zpomalení spuštění ntb

Zpráva

metrix.m · #1 Příspěvek od **metrix.m** » 15 úno 2011 11:27

Ahoj

chtěl bych poprosit o zkontrolování logu, neboť mi došlo k výraznému zpomalení ntb při startu (i 4-5 min)

Logfile of random's system information tool 1.08 (written by random/random)
Run by Martin at 2011-02-15 11:12:53
Microsoft Windows 7 Ultimate
System drive C: has 145 GB (48%) free of 305 GB
Total RAM: 3066 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:13:38, on 15.2.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TeamViewer\Version6\TeamViewer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\GBM\GRemote Pro\GRemoteServer.exe
C:\Program Files\Translate Client\translateclient.exe
C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 10\firefox.exe
C:\Program Files\Java\jre6\launch4j-tmp\frd.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 10\plugin-container.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Martin\Downloads\RSIT.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKCU\..\Run: [GRemoteServer Pro] C:\Program Files\GBM\GRemote Pro\GRemoteServer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Translate Client.lnk = C:\Program Files\Translate Client\translateclient.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: ABBYY FineReader 10 CE Licensing Service (ABBYY.Licensing.FineReader.Corporate.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\Windows\system32\Hpservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe

--
End of file - 9523 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2981185802-78788489-3726673733-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2981185802-78788489-3726673733-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-05 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-08-12 2215064]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
""= []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-25 98304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2009-05-28 90624]
"GRemoteServer Pro"=C:\Program Files\GBM\GRemote Pro\GRemoteServer.exe [2010-07-29 2639840]
""= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avp32]
C:\Users\Martin\AppData\Roaming\avp32\avp32.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files\Cyberlink\Shared files\brs.exe [2010-03-13 75048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F.lux]
C:\Users\Martin\Local Settings\Apps\F.lux\flux.exe [2009-08-29 966656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2011-01-19 2736128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-01-31 703360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2010-12-03 141368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-01-03 15028104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2011-02-08 396664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2010-12-09 74752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Martin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Automatické vypnutí počítače.lnk]
C:\PROGRA~1\AUTOMA~1\avp.exe [2004-12-28 443392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Martin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
C:\PROGRA~1\MICROS~4\Office14\ONENOTEM.EXE [2010-03-29 227712]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Translate Client.lnk - C:\Program Files\Translate Client\translateclient.exe

C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-02-15 11:12:53 ----D---- C:\rsit
2011-02-15 11:12:53 ----D---- C:\Program Files\trend micro
2011-02-14 11:52:17 ----D---- C:\Program Files\PC Connectivity Solution
2011-02-14 11:32:36 ----SHD---- C:\Config.Msi
2011-02-12 17:00:47 ----D---- C:\ProgramData\LightScribe
2011-02-12 14:45:17 ----D---- C:\Program Files\LightScribe Template Labeler
2011-02-12 14:43:46 ----D---- C:\Program Files\Common Files\LightScribe
2011-02-09 16:08:44 ----A---- C:\Windows\system32\mshtml.dll
2011-02-09 16:08:35 ----A---- C:\Windows\system32\msfeeds.dll
2011-02-09 16:08:34 ----A---- C:\Windows\system32\mstime.dll
2011-02-09 16:08:34 ----A---- C:\Windows\system32\iedkcs32.dll
2011-02-09 16:08:33 ----A---- C:\Windows\system32\mshtmled.dll
2011-02-09 16:08:33 ----A---- C:\Windows\system32\iertutil.dll
2011-02-09 16:08:33 ----A---- C:\Windows\system32\iepeers.dll
2011-02-09 16:08:32 ----A---- C:\Windows\system32\msfeedssync.exe
2011-02-09 16:08:32 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-02-09 16:08:32 ----A---- C:\Windows\system32\licmgr10.dll
2011-02-09 16:08:19 ----A---- C:\Windows\system32\vbscript.dll
2011-02-09 16:08:19 ----A---- C:\Windows\system32\jscript.dll
2011-02-09 16:08:17 ----A---- C:\Windows\system32\atmfd.dll
2011-02-09 16:08:16 ----A---- C:\Windows\system32\atmlib.dll
2011-02-09 16:08:14 ----A---- C:\Windows\system32\win32k.sys
2011-02-09 16:08:12 ----A---- C:\Windows\system32\kerberos.dll
2011-02-09 16:08:07 ----A---- C:\Windows\system32\ntdll.dll
2011-02-09 16:08:06 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-02-09 16:08:06 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-02-09 16:07:27 ----A---- C:\Windows\system32\upnp.dll
2011-02-09 16:07:24 ----A---- C:\Windows\system32\wininet.dll
2011-02-09 16:07:24 ----A---- C:\Windows\system32\urlmon.dll
2011-02-09 16:07:24 ----A---- C:\Windows\system32\msxml6.dll
2011-02-09 16:07:23 ----A---- C:\Windows\system32\msxml3.dll
2011-02-09 16:07:22 ----A---- C:\Windows\system32\WebClnt.dll
2011-02-09 16:07:22 ----A---- C:\Windows\system32\ieframe.dll
2011-02-09 16:07:22 ----A---- C:\Windows\system32\davclnt.dll
2011-02-09 16:07:21 ----A---- C:\Windows\system32\wscsvc.dll
2011-02-09 16:07:21 ----A---- C:\Windows\system32\wscapi.dll
2011-02-09 16:07:21 ----A---- C:\Windows\system32\winhttp.dll
2011-02-09 16:07:21 ----A---- C:\Windows\system32\slwga.dll
2011-02-09 16:06:30 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-02-07 21:27:50 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 10
2011-02-07 18:28:39 ----D---- C:\Program Files\LSI SoftModem
2011-02-06 01:46:28 ----D---- C:\Users\Martin\AppData\Roaming\inkscape
2011-02-06 00:17:43 ----D---- C:\Program Files\Inkscape
2011-02-05 21:04:18 ----D---- C:\Users\Martin\AppData\Roaming\Anthropics
2011-02-05 20:56:57 ----D---- C:\Users\Martin\AppData\Roaming\avp32
2011-02-04 20:09:59 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2011-02-04 20:09:43 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2011-01-31 14:41:20 ----A---- C:\Windows\system32\GDS32.DLL
2011-01-31 14:41:00 ----D---- C:\Program Files\Firebird
2011-01-31 13:15:30 ----A---- C:\Windows\system32\gdpdfplug.dll
2011-01-31 13:15:29 ----A---- C:\Windows\system32\msvbvm60001.dll
2011-01-31 13:15:29 ----A---- C:\Windows\system32\cdintf450.dll
2011-01-31 13:15:03 ----D---- C:\Users\Martin\AppData\Roaming\602Installer
2011-01-31 13:14:51 ----D---- C:\Program Files\Common Files\Freedom Scientific
2011-01-30 20:01:49 ----D---- C:\Users\Martin\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-01-28 22:26:11 ----D---- C:\Users\Martin\AppData\Roaming\Audacity
2011-01-27 13:31:45 ----SHD---- C:\found.000
2011-01-27 00:45:21 ----D---- C:\Windows\Minidump
2011-01-22 18:05:52 ----D---- C:\Program Files\Gaijin
2011-01-22 09:41:55 ----D---- C:\Users\Martin\AppData\Roaming\Real
2011-01-21 19:48:56 ----A---- C:\Windows\system32\javaws.exe
2011-01-21 19:48:56 ----A---- C:\Windows\system32\javaw.exe
2011-01-21 19:48:56 ----A---- C:\Windows\system32\java.exe
2011-01-18 18:17:11 ----D---- C:\Program Files\Windows XP Mode
2011-01-18 17:43:26 ----A---- C:\Windows\system32\drivers\VBoxNetAdp.sys
2011-01-18 15:14:04 ----A---- C:\Dropbox 1.0.10.exe
2011-01-17 11:57:10 ----D---- C:\ProgramData\WOP
2011-01-17 01:53:20 ----D---- C:\Users\Martin\AppData\Roaming\TuneUp Software
2011-01-17 01:52:07 ----D---- C:\ProgramData\TuneUp Software
2011-01-17 01:51:54 ----SHD---- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-01-16 15:03:11 ----D---- C:\Program Files\7-Zip

