
End of file - 16125 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\svchost.exe -k NetworkService
atieclxx
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\WLANExt.exe 36385680
\??\C:\windows\system32\conhost.exe "-757630062-674954236-170479336720718292851363023043109238145-9751612971001623278
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE" "C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe"
C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe
C:\windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Cobian Backup 10\cbVSCService11.exe"
"C:\Program Files\ShrewSoft\VPN Client\dtpd.exe" -service
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe"
"c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe"
"C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
"C:\Program Files\ShrewSoft\VPN Client\iked.exe" -service
"C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe" -service
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2844
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe"
"C:\windows\system32\spool\DRIVERS\x64\3\HP1005MC.EXE" -Embedding
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\Explorer.EXE
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
adb fork-server server
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\Cobian Backup 10\Cobian.exe"
"C:\Program Files (x86)\HF Designer\dd.exe"
"C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe"
"C:\Windows\SysWOW64\rundll32.exe" "C:\Users\Marek\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
C:\windows\system32\svchost.exe -k WindowsMobile
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4076.5724d00.805572748 "C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4076 "\\.\pipe\gecko-crash-server-pipe.4076" plugin
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --proxy-stub-channel=Flash6128.696FDC68.7326 --host-broker-channel=Flash6128.696FDC68.12135 --host-pid=6128 --host-npapi-version=27 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll"
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --channel=4348.0036F278.1481319628 --proxy-stub-channel=Flash6128.696FDC68.7326 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files (x86)\totalcmd\TOTALCMD.EXE"
taskeng.exe {E67E5D7A-D9B4-4A73-BD5C-C0778284FFA1}
"C:\RSITx64.exe"
"taskhost.exe"
C:\Users\Marek\AppData\Roaming\Kingston\SecureTravelerDaemon.exe -p
C:\Users\Marek\AppData\Roaming\Kingston\SecureTravelerA.exe
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1cb9189d-8028-4965-a5eb-abcf63e2088b -SystemEventPortName:HostProcess-b7ba44f2-8714-4061-ba35-f1ed7e7136b6 -IoCancelEventPortName:HostProcess-3d49e5d2-b35e-44f5-978e-bd612bd00799 -NonStateChangingEventPortName:HostProcess-d687f882-2db4-44e6-9cef-3bd05029f792 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:1d01bfca-faff-4e84-b10b-740212b52367 -DeviceGroupId:WpdFsGroup
C:\windows\System32\svchost.exe -k WerSvcGroup
C:\windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\RSITx64.exe"
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
C:\windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-175207836-3395447266-978089624-1003Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-175207836-3395447266-978089624-1003UA1cef3e3d41608b5.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-175207836-3395447266-978089624-1005Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-175207836-3395447266-978089624-1005UA.job
C:\windows\tasks\HPCeeScheduleForMarek.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\u504b8ix.default-1355865952698
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.6.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg-secure-search.xml
fcmdSrch.xml
C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\u504b8ix.default-1355865952698\extensions\
o2cplayer@eleco.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2012-02-06 2132304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2010-05-06 117248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2012-02-06 1471824]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll [2010-10-26 262144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-08-25 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-08-25 157672]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - facemoods Toolbar - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll [2010-10-26 217088]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-04-05 8192]
"acevents"=C:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-04 196648]
"accrdsub"=C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2009-06-04 483880]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-07-25 489472]
"Broadcom Wireless Manager UI"=C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [2013-08-23 7177728]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2013-11-27 21720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-04-16 2736128]
"Cobian Backup 10"=C:\Program Files (x86)\Cobian Backup 10\Cobian.exe [2012-07-31 720896]
"Google Update"=C:\Users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-01 136176]
"Device Detection"=C:\Program Files (x86)\HF Designer\dd.exe [2011-02-21 555184]
"Cobian Backup 11"=C:\Program Files (x86)\Cobian Backup 10\Cobian.exe [2012-07-31 720896]
"NextLive"=C:\windows\SysWOW64\rundll32.exe [2009-07-14 44544]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-08 102400]
"File Sanitizer"=c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2010-05-06 11268096]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-03-21 312376]