======List of files/folders modified in the last 1 months======

2011-02-15 11:13:39 ----D---- C:\Windows\Temp
2011-02-15 11:12:53 ----RD---- C:\Program Files
2011-02-15 10:49:31 ----SHD---- C:\System Volume Information
2011-02-15 10:49:15 ----D---- C:\Windows\system32\LogFiles
2011-02-15 10:48:00 ----D---- C:\Windows\system32\config
2011-02-15 10:47:17 ----D---- C:\Downloads
2011-02-15 10:46:06 ----D---- C:\Users\Martin\AppData\Roaming\Dropbox
2011-02-15 10:45:59 ----D---- C:\Program Files\FreeRapid
2011-02-15 10:44:36 ----D---- C:\Users\Martin\AppData\Roaming\translateclient
2011-02-15 10:43:36 ----D---- C:\Windows\Prefetch
2011-02-15 10:42:55 ----D---- C:\Windows
2011-02-15 00:02:49 ----D---- C:\Users\Martin\AppData\Roaming\Winamp
2011-02-15 00:02:40 ----D---- C:\Windows\debug
2011-02-14 23:05:59 ----D---- C:\Windows\System32
2011-02-14 23:05:58 ----D---- C:\Windows\inf
2011-02-14 23:05:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-02-14 12:55:57 ----D---- C:\Windows\system32\catroot
2011-02-14 11:55:04 ----SHD---- C:\Windows\Installer
2011-02-14 11:54:11 ----D---- C:\Users\Martin\AppData\Roaming\Nokia
2011-02-14 11:53:06 ----D---- C:\Program Files\Common Files\Nokia
2011-02-14 11:52:22 ----DC---- C:\Windows\system32\DRVSTORE
2011-02-14 11:52:22 ----D---- C:\Windows\system32\DriverStore
2011-02-14 11:52:22 ----D---- C:\Windows\system32\drivers
2011-02-12 17:00:47 ----HD---- C:\ProgramData
2011-02-12 16:59:03 ----D---- C:\Windows\system32\wdi
2011-02-12 16:57:50 ----D---- C:\Windows\system32\catroot2
2011-02-12 14:43:46 ----D---- C:\Program Files\Common Files
2011-02-11 00:55:15 ----D---- C:\Programy
2011-02-11 00:46:28 ----D---- C:\Sdílené dokumenty
2011-02-11 00:41:19 ----D---- C:\OziExplorer
2011-02-11 00:28:42 ----D---- C:\Hry
2011-02-09 16:47:39 ----D---- C:\Windows\winsxs
2011-02-09 16:43:28 ----D---- C:\Program Files\Internet Explorer
2011-02-09 16:18:32 ----D---- C:\ProgramData\Microsoft Help
2011-02-09 16:11:28 ----A---- C:\Windows\system32\MRT.exe
2011-02-09 15:33:05 ----D---- C:\Program Files\uTorrent
2011-02-09 09:51:15 ----D---- C:\Users\Martin\AppData\Roaming\uTorrent
2011-02-07 21:34:12 ----D---- C:\Users\Martin\AppData\Roaming\Opera
2011-02-07 21:23:32 ----D---- C:\Program Files\Opera
2011-02-07 18:51:11 ----D---- C:\Program Files\CCleaner
2011-02-06 20:29:21 ----D---- C:\Users\Martin\AppData\Roaming\TeamViewer
2011-02-06 18:10:02 ----D---- C:\Program Files\Vertex Wireless
2011-02-05 00:23:20 ----D---- C:\Program Files\DreamCom
2011-02-05 00:22:52 ----D---- C:\Program Files\HP
2011-01-31 13:17:02 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2011-01-31 13:15:28 ----D---- C:\Program Files\Software602
2011-01-31 13:15:27 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-31 13:14:54 ----D---- C:\Program Files\Common Files\soft602
2011-01-30 20:01:41 ----D---- C:\Program Files\Adobe
2011-01-30 20:01:40 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-01-30 15:03:15 ----D---- C:\Program Files\Family Toolbar
2011-01-30 15:02:39 ----D---- C:\Program Files\mnProjects
2011-01-30 15:01:17 ----D---- C:\Program Files\Vector Magic
2011-01-30 14:59:42 ----D---- C:\Windows\system32\Tasks
2011-01-30 14:45:06 ----D---- C:\Program Files\Codemasters
2011-01-30 14:44:54 ----D---- C:\Program Files\HLSW
2011-01-30 14:41:48 ----D---- C:\Program Files\PDFsvg
2011-01-30 14:39:58 ----D---- C:\Program Files\Google
2011-01-30 14:38:19 ----D---- C:\Users\Martin\AppData\Roaming\GameRanger
2011-01-30 14:38:06 ----D---- C:\Users\Martin\AppData\Roaming\IGN_DLM
2011-01-26 14:19:30 ----D---- C:\Windows\system32\directx
2011-01-26 14:19:07 ----HD---- C:\Windows\msdownld.tmp
2011-01-22 19:56:48 ----RSD---- C:\Windows\assembly
2011-01-22 16:24:43 ----SHD---- C:\$Recycle.Bin
2011-01-22 12:06:17 ----D---- C:\Windows\rescache
2011-01-22 11:11:33 ----D---- C:\Users\Martin\AppData\Roaming\Hamachi
2011-01-22 03:31:00 ----D---- C:\Windows\system32\cs-CZ
2011-01-21 19:48:30 ----D---- C:\Program Files\Java
2011-01-19 10:05:25 ----D---- C:\Users\Martin\AppData\Roaming\Mozilla
2011-01-17 16:38:27 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2011-01-17 16:04:26 ----D---- C:\Users\Martin\AppData\Roaming\skypePM
2011-01-17 02:53:41 ----D---- C:\Program Files\Hewlett-Packard
2011-01-17 02:43:30 ----D---- C:\Program Files\Ekahau
2011-01-16 00:54:46 ----D---- C:\Program Files\Driver Magician

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 25656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-04 691696]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-09-23 55040]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-12-31 295936]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 33848]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2010-01-26 1163328]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 6650368]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-11-26 231936]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2010-09-27 2661368]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 GRemoteBus;GRemote virtual joystick Bus Enumerator; C:\Windows\system32\DRIVERS\GRemoteBus.sys [2009-08-05 23368]
R3 GRemoteJoy;GRemote virtual joystick Device Driver; C:\Windows\system32\DRIVERS\GRemoteJoy.sys [2009-08-05 39112]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-12-30 25280]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2009-04-20 9344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1810856]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-09-23 165376]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-09-23 78336]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 6650368]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-01-18 109328]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WINUSB;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [2010-05-07 814344]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-12-03 26112]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-11-26 176128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe [2008-06-13 81920]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-11-15 126520]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 26168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2011-01-19 73728]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2006-10-26 335872]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-01-05 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2011-01-05 214520]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe [2008-06-13 2723840]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2010-10-14 751672]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-28 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-08-12 33584]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-27 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 15 úno 2011 11:36

Zdravim a pekny den preji

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Predpokladam ze ten NOD32 mate legalni = zakoupena licence

metrix.m · #3 Příspěvek od **metrix.m** » 15 úno 2011 12:03

zde přikládám log z info.txt a děkuji

také přeji krásný zbytek dne

edit: zapomněl jsem dodat že u mě pošlo k problému : nepodařilo se připojení ke službě systému windows, ale toto jsem vyřešil (Start-Spustit-napsat netsh winsock reset-OK-Restart) a problém se vyřešil (ovšem problém se spuštěním byl i předtím a stále přetrvává)
mám windows 7

edit 2: zdá se mi že problémy začly po instalaci posledních aktualizací systému windows 7