"NtVdmSrv"=C:\windows\inf\ntvdm.vbe []
"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=144
"NoDesktopCleanupWizard"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoResolveTrack"=0
"NoViewContextMenu"=0
"NoFileAssociate"=0
"NoRun"=0
"NoClose"=0
"StartMenuLogoff"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\windows\NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2013-12-12 07:46:28 ----D---- C:\rsit
2013-12-12 07:46:28 ----D---- C:\Program Files\trend micro
2013-12-12 07:45:38 ----A---- C:\RSITx64.exe
2013-12-11 15:52:58 ----D---- C:\Users\Marek\AppData\Roaming\newnext.me
2013-12-11 15:51:51 ----D---- C:\ProgramData\Canneverbe Limited
2013-12-11 15:51:42 ----D---- C:\Users\Marek\AppData\Roaming\Canneverbe Limited
2013-12-11 15:51:38 ----D---- C:\Program Files (x86)\CDBurnerXP
2013-12-04 19:07:52 ----A---- C:\windows\system32\IEUDINIT.EXE
2013-12-04 19:03:08 ----A---- C:\windows\SYSWOW64\elshyph.dll
2013-12-04 19:03:08 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2013-12-04 19:03:03 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-12-04 19:03:03 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-04 19:03:03 ----A---- C:\windows\SYSWOW64\msls31.dll
2013-12-04 19:03:03 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-12-04 19:03:03 ----A---- C:\windows\SYSWOW64\jsIntl.dll
2013-12-04 19:03:03 ----A---- C:\windows\system32\elshyph.dll
2013-12-04 19:03:02 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-12-04 19:03:02 ----A---- C:\windows\SYSWOW64\msrating.dll
2013-12-04 19:03:02 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-12-04 19:03:02 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-12-04 19:03:01 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-04 19:03:01 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-12-04 19:03:01 ----A---- C:\windows\SYSWOW64\ieapfltr.dat
2013-12-04 19:03:01 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2013-12-04 19:03:01 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2013-12-04 19:03:00 ----A---- C:\windows\SYSWOW64\url.dll
2013-12-04 19:03:00 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2013-12-04 19:03:00 ----A---- C:\windows\SYSWOW64\licmgr10.dll
2013-12-04 19:03:00 ----A---- C:\windows\SYSWOW64\inseng.dll
2013-12-04 19:03:00 ----A---- C:\windows\SYSWOW64\iesetup.dll
2013-12-04 19:03:00 ----A---- C:\windows\SYSWOW64\iernonce.dll
2013-12-04 19:03:00 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2013-12-04 19:03:00 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2013-12-04 19:03:00 ----A---- C:\windows\SYSWOW64\icardie.dll
2013-12-04 19:02:59 ----A---- C:\windows\SYSWOW64\wextract.exe
2013-12-04 19:02:59 ----A---- C:\windows\SYSWOW64\webcheck.dll
2013-12-04 19:02:59 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-12-04 19:02:59 ----A---- C:\windows\SYSWOW64\pngfilt.dll
2013-12-04 19:02:59 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-12-04 19:02:59 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-12-04 19:02:59 ----A---- C:\windows\SYSWOW64\iexpress.exe
2013-12-04 19:02:58 ----A---- C:\windows\SYSWOW64\occache.dll
2013-12-04 19:02:58 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2013-12-04 19:02:58 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-12-04 19:02:58 ----A---- C:\windows\SYSWOW64\mshta.exe
2013-12-04 19:02:58 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-12-04 19:02:57 ----A---- C:\windows\SYSWOW64\msfeedssync.exe
2013-12-04 19:02:57 ----A---- C:\windows\SYSWOW64\msfeedsbs.dll
2013-12-04 19:02:57 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-12-04 19:02:57 ----A---- C:\windows\SYSWOW64\imgutil.dll
2013-12-04 19:02:57 ----A---- C:\windows\SYSWOW64\iepeers.dll
2013-12-04 19:02:57 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2013-12-04 19:02:57 ----A---- C:\windows\SYSWOW64\IEAdvpack.dll
2013-12-04 19:02:56 ----A---- C:\windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-04 19:02:56 ----A---- C:\windows\SYSWOW64\mshtmler.dll
2013-12-04 19:02:56 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2013-12-04 19:02:56 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-12-04 19:02:56 ----A---- C:\windows\system32\jsIntl.dll
2013-12-04 19:02:55 ----A---- C:\windows\system32\wininet.dll
2013-12-04 19:02:55 ----A---- C:\windows\system32\urlmon.dll
2013-12-04 19:02:55 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2013-12-04 19:02:55 ----A---- C:\windows\system32\msrating.dll
2013-12-04 19:02:55 ----A---- C:\windows\system32\msls31.dll
2013-12-04 19:02:55 ----A---- C:\windows\system32\jsproxy.dll
2013-12-04 19:02:55 ----A---- C:\windows\system32\iertutil.dll
2013-12-04 19:02:54 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2013-12-04 19:02:54 ----A---- C:\windows\system32\msfeedssync.exe
2013-12-04 19:02:54 ----A---- C:\windows\system32\msfeedsbs.dll
2013-12-04 19:02:54 ----A---- C:\windows\system32\jscript9diag.dll
2013-12-04 19:02:54 ----A---- C:\windows\system32\IEAdvpack.dll
2013-12-04 19:02:53 ----A---- C:\windows\system32\mshtmler.dll
2013-12-04 19:02:53 ----A---- C:\windows\system32\jscript9.dll
2013-12-04 19:02:53 ----A---- C:\windows\system32\ieui.dll
2013-12-04 19:02:53 ----A---- C:\windows\system32\iesysprep.dll
2013-12-04 19:02:52 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-04 19:02:52 ----A---- C:\windows\system32\ieframe.dll
2013-12-04 19:02:51 ----A---- C:\windows\system32\webcheck.dll