info.txt logfile of random's system information tool 1.08 2011-02-15 11:13:49

======Uninstall list======

µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
602XML podpora hlasového vystupu-->MsiExec.exe /X{6D5983E9-2655-4DE7-8278-2D6549732A9B}
7-Zip 9.20-->"C:\Program Files\7-Zip\Uninstall.exe"
ABBYY FineReader 10 Corporate Edition-->MsiExec.exe /I{F1000000-0001-0000-0000-074957833700}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}
Adobe Community Help-->msiexec /qb /x {EE531675-A09C-51DD-F356-ECA9D6857039}
Adobe Community Help-->MsiExec.exe /I{EE531675-A09C-51DD-F356-ECA9D6857039}
Adobe Creative Suite 5 Design Premium-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{02698606-3A21-489D-9D2A-75C9E8D3E5BD}"
Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CS5-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Reader X (10.0.1) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA0000000001}
Aktualizace pro Microsoft Outlook Social Connector (KB2289116)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-0000-0000000FF1CE}" "{E09910D9-C94A-410B-9ACB-6F350F2BF9E7}" "1029" "0"
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
ATI Catalyst Install Manager-->msiexec /q/x{763031D0-1BD7-2605-151B-B6B2C6A941CF} REBOOT=ReallySuppress
ATI Stream SDK v2 Developer-->MsiExec.exe /I{86B247F9-1D5E-CCC6-3280-71486D9A4E70}
Automatické vypnutí počítače 1.0-->"C:\Program Files\Automatické vypnutí počítače\unins000.exe"
Balíček ovladače systému Windows - Nokia Modem (06/09/2010 4.5)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_x86_neutral_4afe3236e50779fa\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_x86_neutral_fe4babbc84a3ec95\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Banská Bystrica-->0:\Program Files\Cyklotrasy SK\Uninstal.exe
BatteryBar (remove only)-->"C:\Program Files\BatteryBar\Uninstall.exe"
Broadcom 802.11 Wireless LAN Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
Call of Duty(R) 2-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374} /l2057
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Centrum zařízení Windows Mobile-->MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}
Client for Google Translate-->"C:\Program Files\Translate Client\translateclient_uninst.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
CorelDRAW Graphics Suite X4 - Capture-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF012}
CorelDRAW Graphics Suite X4 - Content-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF016}
CorelDRAW Graphics Suite X4 - Draw-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF013}
CorelDRAW Graphics Suite X4 - Filters-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF017}
CorelDRAW Graphics Suite X4 - FontNav-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF019}
CorelDRAW Graphics SUite X4 - ICA-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF010}
CorelDRAW Graphics Suite X4 - IPM-->MsiExec.exe /I{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}
CorelDRAW Graphics Suite X4 - Lang CZ-->MsiExec.exe /I{FFFE7261-2318-4227-B827-E9E05E16DFE5}
CorelDRAW Graphics Suite X4 - PP-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF014}
CorelDRAW Graphics Suite X4 - VBA-->MsiExec.exe /I{BF439B41-0252-48DE-8B8B-0430CB26A181}
CorelDRAW Graphics Suite X4-->MsiExec.exe /I{44A27085-0616-4181-A0C3-81C7ECA17F73}
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->c:\Program Files\Common Files\Corel\Shared\Shell Extension\Uninst.exe
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->MsiExec.exe /X{CE2DA11A-917F-4CF5-AB55-755EC115DD10}
CorelDRAW(R) Graphics Suite X4-->c:\Program Files\Corel\CorelDRAW Graphics Suite X4\Setup\SetupARP.exe /arp
CyberLink PowerDVD 10-->"C:\Program Files\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall
CyberLink PowerDVD 10-->"C:\Program Files\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall
Cyklotrasy 2.20 + mapy ČR-->C:\Program Files\Cyklotrasy\Uninstal.exe
Definition update for Microsoft Office 2010 (KB982726)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A004ADA8-EFD6-4CFE-849A-0C91B4C665FC}" "1029" "0"
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
Dolná Nitra - Žitava-->0:\Program Files\Cyklotrasy SK\Uninstal.exe
Driver Magician 3.49-->"C:\Program Files\Driver Magician\unins000.exe"
Firebird 2.1.1.17910 (Win32)-->"C:\Program Files\Firebird\Firebird_2_1\unins000.exe"
GalleryImages-->MsiExec.exe /I{3C3AB164-964F-419D-A688-810E728B9D7D}
GamePark-->"C:\Program Files\GamePark\unins000.exe"
GeoGet 2.5.7.612-->"C:\Users\Martin\Documents\My Dropbox\GeoGet\unins000.exe"
Google Earth-->MsiExec.exe /X{C768790F-04FB-11E0-9B2C-001AA037B01E}
Google Talk Plugin-->MsiExec.exe /I{37C5A56A-00EA-347B-B7A1-5628BED56702}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
GRemoteServer Pro(remove only)-->"C:\Program Files\GBM\GRemote Pro\uninst.exe"
Hamachi 1.0.3.0-->C:\Program Files\Hamachi\uninstall.exe
HP 3D DriveGuard-->MsiExec.exe /X{3E92DCCC-A2F0-4C27-A5B9-B3B1A2143149}
HP ESU for Microsoft Windows 7-->MsiExec.exe /X{812C7541-3C7C-4E24-99A5-3785EB2A5C40}
HP Officejet 6500 E710n-z Nápověda-->MsiExec.exe /I{EFBC0CB1-AFFD-4E74-ACEF-42099F1D49C3}
HP Power Manager-->MsiExec.exe /I{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}
HP Quick Launch Buttons-->"C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -runfromtemp -l0x0405 -removeonly uninst
HP SoftPaq Download Manager-->MsiExec.exe /I{C02A47C0-8F30-4193-88E6-957FB8AFE4CA}
HP Support Assistant-->"C:\Program Files\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP Update-->MsiExec.exe /X{787D1A33-A97B-4245-87C0-7174609A540C}
HP Webcam-->C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x0005 -removeonly
Inkscape 0.48.0-->C:\Program Files\Inkscape\Uninstall.exe
Java(TM) 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216021FF}
jwDuplFiles 2.0-->"C:\Program Files\jwDuplFiles\unins000.exe"
LightScribe System Software-->MsiExec.exe /X{6B25BB26-A1EC-4A23-AB6C-211E57B67777}
LightScribe Template Labeler-->MsiExec.exe /X{43523FEF-9D8E-4572-BB11-0E914D366E0A}
LSI HDA Modem-->C:\Windows\agrsmdel
Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ExtendedLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ExtendedLP
Microsoft .NET Framework 4 Extended CSY Language Pack-->MsiExec.exe /X{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-0000-0000000FF1CE}
Microsoft Office FrontPage 2003-->MsiExec.exe /I{90170405-6000-11D3-8CFE-0150048383C9}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Update ProtectedRoots registry key tool (KB932156)-->MsiExec.exe /I{ABE82CC0-5310-4650-81AD-BE9CF5F1E568}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Mozilla Firefox (3.6.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Firefox 4.0b10 (x86 cs)-->C:\Program Files\Mozilla Firefox 4.0 Beta 10\uninstall\helper.exe
MSI to redistribute MS VS2005 CRT libraries-->MsiExec.exe /I{A8D93648-9F7F-407D-915C-62044644C3DA}
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
Need For Speed™ World-->"C:\Program Files\Electronic Arts\Need For Speed World\unins000.exe"
Nokia Connectivity Cable Driver-->MsiExec.exe /I{4216D328-0FE8-48B8-85B8-BD300E6F080F}
Nokia Ovi Suite Software Updater-->MsiExec.exe /X{3553E875-F00E-4031-BDEC-75FB1DFEB093}
Nokia Ovi Suite-->C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{3FC42713-B6E7-49AA-A553-A224FE9828A8}\Installer.exe
Nokia Ovi Suite-->MsiExec.exe /X{3FC42713-B6E7-49AA-A553-A224FE9828A8}
Nokia PC Suite-->C:\ProgramData\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Nokia_PC_Suite_cze_web.exe
Nokia PC Suite-->MsiExec.exe /I{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}
Opera 11.01-->"C:\Program Files\Opera\Opera.exe" /uninstall
Ovi Desktop Sync Engine-->MsiExec.exe /X{28191B83-1D60-44B6-9B08-E854EF6632D5}
OviMPlatform-->MsiExec.exe /I{08600005-5228-4BF6-845E-E9A957AFDCB4}
OziExplorer 3.95-->"c:\OziExplorer\unins000.exe"
PC Connectivity Solution-->MsiExec.exe /I{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PrimoPDF -- brought to you by Nitro PDF Software-->"C:\Program Files\Nitro PDF\PrimoPDF\uninstaller.exe"
Prostředí Windows XP Mode-->MsiExec.exe /X{1374CC63-B520-4f3f-98E8-E9020BF01CFF}
PSPad editor-->"C:\Program Files\PSPad editor\Uninst\unins000.exe"
QIP Infium JadrisPack 4.1.1-->C:\Program Files\QIP Infium JadrisPack\Uninstall.exe
QLBCASL-->MsiExec.exe /I{F1D7AC58-554A-4A58-B784-B61558B1449A}
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2289158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {210B16C0-CEBD-4DE9-B474-04A7E8735E16}
Security Update for 2007 Microsoft Office System (KB2344875)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7A2C18A1-D2A2-3177-82F1-5FE9CC08ECB0} /parameterfolder Extended
Security Update for Microsoft Office 2010 (KB2289078)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{1D1A4F08-2F17-475B-BA72-476CE5992FEE}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2289161)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{F134C2C6-30B3-4169-A325-58482B4CE6FC}" "1029" "0"
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB2345035)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B23002DD-34EC-4988-B810-A5E2A0BF04F1}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3DED0A62-44C8-4E00-A785-5212F297A9D9}
Security Update for Microsoft Office Publisher 2007 (KB2284697)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A4CDE54-2403-483D-8D9A-15E3264410DF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Security Update for Microsoft Publisher 2010 (KB2409055)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{C3C277D5-36E3-4B1A-926A-175B2BC019CF}" "1029" "0"
Security Update for Microsoft Word 2010 (KB2345000)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}" "1029" "0"
Skype Toolbars-->MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A}
Skype™ 5.1-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Software602 Form Filler-->MsiExec.exe /X{D387C31D-971F-4EEC-8734-382B39AD04F0}
Software602 Print2PDF-->C:\Program Files\InstallShield Installation Information\{32C74893-0243-4235-A6F3-201F0E5D2C03}\setup.exe -runfromtemp -l0x0005 REMOVE
SP2GalleryImages-->MsiExec.exe /I{41DF6AB7-4F89-478D-8501-D81A7A975D35}
SPB Backup-->C:\Windows\WindowsMobile\SPB Backup\Uninstall.exe SPB Backup
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TeamViewer 6-->C:\Program Files\TeamViewer\Version6\uninstall.exe
TmNationsForever-->"C:\Program Files\TmNationsForever\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2010 (KB2202188)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{86B7A074-265D-420C-9E1E-7A920EF0ECA7}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{556146F7-74AE-4E0A-B64F-5B8B93469F61}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{B5516874-E926-4BFD-B412-D0E70112F244}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{D6CE7280-6EE3-419A-8F47-DB111C040B1B}" "1029" "0"
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Outlook 2007 (KB2412171)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {752A0B7C-BD24-4362-AC86-AB63FEE6F46F}
Update for Microsoft OneNote 2010 (KB2433299)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{6C845127-B949-4D76-A732-BCB396AD9AA5}" "1029" "0"
Update for Microsoft Outlook Social Connector (KB2289116)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{75F91382-920C-4AE1-B9E6-FFFCEDA797E8}" "1029" "0"
Update for Outlook 2007 Junk Email Filter (KB2492475)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AB9C3240-8F97-4998-8911-3D40044124FC}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 1.1.7-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows 7 Default Setting-->MsiExec.exe /I{A9FD3594-9E68-4EC7-B964-F38F33F07E3B}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
WMV9/VC-1 Video Playback-->MsiExec.exe /X{1FC7EE44-5378-1B18-4A15-B0748B1FC8AB}
XnView 1.97.8-->"C:\Program Files\XnView\unins000.exe"
Základní software zařízení HP Officejet 6500 E710n-z-->MsiExec.exe /I{E34ABC01-23DE-4CB1-9597-27DC6D4927BD}