2013-12-04 19:02:51 ----A---- C:\windows\system32\url.dll
2013-12-04 19:02:51 ----A---- C:\windows\system32\mshtmlmedia.dll
2013-12-04 19:02:51 ----A---- C:\windows\system32\licmgr10.dll
2013-12-04 19:02:51 ----A---- C:\windows\system32\iesetup.dll
2013-12-04 19:02:51 ----A---- C:\windows\system32\iernonce.dll
2013-12-04 19:02:51 ----A---- C:\windows\system32\iedkcs32.dll
2013-12-04 19:02:51 ----A---- C:\windows\system32\ieapfltr.dll
2013-12-04 19:02:51 ----A---- C:\windows\system32\ieapfltr.dat
2013-12-04 19:02:51 ----A---- C:\windows\system32\ie4uinit.exe
2013-12-04 19:02:51 ----A---- C:\windows\system32\icardie.dll
2013-12-04 19:02:51 ----A---- C:\windows\system32\dxtrans.dll
2013-12-04 19:02:51 ----A---- C:\windows\system32\dxtmsft.dll
2013-12-04 19:02:50 ----A---- C:\windows\system32\wextract.exe
2013-12-04 19:02:50 ----A---- C:\windows\system32\vbscript.dll
2013-12-04 19:02:50 ----A---- C:\windows\system32\mshtmled.dll
2013-12-04 19:02:50 ----A---- C:\windows\system32\msfeeds.dll
2013-12-04 19:02:50 ----A---- C:\windows\system32\inseng.dll
2013-12-04 19:02:50 ----A---- C:\windows\system32\iexpress.exe
2013-12-04 19:02:49 ----A---- C:\windows\system32\mshtml.dll
2013-12-04 19:02:49 ----A---- C:\windows\system32\ieUnatt.exe
2013-12-04 19:02:48 ----A---- C:\windows\system32\pngfilt.dll
2013-12-04 19:02:48 ----A---- C:\windows\system32\occache.dll
2013-12-04 19:02:48 ----A---- C:\windows\system32\MshtmlDac.dll
2013-12-04 19:02:48 ----A---- C:\windows\system32\mshta.exe
2013-12-04 19:02:48 ----A---- C:\windows\system32\jscript.dll
2013-12-04 19:02:48 ----A---- C:\windows\system32\ieetwproxystub.dll
2013-12-04 19:02:48 ----A---- C:\windows\system32\ieetwcollectorres.dll
2013-12-04 19:02:48 ----A---- C:\windows\system32\ieetwcollector.exe
2013-12-04 19:02:47 ----A---- C:\windows\system32\imgutil.dll
2013-12-04 19:02:47 ----A---- C:\windows\system32\iepeers.dll
2013-11-30 20:24:44 ----D---- C:\agk_tmp
2013-11-30 20:20:56 ----D---- C:\Program Files (x86)\Mobogenie
2013-11-30 20:20:15 ----D---- C:\Program Files (x86)\Gophoto.it
2013-11-30 18:54:51 ----D---- C:\Users\Marek\AppData\Roaming\HandBrake
2013-11-30 18:52:24 ----D---- C:\Users\Marek\AppData\Roaming\26875
2013-11-30 18:37:37 ----D---- C:\ProgramData\DVD Shrink
2013-11-30 18:37:36 ----D---- C:\Program Files (x86)\DVD Shrink
2013-11-30 18:36:27 ----A---- C:\Users\Marek\AppData\Roaming\AutoGK.ini
2013-11-30 18:31:02 ----D---- C:\Users\Marek\AppData\Roaming\Media Player Classic
2013-11-30 18:24:12 ----D---- C:\Program Files (x86)\XviD
2013-11-30 18:23:57 ----D---- C:\Program Files (x86)\AviSynth 2.5
2013-11-30 18:23:42 ----D---- C:\Program Files (x86)\Gabest
2013-11-30 18:23:08 ----D---- C:\Program Files (x86)\AutoGK
2013-11-30 12:41:02 ----D---- C:\ProgramData\ESET
2013-11-23 18:52:46 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-11-18 19:41:22 ----D---- C:\Petr Skoumal
2013-11-17 15:07:29 ----A---- C:\windows\system32\crypt32.dll
2013-11-17 15:07:28 ----A---- C:\windows\SYSWOW64\crypt32.dll
2013-11-17 15:07:12 ----A---- C:\windows\system32\drivers\afd.sys
2013-11-17 15:06:56 ----A---- C:\windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-11-17 15:06:56 ----A---- C:\windows\SYSWOW64\credui.dll
2013-11-17 15:06:56 ----A---- C:\windows\SYSWOW64\authui.dll
2013-11-17 15:06:56 ----A---- C:\windows\system32\SmartcardCredentialProvider.dll
2013-11-17 15:06:56 ----A---- C:\windows\system32\credui.dll
2013-11-17 15:06:56 ----A---- C:\windows\system32\authui.dll
2013-11-17 15:06:41 ----A---- C:\windows\SYSWOW64\schannel.dll
2013-11-17 15:06:41 ----A---- C:\windows\system32\schannel.dll
2013-11-17 15:06:41 ----A---- C:\windows\system32\drivers\cng.sys
2013-11-17 15:06:40 ----A---- C:\windows\system32\lsasrv.dll
2013-11-17 15:06:40 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2013-11-17 15:06:40 ----A---- C:\windows\system32\drivers\ksecdd.sys
2013-11-17 15:06:38 ----A---- C:\windows\SYSWOW64\sspicli.dll
2013-11-17 15:06:38 ----A---- C:\windows\SYSWOW64\secur32.dll
2013-11-17 15:06:38 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2013-11-17 15:06:38 ----A---- C:\windows\system32\sspisrv.dll
2013-11-17 15:06:38 ----A---- C:\windows\system32\sspicli.dll
2013-11-17 15:06:38 ----A---- C:\windows\system32\secur32.dll
2013-11-17 15:06:38 ----A---- C:\windows\system32\ncrypt.dll
2013-11-17 15:06:38 ----A---- C:\windows\system32\lsass.exe
2013-11-17 15:06:30 ----A---- C:\windows\SYSWOW64\gdi32.dll
2013-11-17 15:06:30 ----A---- C:\windows\system32\gdi32.dll
2013-11-17 15:06:28 ----A---- C:\windows\system32\IKEEXT.DLL
2013-11-17 15:06:27 ----A---- C:\windows\SYSWOW64\nshwfp.dll
2013-11-17 15:06:27 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL
2013-11-17 15:06:27 ----A---- C:\windows\system32\nshwfp.dll
2013-11-17 15:06:27 ----A---- C:\windows\system32\FWPUCLNT.DLL
======List of files/folders modified in the last 1 month======
2013-12-12 07:49:15 ----D---- C:\windows\Temp
2013-12-12 07:48:29 ----A---- C:\windows\ntbtlog.txt
2013-12-12 07:47:53 ----D---- C:\Users\Marek\AppData\Roaming\Kingston
2013-12-12 07:46:28 ----RD---- C:\Program Files
2013-12-12 07:43:02 ----D---- C:\Program Files (x86)\Sitemap Generator
2013-12-12 07:42:15 ----D---- C:\windows\Prefetch
2013-12-12 07:38:32 ----SHD---- C:\windows\Installer
2013-12-12 07:38:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-12-12 07:38:31 ----SHD---- C:\Config.Msi
2013-12-12 07:38:31 ----D---- C:\Program Files (x86)\Hewlett-Packard
2013-12-12 07:38:19 ----SHD---- C:\System Volume Information
2013-12-12 07:35:40 ----D---- C:\windows\System32
2013-12-12 07:35:40 ----D---- C:\windows\inf
2013-12-12 07:35:40 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-12-12 07:31:51 ----D---- C:\windows\SysWOW64
2013-12-12 07:31:21 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-12-12 07:29:18 ----D---- C:\windows\system32\config
2013-12-12 07:29:18 ----D---- C:\ProgramData\HPQLOG
2013-12-12 07:25:15 ----D---- C:\Program Files (x86)\Inkscape
2013-12-12 07:15:02 ----D---- C:\Users\Marek\AppData\Roaming\inkscape
2013-12-12 07:12:57 ----D---- C:\Program Files (x86)\Google
2013-12-12 07:12:43 ----D---- C:\Program Files (x86)\Free Video Converter
2013-12-12 07:12:14 ----SD---- C:\ProgramData\Microsoft
2013-12-12 07:12:14 ----D---- C:\Program Files (x86)\Microsoft
2013-12-12 07:11:24 ----RD---- C:\Program Files (x86)
2013-12-12 07:11:23 ----D---- C:\Program Files (x86)\Common Files
2013-12-12 07:11:21 ----HD---- C:\ProgramData
2013-12-12 07:11:20 ----D---- C:\windows\system32\drivers
2013-12-12 07:11:18 ----D---- C:\Program Files (x86)\AVI to 3GP
2013-12-12 07:10:32 ----D---- C:\Program Files (x86)\Ashampoo
2013-12-12 07:08:27 ----D---- C:\windows\system32\appmgmt
2013-12-12 07:04:14 ----D---- C:\Test
2013-12-12 07:01:13 ----D---- C:\windows\system32\catroot2
2013-12-12 07:01:13 ----D---- C:\windows\system32\catroot
2013-12-12 07:01:07 ----D---- C:\windows\winsxs
2013-12-12 07:00:30 ----D---- C:\Users\Marek\AppData\Roaming\Centrum Mail
2013-12-11 15:51:38 ----D---- C:\Users\Marek\AppData\Roaming\OpenCandy
2013-12-09 16:27:36 ----D---- C:\windows\Tasks
2013-12-09 16:27:36 ----D---- C:\windows\system32\Tasks
2013-12-09 16:15:51 ----D---- C:\swsetup
2013-12-09 15:58:37 ----D---- C:\Test4
2013-12-09 15:47:17 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-12-08 09:19:44 ----D---- C:\windows\rescache
2013-12-07 13:43:40 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-12-07 13:43:40 ----D---- C:\windows\system32\cs-CZ
2013-12-07 13:43:39 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-07 13:43:38 ----D---- C:\Program Files\Internet Explorer
2013-12-07 13:43:37 ----D---- C:\windows\SYSWOW64\migration
2013-12-07 13:43:37 ----D---- C:\windows\SYSWOW64\en-US
2013-12-07 13:43:35 ----D---- C:\windows\system32\migration
2013-12-07 13:43:35 ----D---- C:\windows\PolicyDefinitions
2013-12-07 13:43:34 ----D---- C:\windows\system32\en-US
2013-12-04 19:07:52 ----D---- C:\windows\Logs
2013-12-04 19:01:19 ----D---- C:\Windows
2013-12-04 16:36:19 ----D---- C:\Temp
2013-11-30 20:54:20 ----D---- C:\Users\Marek\AppData\Roaming\HTC
2013-11-30 20:52:24 ----RSD---- C:\windows\Fonts
2013-11-30 20:51:22 ----D---- C:\windows\system32\DriverStore
2013-11-30 20:40:10 ----RD---- C:\Users
2013-11-30 19:59:58 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-18 19:08:52 ----D---- C:\windows\system32\MRT
2013-11-18 19:03:26 ----A---- C:\windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SafeBoot;SafeBoot; C:\windows\system32\drivers\SafeBoot.sys [2010-02-02 56648]
R0 SbAlg;SbAlg; C:\windows\system32\drivers\SbAlg.sys [2009-06-04 60160]
R0 SbFsLock;SbFsLock; C:\windows\system32\drivers\SbFsLock.sys [2010-02-02 15688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2010-02-02 58184]
R1 SBRE;SBRE; \??\C:\windows\system32\drivers\SBREdrv.sys [2011-04-29 55384]
R1 vflt;Shrew Soft Lightweight Filter; C:\windows\system32\DRIVERS\vfilter.sys [2010-09-02 21504]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R2 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
R2 LiveTunerPM;Ashampoo LiveTuner ProcessMonitor Driver; \??\C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerProcessMonitor64.sys [2011-05-12 12824]
R2 rimspci;rimspci; C:\windows\system32\DRIVERS\rimspe64.sys [2009-10-26 61952]
R2 risdpcie;risdpcie; C:\windows\system32\DRIVERS\risdpe64.sys [2009-10-29 79360]
R2 rixdpcie;rixdpcie; C:\windows\system32\DRIVERS\rixdpe64.sys [2009-12-11 55808]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2010-01-21 1209856]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2010-04-08 6657536]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-04-08 195584]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\windows\system32\drivers\AtiHdmi.sys [2010-03-09 123408]
R3 BCM42RLY;BCM42RLY; C:\windows\system32\drivers\BCM42RLY.sys [2013-08-23 22632]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl664.sys [2013-08-23 4747880]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 25912]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2010-01-19 1803904]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\windows\system32\DRIVERS\stwrt64.sys [2013-07-25 515584]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\windows\system32\DRIVERS\adusbser.sys [2009-11-06 154112]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-01-07 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2010-01-07 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 35104]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-01-07 21160]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2009-10-21 40760]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\windows\system32\DRIVERS\ewusbnet.sys [2009-12-07 246224]
S3 HTCAND64;HTC Device Driver; C:\windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\windows\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2009-12-07 117504]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service; C:\windows\system32\DRIVERS\sbfwim.sys [2011-02-08 84568]