======Hosts File======

127.0.0.1 osirisdevelopment.com
127.0.0.1 http://www.plimus.com
0.0.0.0 localhost

======System event log======

Computer Name: Martin-NTB
Event Code: 7036
Message: Stav služby Služba Plánovač multimédií byl změněn na: Zastaveno
Record Number: 25349
Source Name: Service Control Manager
Time Written: 20101106143526.323717-000
Event Type: Informace
User:

Computer Name: Martin-NTB
Event Code: 7036
Message: Stav služby Služba WinHTTP WPAD byl změněn na: Zastaveno
Record Number: 25348
Source Name: Service Control Manager
Time Written: 20101106140740.041411-000
Event Type: Informace
User:

Computer Name: Martin-NTB
Event Code: 7036
Message: Stav služby Funkčnost aplikací byl změněn na: Zastaveno
Record Number: 25347
Source Name: Service Control Manager
Time Written: 20101106135124.196596-000
Event Type: Informace
User:

Computer Name: Martin-NTB
Event Code: 7036
Message: Stav služby Služba WinHTTP WPAD byl změněn na: Spuštěno
Record Number: 25346
Source Name: Service Control Manager
Time Written: 20101106135110.039786-000
Event Type: Informace
User:

Computer Name: Martin-NTB
Event Code: 7036
Message: Stav služby služba Zprostředkovatel softwaru služby Stínová kopie svazků byl změněn na: Zastaveno
Record Number: 25345
Source Name: Service Control Manager
Time Written: 20101106134414.832037-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: 37L4247D28-05
Event Code: 1001
Message: Chybný blok , typ 0
Název události: PnPDriverNotFound
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1: x86
P2: ACPI\HPQ0006
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
C:\Windows\Temp\DMIDEF8.tmp.log.xml

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x86_3191c62738e8ae6e6dcf91ac2ea5b83ca2fec497_cab_07d1df75

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: a69e9851-ca2e-11df-aeda-fd5729a3a5de
Stav hlášení: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20100927115916.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20100927115821.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20100927115816.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.

Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100927115812.003299-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247D28-05
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20100927115812.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Martin-NTB
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.

Předmět:
ID zabezpečení: S-1-5-21-2981185802-78788489-3726673733-1001
Název účtu: Martin
Doména účtu: Martin-NTB
ID přihlášení: 0x29ae0
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Účet, jehož pověření bylo použito:
Název účtu: HomeGroupUser$
Doména účtu: Martin-PC
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Cílový server:
Název cílového serveru: Martin-PC
Další informace: Martin-PC

Informace o procesu:
ID procesu: 0x60c
Název procesu: C:\Windows\System32\spoolsv.exe

Informace o síti:
Síťová adresa: -
Port: -

Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 43921
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101206061925.225425-000
Event Type: Úspěšný audit
User:

Computer Name: Martin-NTB
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.

Předmět:
ID zabezpečení: S-1-5-21-2981185802-78788489-3726673733-1001
Název účtu: Martin
Doména účtu: Martin-NTB
ID přihlášení: 0x29ae0
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Účet, jehož pověření bylo použito:
Název účtu: HomeGroupUser$
Doména účtu: Martin-PC
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Cílový server:
Název cílového serveru: Martin-PC
Další informace: Martin-PC

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Síťová adresa: -
Port: -

Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 43920
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101206061925.208424-000
Event Type: Úspěšný audit
User:

Computer Name: Martin-NTB
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.

Předmět:
ID zabezpečení: S-1-5-21-2981185802-78788489-3726673733-1001
Název účtu: Martin
Doména účtu: Martin-NTB
ID přihlášení: 0x29ae0
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Účet, jehož pověření bylo použito:
Název účtu: HomeGroupUser$
Doména účtu: Martin-PC
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Cílový server:
Název cílového serveru: Martin-PC
Další informace: Martin-PC

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Síťová adresa: -
Port: -

Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 43919
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101206061855.298713-000
Event Type: Úspěšný audit
User:

Computer Name: Martin-NTB
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.

Předmět:
ID zabezpečení: S-1-5-21-2981185802-78788489-3726673733-1001
Název účtu: Martin
Doména účtu: Martin-NTB
ID přihlášení: 0x29ae0
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Účet, jehož pověření bylo použito:
Název účtu: HomeGroupUser$
Doména účtu: Martin-PC
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Cílový server:
Název cílového serveru: Martin-PC
Další informace: Martin-PC

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Síťová adresa: -
Port: -

Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 43918
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101206061855.279712-000
Event Type: Úspěšný audit
User:

Computer Name: Martin-NTB
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.

Předmět:
ID zabezpečení: S-1-5-21-2981185802-78788489-3726673733-1001
Název účtu: Martin
Doména účtu: Martin-NTB
ID přihlášení: 0x29ae0
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Účet, jehož pověření bylo použito:
Název účtu: HomeGroupUser$
Doména účtu: Martin-PC
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Cílový server:
Název cílového serveru: Martin-PC
Další informace: Martin-PC

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Síťová adresa: -
Port: -

Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 43917
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101206061855.252711-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\PC Connectivity Solution\;C:\Program Files\ATI Stream\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11\Driver;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"ATISTREAMSDKROOT"=C:\Program Files\ATI Stream\

-----------------EOF-----------------

#4 Příspěvek od **vyosek** » 15 úno 2011 12:22

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

metrix.m · #5 Příspěvek od **metrix.m** » 15 úno 2011 14:20

děkuji za odpověď

hned doma vyzkouším

přeji krásný zbytek dne

#6 Příspěvek od **vyosek** » 15 úno 2011 14:21

Ok, budu na log z CF cekat...pekny zbytek dne i Vam

metrix.m · #7 Příspěvek od **metrix.m** » 15 úno 2011 18:13

Zde je log z CF.

ComboFix 11-02-14.02 - Martin 15.02.2011 17:49:58.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3066.1864 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\Desktop
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat

----- BITS: Možné infikované stránky -----

hxxp://www.mlewallpapers.com
hxxp://www.bing.com
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-15 do 2011-02-15 )))))))))))))))))))))))))))))))
.

2011-02-15 17:08 . 2011-02-15 17:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-15 10:12 . 2011-02-15 10:13 -------- d-----w- C:\rsit
2011-02-15 10:12 . 2011-02-15 10:13 -------- d-----w- c:\program files\trend micro
2011-02-15 09:49 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F64988E3-1B83-455F-B585-FFCE0CF9413D}\mpengine.dll
2011-02-14 10:52 . 2011-02-14 10:52 -------- d-----w- c:\program files\PC Connectivity Solution
2011-02-12 16:00 . 2011-02-12 16:00 -------- d-----w- c:\programdata\LightScribe
2011-02-12 13:45 . 2011-02-12 13:45 -------- d-----w- c:\program files\LightScribe Template Labeler
2011-02-12 13:43 . 2011-02-12 13:43 -------- d-----w- c:\program files\Common Files\LightScribe
2011-02-09 15:07 . 2010-12-21 05:38 204288 ----a-w- c:\windows\system32\upnp.dll
2011-02-09 15:07 . 2010-12-21 05:38 981504 ----a-w- c:\windows\system32\wininet.dll
2011-02-09 15:07 . 2010-12-21 05:36 1389568 ----a-w- c:\windows\system32\msxml6.dll
2011-02-09 15:07 . 2010-12-21 05:36 1236992 ----a-w- c:\windows\system32\msxml3.dll
2011-02-09 15:07 . 2010-12-21 05:38 204800 ----a-w- c:\windows\system32\WebClnt.dll
2011-02-09 15:07 . 2010-12-21 05:34 80384 ----a-w- c:\windows\system32\davclnt.dll
2011-02-09 15:07 . 2010-12-21 05:38 73728 ----a-w- c:\windows\system32\wscsvc.dll
2011-02-09 15:07 . 2010-12-21 05:38 51200 ----a-w- c:\windows\system32\wscapi.dll
2011-02-09 15:07 . 2010-12-21 05:38 350720 ----a-w- c:\windows\system32\winhttp.dll
2011-02-09 15:07 . 2010-12-21 05:38 14336 ----a-w- c:\windows\system32\slwga.dll
2011-02-09 15:06 . 2011-02-03 05:45 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-02-07 20:27 . 2011-02-07 20:27 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 10
2011-02-07 17:28 . 2011-02-07 17:28 -------- d-----w- c:\program files\LSI SoftModem
2011-02-06 00:46 . 2011-02-15 10:49 -------- d-----w- c:\users\Martin\AppData\Roaming\inkscape
2011-02-05 20:04 . 2011-02-05 20:04 -------- d-----w- c:\users\Martin\AppData\Roaming\Anthropics
2011-02-05 19:56 . 2011-02-05 19:57 -------- d-----w- c:\users\Martin\AppData\Roaming\avp32
2011-02-04 19:11 . 2011-02-04 19:11 -------- d-----w- c:\users\Martin\VirtualBox VMs
2011-02-04 19:11 . 2011-02-04 20:26 -------- d-----w- c:\users\Martin\.VirtualBox
2011-02-04 19:09 . 2011-01-18 16:43 158736 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-02-04 19:09 . 2011-01-18 16:43 42960 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-01-31 13:41 . 2008-06-13 13:21 450560 ----a-w- c:\windows\system32\GDS32.DLL
2011-01-31 13:41 . 2008-06-13 13:26 462848 ----a-w- c:\windows\system32\Firebird2Control.cpl
2011-01-31 13:41 . 2011-01-31 13:41 -------- d-----w- c:\program files\Firebird
2011-01-31 12:15 . 2010-09-20 14:55 2335880 ----a-w- c:\windows\system32\gdpdfplug.dll
2011-01-31 12:15 . 2010-09-20 14:55 1262216 ----a-w- c:\windows\system32\GdViewerpro4.ocx
2011-01-31 12:15 . 2010-11-30 17:38 4807168 ----a-w- c:\windows\system32\cdintf450.dll
2011-01-31 12:15 . 2009-07-14 01:15 1386496 ----a-w- c:\windows\system32\msvbvm60001.dll
2011-01-31 12:15 . 2011-01-31 12:15 -------- d-----w- c:\users\Martin\AppData\Roaming\602Installer
2011-01-31 12:14 . 2011-01-31 12:14 -------- d-----w- c:\program files\Common Files\Freedom Scientific
2011-01-30 19:01 . 2011-01-30 19:01 -------- d-----w- c:\users\Martin\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-01-30 15:45 . 2011-01-30 15:45 135568 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-01-28 21:26 . 2011-02-06 21:47 -------- d-----w- c:\users\Martin\AppData\Roaming\Audacity
2011-01-27 12:31 . 2011-01-27 12:31 -------- d-----w- C:\found.000
2011-01-26 23:39 . 2011-01-26 23:47 -------- d-----w- c:\users\Martin\.gimp-2.6
2011-01-22 17:05 . 2011-01-22 17:05 -------- d-----w- c:\program files\Gaijin
2011-01-20 15:33 . 2011-01-20 15:33 -------- d-----w- c:\users\Martin\AppData\Local\MetaGeek,_LLC
2011-01-18 17:17 . 2011-01-18 17:19 -------- d-----w- c:\program files\Windows XP Mode
2011-01-18 16:43 . 2011-01-18 16:43 109328 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-01-18 14:14 . 2011-01-18 14:13 14715008 ----a-w- C:\Dropbox 1.0.10.exe
2011-01-17 10:57 . 2011-01-17 10:57 -------- d-----w- c:\users\Martin\AppData\Local\WOP
2011-01-17 10:57 . 2011-01-17 10:57 -------- d-----w- c:\programdata\WOP
2011-01-17 10:16 . 2011-01-22 20:16 -------- d-----w- c:\users\Martin\AppData\Local\Wings of Prey
2011-01-17 00:53 . 2011-01-17 00:53 -------- d-----w- c:\users\Martin\AppData\Roaming\TuneUp Software
2011-01-17 00:52 . 2011-01-17 00:56 -------- d-----w- c:\programdata\TuneUp Software
2011-01-17 00:51 . 2011-01-17 00:51 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-15 15:10 . 2010-10-29 21:54 2828 --sha-w- c:\programdata\KGyGaAvL.sys
2011-01-05 19:44 . 2011-01-05 01:49 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-01-05 19:44 . 2011-01-05 01:49 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-01-05 19:43 . 2011-01-05 01:49 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-01-05 01:49 . 2011-01-05 01:49 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-01-02 23:58 . 2011-01-02 22:28 249856 ------w- c:\windows\Setup1.exe
2011-01-02 23:58 . 2011-01-02 22:28 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-12-30 14:05 . 2010-12-30 14:05 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-12-13 12:46 . 2010-09-30 10:52 353576 ----a-w- c:\windows\system32\msvcr71.dll
2010-12-13 12:46 . 2010-09-30 10:52 29480 ----a-w- c:\windows\system32\msxml3a.dll
2010-12-13 12:46 . 2010-09-30 10:52 505128 ----a-w- c:\windows\system32\msvcp71.dll
2010-12-07 11:16 . 2010-12-07 11:16 51200 ----a-w- c:\windows\system32\OpenCL.dll
2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr
2010-11-26 04:19 . 2010-11-26 04:19 6650368 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-11-26 03:02 . 2010-11-26 03:02 16702976 ----a-w- c:\windows\system32\atioglxx.dll
2010-11-26 02:58 . 2010-11-26 02:58 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-11-26 02:58 . 2010-11-26 02:58 550400 ----a-w- c:\windows\system32\aticfx32.dll
2010-11-26 02:54 . 2010-11-26 02:54 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-11-26 02:54 . 2010-11-26 02:54 393216 ----a-w- c:\windows\system32\atieclxx.exe
2010-11-26 02:54 . 2010-11-26 02:54 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2010-11-26 02:52 . 2010-11-26 02:52 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-11-26 02:52 . 2010-11-26 02:52 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-11-26 02:52 . 2010-11-26 02:52 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2010-11-26 02:52 . 2010-11-26 02:52 15872 ----a-w- c:\windows\system32\atimuixx.dll
2010-11-26 02:52 . 2010-11-26 02:52 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-11-26 02:49 . 2009-07-13 22:09 4066816 ----a-w- c:\windows\system32\atidxx32.dll
2010-11-26 02:30 . 2009-08-18 00:20 4122624 ----a-w- c:\windows\system32\atiumdag.dll
2010-11-26 02:30 . 2010-11-26 02:30 46080 ----a-w- c:\windows\system32\aticalrt.dll
2010-11-26 02:30 . 2010-11-26 02:30 44032 ----a-w- c:\windows\system32\aticalcl.dll
2010-11-26 02:28 . 2010-11-26 02:28 5441024 ----a-w- c:\windows\system32\aticaldd.dll
2010-11-26 02:24 . 2010-11-26 02:24 52736 ----a-w- c:\windows\system32\coinst.dll
2010-11-26 02:22 . 2009-08-18 00:05 3460096 ----a-w- c:\windows\system32\atiumdva.dll
2010-11-26 02:17 . 2010-11-26 02:17 249856 ----a-w- c:\windows\system32\atiadlxx.dll
2010-11-26 02:17 . 2010-11-26 02:17 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-11-26 02:16 . 2010-11-26 02:16 27136 ----a-w- c:\windows\system32\atigktxx.dll
2010-11-26 02:16 . 2010-11-26 02:16 231936 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-11-26 02:15 . 2010-11-26 02:15 30720 ----a-w- c:\windows\system32\atiuxpag.dll
2010-11-26 02:15 . 2010-11-26 02:15 28672 ----a-w- c:\windows\system32\atiu9pag.dll
2010-11-26 02:15 . 2010-11-26 02:15 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-11-26 02:09 . 2010-11-26 02:09 52736 ----a-w- c:\windows\system32\atimpc32.dll
2010-11-26 02:09 . 2010-11-26 02:09 52736 ----a-w- c:\windows\system32\amdpcom32.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 90624]
"GRemoteServer Pro"="c:\program files\GBM\GRemote Pro\GRemoteServer.exe" [2010-07-29 2639840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-25 98304]