S3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 84568]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 vnet;Shrew Soft Virtual Adapter; C:\windows\system32\DRIVERS\virtualnet.sys [2010-09-02 17408]
S3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
S3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-04 277032]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2013-07-25 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2010-01-21 16896]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-04-08 202752]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-12-29 873248]
R2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester; C:\Program Files (x86)\Cobian Backup 10\cbVSCService11.exe [2012-07-31 67584]
R2 DpHost;@C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2010-07-16 462160]
R2 dtpd;ShrewSoft DNS Proxy Daemon; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [2010-10-08 56592]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-09-12 1337752]
R2 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-04-05 103992]
R2 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2010-10-19 32768]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-06-14 90112]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-02-02 281192]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2010-05-06 298496]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2011-03-21 293944]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-13 30520]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2013-11-10 87368]
R2 iked;ShrewSoft IKE Daemon; C:\Program Files\ShrewSoft\VPN Client\iked.exe [2010-10-08 957712]
R2 ipsecd;ShrewSoft IPSEC Daemon; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [2010-10-08 697616]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-04-16 73728]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\windows\system32\svchost.exe [2009-07-14 27136]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-07-25 271360]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-03-22 93072]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\windows\system32\svchost.exe [2009-07-14 27136]
R3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
R3 DEBridge;DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2010-02-02 704512]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2010-02-18 2045232]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-12 257416]
S3 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS64.exe [2011-05-12 544768]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2009-12-07 362040]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2013-12-04 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-23 119408]
S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 SureThing Labelflash service;SureThing Labelflash service; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2009-11-20 74392]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-04-29 1255736]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.09 2013-12-12 07:46:35
======Uninstall list======
7-Zip 9.20 (x64 edition)-->MsiExec.exe /I{23170F69-40C1-2702-0920-000001000000}
ActivClient x64-->MsiExec.exe /X{86E45973-5352-439F-A115-2E8EE4D40140}
Adobe Flash Player 11 ActiveX-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe -maintain plugin
Adobe Reader X (10.1.8) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
AnyDATA 635 WH 1.4.0.0-->C:\Program Files\anydata\AnyDATA ADU 635 WH\uninstall.exe
Ashampoo Photo Commander 8 v.8.5.0-->"C:\Program Files (x86)\Ashampoo\Ashampoo Photo Commander 8\unins000.exe"
Ashampoo WinOptimizer 8 v.8.04-->"C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\unins000.exe"
ATI Catalyst Install Manager-->msiexec /q/x{208D3C67-846D-1AF7-7D75-95CEFE3533C8} REBOOT=ReallySuppress
Auto Gordian Knot 2.55-->C:\Program Files (x86)\AutoGK\uninst.exe
Balíček ovladače systému Windows - AnyDATA.NET (adusbser) Modem (07/08/2009 2.0.6.7)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\DPInst64.exe /u C:\windows\System32\DriverStore\FileRepository\admdm.inf_amd64_neutral_de6e6b6319257a79\admdm.inf
Balíček ovladače systému Windows - AnyDATA.NET (adusbser) Ports (07/08/2009 2.0.6.7)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\DPInst64.exe /u C:\windows\System32\DriverStore\FileRepository\adser.inf_amd64_neutral_d08171e22bbb82ce\adser.inf
Bing Rewards Client Installer-->MsiExec.exe /X{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}
Bodyvision-->MsiExec.exe /I{95041C76-A009-44CD-8B20-C9FD820FF1E2}
Broadcom 2070 Bluetooth 2.1 + EDR-->MsiExec.exe /X{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
Broadcom 802.11 Wireless LAN Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver" driver
Broadcom Wireless Utility-->"C:\Program Files\Broadcom\Broadcom 802.11\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11_App\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11"
Catalyst Control Center - Branding-->MsiExec.exe /I{AAB49CB7-FE7C-44CE-A19B-E0602945F8A2}
CDBurnerXP-->"C:\Program Files (x86)\CDBurnerXP\unins000.exe"
Centrum Mail-->MsiExec.exe /X{1FA96E54-9D16-4CA5-AA9E-B0FA93356865}
Centrum zařízení Windows Mobile-->MsiExec.exe /X{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}
Cobian Backup 10-->C:\Program Files (x86)\Cobian Backup 10\cbUninstall.exe
Cobian Backup 11 Gravity-->C:\Program Files (x86)\Cobian Backup 10\cbUninstall.exe
Cyberhorse AutoFlight-->C:\windows\WindowsMobile\Cyberhorse AutoFlight\Uninstall.exe Cyberhorse AutoFlight
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Device Access Manager for HP ProtectTools-->MsiExec.exe /X{55B52830-024A-443E-AF61-61E1E71AFA1B}
DirectX 9 Runtime-->MsiExec.exe /I{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}
Drive Encryption for HP ProtectTools-->msiexec.exe /i {34E6F14D-68F9-486D-87BA-6AA8431F3F44}
DVD Shrink 3.2-->"C:\Program Files (x86)\DVD Shrink\unins000.exe"
Energy Star Digital Logo-->MsiExec.exe /I{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}
Facemoods Toolbar-->"C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\uninstall.exe"
FastStone Photo Resizer 3.1-->C:\Program Files (x86)\FastStone Photo Resizer\uninst.exe
File Sanitizer For HP ProtectTools-->MsiExec.exe /I{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}
GOM Player-->"C:\Program Files (x86)\GRETECH\GomPlayer\Uninstall.exe"
Hewlett-Packard ACLM.NET v1.2.1.1-->MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F}
HP 3D DriveGuard-->MsiExec.exe /X{D805D22C-3C4B-47CD-A11D-912816288EE0}
HP Advisor-->MsiExec.exe /X{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}
HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}
HP Documentation-->MsiExec.exe /X{4054365C-8CD6-4F08-A2F9-44CADFD7A9D0}
HP ESU for Microsoft Windows 7-->MsiExec.exe /X{68BAA445-7269-4139-A79C-8C834708D2C2}
HP HotKey Support-->MsiExec.exe /X{4897678F-4921-4DA0-AD60-533C9225CDDD}
HP Power Assistant-->MsiExec.exe /X{3C33FD2E-6B21-4CD3-B41A-A7331D467617}
HP Power Data-->MsiExec.exe /X{AFCB591A-D4FF-4670-824C-970932809DED}
HP ProtectTools Security Manager-->C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\setup.exe
HP ProtectTools Security Manager-->MsiExec.exe /X{5BA0233F-F5DC-4BD3-9DF6-5E8C3D746D43}
HP QuickLook-->MsiExec.exe /X{3B392D0A-F3F6-41EA-8DDB-D657ABA70168}
HP QuickWeb-->MsiExec.exe /X{7861911B-4270-498A-8F7A-FCF0570F4877}
HP QuickWeb-->MsiExec.exe /X{7861911B-4270-498A-8F7A-FCF0570F48E3}
HP Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{96AC1B0B-02D1-4FAA-9C1E-C92ECA74921A}\setup.exe" -l0x9 -removeonly
HP SoftPaq Download Manager-->MsiExec.exe /I{2DA697D7-FED3-4DE2-A174-92A2A12F9688}
HP Software Framework-->MsiExec.exe /X{DA200FDD-DE3D-4958-8465-C4FBC869544B}
HP Software Setup-->MsiExec.exe /X{04801E42-B1A6-4C52-9F3D-CADB5A050433}
HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP Web Camera-->MsiExec.exe /I{C7AE4EC3-9C13-4213-8457-74D16B353F91}
HP Webcam Driver-->C:\Program Files (x86)\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x0009 -removeonly
HP Webcam-->C:\ProgramData\Uninstall\{1D61E881-43CD-447B-9E6B-D2C6138B2862}\setup.exe /x {1D61E881-43CD-447B-9E6B-D2C6138B2862}
HP Wireless Assistant-->MsiExec.exe /X{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}
HTC Driver Installer-->MsiExec.exe /X{4CEEE5D0-F905-4688-B9F9-ECC710507796}
HTC Sync Manager-->MsiExec.exe /X{368E4EF8-E840-40EE-A224-50B8D1DC2B12}
Huawei Drivers-->C:\Program Files (x86)\Huawei\Drivers\uninstall.exe
IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\Setup.exe" -remove -removeonly
InfraRecorder 0.52 (x64 edition)-->MsiExec.exe /X{2C22EA92-CB30-4932-0052-000001000000}
IPTInstaller-->MsiExec.exe /I{08208143-777D-4A06-BB54-71BF0AD1BB70}
IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe
Java 7 Update 6-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217006FF}
Java Card Security for HP ProtectTools-->MsiExec.exe /X{F4477CC0-7293-414A-93BC-20EE897A80F0}
Java(TM) 6 Update 22-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}
JDownloader 0.9-->C:\Program Files (x86)\JDownloader\JDUninstall.exe
LightScribe System Software-->MsiExec.exe /X{10427BCB-0742-43BE-81E2-3920972946F5}
LSI HDA Modem-->C:\windows\agrsmdel
Marvell Miniport Driver-->C:\Program Files (x86)\Marvell\Miniport Driver\Uninst.exe
Microsoft .NET Framework 4 Client Profile-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
MovieDownloader-->C:\Program Files (x86)\1clickmoviedownloader.com\uninst.exe
Mozilla Firefox 25.0.1 (x86 cs)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Mozilla Thunderbird 12.0.1 (x86 cs)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Notepad++-->C:\Program Files (x86)\Notepad++\uninstall.exe
Online TV verze 1.0-->"C:\Program Files (x86)\Online TV\unins000.exe"
OpenOffice.org 3.3-->MsiExec.exe /I{10B43A43-FF73-47FD-83E8-A503E84F9ED6}
Opera 11.10-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall
Paint.NET v3.35-->MsiExec.exe /X{20AC583C-A6FB-410A-807D-25308225C202}
PDFCreator-->C:\Program Files (x86)\PDFCreator\unins000.exe
PhotoBook-->C:\windows\WindowsMobile\PhotoBook\Uninstall.exe PhotoBook
PlayerLiteHJ 1.0.2.2.LHJ-->"C:\Program Files (x86)\H.264 & JPEG PlayLite\unins000.exe"
PoiEdit-->C:\PROGRA~2\DNOTES~1\POIEDI~1\UNWISE.EXE C:\PROGRA~2\DNOTES~1\POIEDI~1\INSTALL.LOG
Privacy Manager for HP ProtectTools-->MsiExec.exe /I{32394B71-1E8E-4233-8958-B84F4CDC8F4D}
PSPad editor-->"C:\Program Files (x86)\PSPad editor\Uninst\unins000.exe"
rajče verze 59 sestavení 230-->"C:\Program Files (x86)\rajce\unins000.exe"
Resco Sokoban-->C:\windows\RSetupCE.exe -uninstC:\Program Files (x86)\Resco\Sokoban\_Install.log
RICOH Media Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{F5CC2EF8-20A4-4366-A681-3FE849E65809}\SETUP.EXE" -runfromtemp -l0x0009 anything -removeonly
Roxio Activation Module-->MsiExec.exe /I{EC877639-07AB-495C-BFD1-D63AF9140810}
Roxio Creator Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
Roxio Creator Business v10-->MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB}