c:\users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Translate Client.lnk - c:\program files\Translate Client\translateclient.exe [2010-10-3 1511424]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Users^Martin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Automatické vypnutí počítače.lnk]
path=c:\users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Automatické vypnutí počítače.lnk
backup=c:\windows\pss\Automatické vypnutí počítače.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Martin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
path=c:\users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-15 20:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 02:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-07-22 20:10 402432 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avp32]
2005-04-23 05:12 0 ----a-w- c:\users\Martin\AppData\Roaming\avp32\avp32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 13:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2010-03-13 11:58 75048 ------w- c:\program files\CyberLink\Shared files\brs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F.lux]
2009-08-29 06:00 966656 ----a-w- c:\users\Martin\Local Settings\Apps\F.lux\flux.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2011-01-19 14:08 2736128 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2011-01-31 11:16 703360 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-05-14 09:32 1479680 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
2010-12-03 15:47 141368 ----a-w- c:\program files\Software602\Print2PDF\Print2PDF.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
2010-02-02 23:08 87336 ------w- c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-01-03 14:44 15028104 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 12:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2011-02-08 21:51 396664 ----a-w- c:\program files\uTorrent\uTorrent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2010-12-09 10:45 74752 ----a-w- c:\program files\Winamp\winampa.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe" /c

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Bonus.SSR.FR10"="c:\program files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" /autorun

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-09-28 136176]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-01-18 109328]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-27 1343400]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-04 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/12/13 13:49];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 11:58 87536]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S2 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [2010-05-07 814344]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-26 176128]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [2008-06-13 81920]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-11-26 6650368]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-11-26 231936]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [2008-06-13 2723840]
S3 GRemoteBus;GRemote virtual joystick Bus Enumerator;c:\windows\system32\DRIVERS\GRemoteBus.sys [2009-08-05 23368]
S3 GRemoteJoy;GRemote virtual joystick Device Driver;c:\windows\system32\DRIVERS\GRemoteJoy.sys [2009-08-05 39112]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2010-09-23 316192]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-01-19 14:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2011-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-29 10:16]

2011-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-29 10:16]

2011-02-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2981185802-78788489-3726673733-1001Core.job
- c:\users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-28 10:16]