Roxio Creator Business-->C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe /x {537BF16E-7412-448C-95D8-846E85A1D817}
Roxio Creator Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
Roxio Creator Data-->MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693}
Roxio Creator Tools-->MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD-->MsiExec.exe /I{30A2A953-DEB1-466A-B660-F4399C7C6B9D}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E7F6B64E-E11F-3D1C-868D-3F1443DA5A15} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {08BB8EA1-3BA7-3AD5-8A07-22A5EC1F704E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {880A0A36-244B-3C7A-8D6B-56E694CE7883} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9D8496AE-4030-3E92-B44E-4F81051E6C85} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {43B6E5D3-56A9-36C1-BD8B-9E1D6920FF11} /parameterfolder Client
Shrew Soft VPN Client-->"C:\Program Files\ShrewSoft\VPN Client\uninstall.exe"
Skype™ 6.6-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
Sonic CinePlayer Decoder Pack-->MsiExec.exe /I{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}
Spb Puzzle-->C:\windows\WindowsMobile\Spb Puzzle\Uninstall.exe Spb Puzzle
SureThing CD Labeler Deluxe 5-->"C:\Program Files (x86)\SureThing CD Labeler 5\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
TomTom HOME-->MsiExec.exe /I{EC5F4C1B-F838-4CB7-8561-8F809296428B}
Total Commander (Remove or Repair)-->C:\Program Files (x86)\totalcmd\tcuninst.exe
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8C286FD4-AB38-37A6-BC8A-6F16AFE9AB1F} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {EFD73366-C059-3D04-9848-59072A15DB53} /parameterfolder Client
Validity Fingerprint Driver-->MsiExec.exe /X{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}
VD64Inst-->MsiExec.exe /I{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}
VLC media player 1.1.11-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Watchtower Library 2012 - česky-->C:\Program Files (x86)\Watchtower\Watchtower Library 2012\B\uninst.exe
Windows 7 Default Setting-->MsiExec.exe /I{5BF8E079-D6E2-4323-B794-75152371122A}
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)-->C:\PROGRA~1\DIFX\84B2E36983483FEB\DPInst.exe /u C:\windows\System32\DriverStore\FileRepository\bcbtums-vistax64-brcm.inf_amd64_neutral_669857059b361c7a\bcbtums-vistax64-brcm.inf
Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414)-->C:\PROGRA~1\DIFX\84B2E36983483FEB\DPInst.exe /u C:\windows\System32\DriverStore\FileRepository\bcbtums-win7x64-brcm.inf_amd64_neutral_be703d2a1f4813d8\bcbtums-win7x64-brcm.inf
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)-->C:\PROGRA~1\DIFX\84B2E36983483FEB\DPInst.exe /u C:\windows\System32\DriverStore\FileRepository\bcbthid64.inf_amd64_neutral_737f347105a3e66a\bcbthid64.inf
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Family Safety-->MsiExec.exe /I{D0C56275-9E7F-4BE5-AB37-15124BF808F2}
Windows Live Family Safety-->MsiExec.exe /X{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{027E5FAB-1476-4C59-AAB4-32EF28520399}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WYSIWYG Web Builder 9 -->C:\windows\iun6002.exe "H:\Portable\WYSIWYG Web Builder 9\irunin.ini"
XviD MPEG4 Video Codec (remove only)-->"C:\Program Files (x86)\XviD\xvid-uninstall.exe"
======System event log======
Computer Name: Marekhp
Event Code: 62464
Message: UVD Information
Record Number: 284847
Source Name: amdkmdag
Time Written: 20130312205344.430849-000
Event Type: Informace
User:
Computer Name: Marekhp
Event Code: 62464
Message: UVD Information
Record Number: 284846
Source Name: amdkmdag
Time Written: 20130312205344.430849-000
Event Type: Informace
User:
Computer Name: Marekhp
Event Code: 62464
Message: UVD Information
Record Number: 284845
Source Name: amdkmdag
Time Written: 20130312205344.430849-000
Event Type: Informace
User:
Computer Name: Marekhp
Event Code: 62464
Message: UVD Information
Record Number: 284844
Source Name: amdkmdag
Time Written: 20130312205326.797736-000
Event Type: Informace
User:
Computer Name: Marekhp
Event Code: 62464
Message: UVD Information
Record Number: 284843
Source Name: amdkmdag
Time Written: 20130312205326.797736-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: Marekhp
Event Code: 1042
Message: Probíhá ukončování transakce Instalační služby systému Windows: C:\Users\Marek\AppData\Local\Temp\7zS692D.tmp\ActivationInstaller.msi. ID procesu klienta: 3036
Record Number: 1478
Source Name: MsiInstaller
Time Written: 20110429153057.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: Marekhp
Event Code: 10000
Message: Zahajování relace 0 – 2011-04-29T15:30:54.303915500Z.
Record Number: 1477
Source Name: Microsoft-Windows-RestartManager
Time Written: 20110429153054.303915-000
Event Type: Informace
User: Marekhp\Marek
Computer Name: Marekhp
Event Code: 8194
Message: Bod obnovení byl úspěšně vytvořen (Proces = C:\windows\system32\msiexec.exe /V; Popis = Installed Norton Online Backup).
Record Number: 1476
Source Name: System Restore
Time Written: 20110429153054.000000-000
Event Type: Informace
User:
Computer Name: Marekhp
Event Code: 1040
Message: Probíhá zahajování transakce Instalační služby systému Windows: C:\Users\Marek\AppData\Local\Temp\7zS692D.tmp\ActivationInstaller.msi. ID procesu klienta: 3036
Record Number: 1475
Source Name: MsiInstaller
Time Written: 20110429153038.000000-000
Event Type: Informace
User: Marekhp\Marek
Computer Name: Marekhp
Event Code: 903
Message: Služba Ochrana softwaru byla ukončena.
Record Number: 1474
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20110429153030.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: Marekhp
Event Code: 4625
Message: Nezdařilo se přihlášení účtu.
Předmět:
ID zabezpečení: S-1-5-21-175207836-3395447266-978089624-1003
Název účtu: Marek
Doména účtu: Marekhp
ID přihlášení: 0x14dcd8
Typ přihlášení: 4
Účet, pro který se nezdařilo přihlášení:
ID zabezpečení: S-1-0-0
Název účtu: HomeGroupUser$
Doména účtu:
Informace o selhání:
Důvod selhání: Neznámé uživatelské jméno nebo chybné heslo
Stav: 0xc000006d
Dílčí stav: 0xc000006a
Informace o procesu:
ID procesu volajícího: 0x109c
Název procesu volajícího: C:\Windows\explorer.exe
Informace o síti:
Název pracovní stanice: MAREKHP
Adresa zdrojové sítě: -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována, pokud se nezdaří požadavek na přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakém typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Informace o procesu označují, který účet a proces v systému požadoval přihlášení.
Pole Informace o síti označuje původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 20272
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120401060827.610711-000
Event Type: Neúspěšný audit
User:
Computer Name: Marekhp
Event Code: 4625
Message: Nezdařilo se přihlášení účtu.
Předmět:
ID zabezpečení: S-1-5-21-175207836-3395447266-978089624-1003
Název účtu: Marek
Doména účtu: Marekhp
ID přihlášení: 0x14dcd8
Typ přihlášení: 4
Účet, pro který se nezdařilo přihlášení:
ID zabezpečení: S-1-0-0
Název účtu: Guest
Doména účtu:
Informace o selhání:
Důvod selhání: Účet je nyní zakázán.
Stav: 0xc000006e
Dílčí stav: 0xc0000072
Informace o procesu:
ID procesu volajícího: 0x109c
Název procesu volajícího: C:\Windows\explorer.exe
Informace o síti:
Název pracovní stanice: MAREKHP
Adresa zdrojové sítě: -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována, pokud se nezdaří požadavek na přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakém typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Informace o procesu označují, který účet a proces v systému požadoval přihlášení.
Pole Informace o síti označuje původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 20271
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120401060827.594710-000
Event Type: Neúspěšný audit
User:
Computer Name: Marekhp
Event Code: 4625
Message: Nezdařilo se přihlášení účtu.
Předmět:
ID zabezpečení: S-1-5-21-175207836-3395447266-978089624-1003
Název účtu: Marek
Doména účtu: Marekhp
ID přihlášení: 0x14dcd8
Typ přihlášení: 4
Účet, pro který se nezdařilo přihlášení:
ID zabezpečení: S-1-0-0
Název účtu: Administrator
Doména účtu:
Informace o selhání:
Důvod selhání: Účet je nyní zakázán.
Stav: 0xc000006e
Dílčí stav: 0xc0000072
Informace o procesu:
ID procesu volajícího: 0x109c
Název procesu volajícího: C:\Windows\explorer.exe
Informace o síti:
Název pracovní stanice: MAREKHP
Adresa zdrojové sítě: -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována, pokud se nezdaří požadavek na přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakém typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Informace o procesu označují, který účet a proces v systému požadoval přihlášení.
Pole Informace o síti označuje původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 20270
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120401060827.578709-000
Event Type: Neúspěšný audit
User:
Computer Name: Marekhp
Event Code: 4625
Message: Nezdařilo se přihlášení účtu.
Předmět:
ID zabezpečení: S-1-5-21-175207836-3395447266-978089624-1003
Název účtu: Marek
Doména účtu: Marekhp
ID přihlášení: 0x14dcd8
Typ přihlášení: 4
Účet, pro který se nezdařilo přihlášení:
ID zabezpečení: S-1-0-0
Název účtu: Marek
Doména účtu:
Informace o selhání:
Důvod selhání: Neznámé uživatelské jméno nebo chybné heslo
Stav: 0xc000006d
Dílčí stav: 0xc000006a
Informace o procesu:
ID procesu volajícího: 0x109c
Název procesu volajícího: C:\Windows\explorer.exe
Informace o síti:
Název pracovní stanice: MAREKHP
Adresa zdrojové sítě: -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována, pokud se nezdaří požadavek na přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakém typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Informace o procesu označují, který účet a proces v systému požadoval přihlášení.
Pole Informace o síti označuje původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 20269
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120401060827.431700-000
Event Type: Neúspěšný audit
User:
Computer Name: Marekhp
Event Code: 4689
Message: Proces byl ukončen.
Předmět:
ID zabezpečení: S-1-5-21-175207836-3395447266-978089624-1005
Název účtu: Jitka
Doména účtu: Marekhp
ID přihlášení: 0xc202f
Informace o procesu:
ID procesu: 0x1038
Název procesu: C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
Stav ukončení: 0x0
Record Number: 20268
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120401060747.770432-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Broadcom\Broadcom 802.11;;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;C:\Program Files\ActivIdentity\ActivClient\;C:\Program Files (x86)\ActivIdentity\ActivClient\;c:\Program Files\Hewlett-Packard\Drive Encryption\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;;C:\windows\SysWOW64;C:\Program Files (x86)\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 5 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0503
"OnlineServices"=Online Services
"Platform"=BNB
"PCBRAND"=b
"PTSM_install_path"=C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin
"RoxioCentral"=c:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\
"EMC_AUTOPLAY"=c:\Program Files (x86)\Common Files\Roxio Shared\
-----------------EOF-----------------