2011-02-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2981185802-78788489-3726673733-1001UA.job
- c:\users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-28 10:16]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
IE: ????3?? - c:\users\Martin\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\Martin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\6kinjrd8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/ig?hl=cs&source=iglk
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
WebBrowser-{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSConfigStartUp-igndlm - c:\program files\Download Manager\DLM.exe
AddRemove-Banská Bystrica - 0:\program files\Cyklotrasy SK\Uninstal.exe
AddRemove-Dolná Nitra - Žitava - 0:\program files\Cyklotrasy SK\Uninstal.exe
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
AddRemove-{08DB3902-2CE0-474D-BCE3-0177766CE9F1} - c:\program files\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe
AddRemove-Bodvianska pahorkatina - 0:\program files\Cyklotrasy SK\Uninstal.exe
AddRemove-Krupinská Planina - 0:\program files\Cyklotrasy SK\Uninstal.exe
AddRemove-Kysuce a Javorníky - 0:\program files\Cyklotrasy SK\Uninstal.exe
AddRemove-Lago di Garda - 0:\program files\Cyklotrasy SK\Uninstal.exe
AddRemove-Levice a okolie - 0:\program files\Cyklotrasy SK\Uninstal.exe
AddRemove-Nízke Tatry - 0:\program files\Cyklotrasy SK\Uninstal.exe
AddRemove-Okolie Bratislavy - 0:\program files\Cyklotrasy SK\Uninstal.exe
AddRemove-Okolie Košic - 0:\program files\Cyklotrasy SK\Uninstal.exe
AddRemove-Okolie Lučenca - 0:\program files\Cyklotrasy SK\Uninstal.exe
AddRemove-Okolie Nitry - 0:\program files\Cyklotrasy SK\Uninstal.exe
AddRemove-Orava a Liptov - 0:\program files\Cyklotrasy SK\Uninstal.exe
AddRemove-Považie - 0:\program files\Cyklotrasy SK\Uninstal.exe
AddRemove-Stredné Považie - 0:\program files\Cyklotrasy SK\Uninstal.exe
AddRemove-Veľká Fatra - 0:\program files\Cyklotrasy SK\Uninstal.exe
AddRemove-Volovské vrchy a Slovenský kras - 0:\program files\Cyklotrasy SK\Uninstal.exe
AddRemove-Vysoké a Západné Tatry - 0:\program files\Cyklotrasy SK\Uninstal.exe

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-2981185802-78788489-3726673733-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@Allowed: (Read) (RestrictedCode)
@="c:\\Users\\Martin\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022

[HKEY_USERS\S-1-5-21-2981185802-78788489-3726673733-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@Allowed: (Read) (RestrictedCode)
@="c:\\Users\\Martin\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3

[HKEY_USERS\S-1-5-21-2981185802-78788489-3726673733-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{76C08898-39C3-767D-8CD1-78F306B0D0AC}*]
"eafjehpkji"=hex:61,63,70,66,6a,6c,6d,6c,62,65,6d,6a,63,6d,6f,69,6e,6b,65,62,
6b,62,68,6d,69,64,6b,6a,62,65,6c,63,6f,64,70,6f,6c,6b,6a,66,6d,69,6a,64,61,\

[HKEY_USERS\S-1-5-21-2981185802-78788489-3726673733-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E8E1302B-D8F3-2E63-7DCF-E55DA41D3EF1}*]
"hakkagamphbpkggm"=hex:69,61,6f,6f,6d,63,61,62,68,65,6d,62,6a,67,63,66,63,6b,
00,77

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:0000002e

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-02-15 18:10:34
ComboFix-quarantined-files.txt 2011-02-15 17:10

Před spuštěním: Volných bajtů: 155 772 608 512
Po spuštění: Volných bajtů: 155 690 045 440

- - End Of File - - 9FBAFF16369B61172F1B2963E5E57C57

#8 Příspěvek od **vyosek** » 15 úno 2011 18:39

Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)

c:\users\Martin\AppData\Roaming\avp32\avp32.exe
Kliknete na Prochazet
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Send File
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

metrix.m · #9 Příspěvek od **metrix.m** » 15 úno 2011 21:06

myslím že se jedná o program Automatické Vypnutí Počítače http://www.slunecnice.cz/sw/automaticke ... -pocitace/ ale nejsem si jist, je možné že se jedná o nějaký trojan, ale všiml jsem si ho již dříve v CCleaneru (byl vyplý)

bohužél se mi nepodařilo soubor odeslat na VirusTotal, zdá se že se snaží soubor načíst, ale bohužél se mu to nedaří. Pokud se podívam na jeho hodnotu tak má veliKost 0kB

EDIT: bohužél se opět objevil problémová hláška při spuštění : nepodařilo se připojení ke službě systému windows

#10 Příspěvek od **vyosek** » 15 úno 2011 23:46

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

RegLock::
[HKEY_USERS\S-1-5-21-2981185802-78788489-3726673733-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
[HKEY_USERS\S-1-5-21-2981185802-78788489-3726673733-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
[HKEY_USERS\S-1-5-21-2981185802-78788489-3726673733-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{76C08898-39C3-767D-8CD1-78F306B0D0AC}*]
[HKEY_USERS\S-1-5-21-2981185802-78788489-3726673733-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E8E1302B-D8F3-2E63-7DCF-E55DA41D3EF1}*]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

RegLockDel::
[HKEY_USERS\S-1-5-21-2981185802-78788489-3726673733-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
[HKEY_USERS\S-1-5-21-2981185802-78788489-3726673733-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
[HKEY_USERS\S-1-5-21-2981185802-78788489-3726673733-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{76C08898-39C3-767D-8CD1-78F306B0D0AC}*]
[HKEY_USERS\S-1-5-21-2981185802-78788489-3726673733-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E8E1302B-D8F3-2E63-7DCF-E55DA41D3EF1}*]

RegNull::
[HKEY_USERS\S-1-5-21-2981185802-78788489-3726673733-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
[HKEY_USERS\S-1-5-21-2981185802-78788489-3726673733-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
[HKEY_USERS\S-1-5-21-2981185802-78788489-3726673733-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{76C08898-39C3-767D-8CD1-78F306B0D0AC}*]
[HKEY_USERS\S-1-5-21-2981185802-78788489-3726673733-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E8E1302B-D8F3-2E63-7DCF-E55DA41D3EF1}*]

DDS::
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: ????3?? - c:\users\Martin\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\Martin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2981185802-78788489-3726673733-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2981185802-78788489-3726673733-1001UA.job

Folder::
c:\users\Martin\Local Settings\Apps\F.lux

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F.lux]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

VIRY.CZ

zpomalení spuštění ntb

zpomalení spuštění ntb

Re: zpomalení spuštění ntb

Re: zpomalení spuštění ntb

Re: zpomalení spuštění ntb

Re: zpomalení spuštění ntb

Re: zpomalení spuštění ntb

Re: zpomalení spuštění ntb

Re: zpomalení spuštění ntb

Re: zpomalení spuštění ntb

Re: zpomalení spuštění ntb