Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zamrza

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
WIAL
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 05 říj 2007 09:14

Zamrza

#1 Příspěvek od WIAL »

Pocítac se casto zasekne, pet minut nepouzitelny

Logfile of random's system information tool 1.08 (written by random/random)
Run by fr0648 at 2011-03-31 06:35:44
Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (11%) free of 12 GB
Total RAM: 1023 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:36:06, on 31.3.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINNT\system32\nvsvc32.exe
C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe
C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
C:\Program Files\Sophos\Remote Management System\RouterNT.exe
C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
C:\WINNT\Explorer.EXE
C:\WINNT\SOUNDMAN.EXE
C:\WINNT\ALCWZRD.EXE
C:\WINNT\AGRSMMSG.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINNT\system32\wuauclt.exe
C:\WINNT\system32\msiexec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Documents and Settings\fr0648\Desktop\RSIT.exe
C:\Program Files\trend micro\fr0648.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: Sophos Web Content Scanner - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files\Sophos\Sophos Anti-Virus\SophosBHO.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINNT\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINNT\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINNT\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINNT\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINNT\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINNT\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINNT\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Documents and Settings\fr0648\Local Settings\Application Data\Seznam.cz\listicka.dll (HKCU)
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Documents and Settings\fr0648\Local Settings\Application Data\Seznam.cz\listicka.dll (HKCU)
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Documents and Settings\fr0648\Local Settings\Application Data\Seznam.cz\listicka.dll (HKCU)
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Documents and Settings\fr0648\Local Settings\Application Data\Seznam.cz\listicka.dll (HKCU)
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} - http://antivir.tcz.tatung/officescan/Cl ... nNTChk.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} - http://antivir.tcz.tatung/officescan/cl ... /setup.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} - http://antivir.tcz.tatung/officescan/cl ... veCtrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4559950847
O16 - DPF: {e79bc654-8fc6-4bb9-bfb8-8860779ae213} (Oracle JInitiator 1.1.8.24) -
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = tcz.tatung
O17 - HKLM\Software\..\Telephony: DomainName = tcz.tatung
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = tcz.tatung
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = tcz.tatung
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\System32\browseui.dll
O23 - Service: ASWLSVC - Unknown owner - C:\WINNT\system32\ASWLSVC.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: OracleClientCache80 - Unknown owner - C:\orant\BIN\ONRSD80.EXE
O23 - Service: Sophos Anti-Virus status reporter (SAVAdminService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: Sophos Agent - Sophos Plc - C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe
O23 - Service: Sophos AutoUpdate Service - Sophos Plc - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: Sophos Message Router - Sophos Plc - C:\Program Files\Sophos\Remote Management System\RouterNT.exe

--
End of file - 9755 bytes

======Scheduled tasks folder======

C:\WINNT\tasks\GoogleUpdateTaskMachineCore.job
C:\WINNT\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-06-07 399352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL [2007-03-30 722472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39EA7695-B3F2-4C44-A4BC-297ADA8FD235}]
Sophos Web Content Scanner - C:\Program Files\Sophos\Sophos Anti-Virus\SophosBHO.dll [2010-06-04 244776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-06-07 399352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINNT\IME\imjp8_1\IMJPMIG.EXE [2004-08-03 208952]
"PHIME2002ASync"=C:\WINNT\System32\IME\TINTLGNT\TINTSETP.EXE [2002-08-28 455168]
"PHIME2002A"=C:\WINNT\System32\IME\TINTLGNT\TINTSETP.EXE [2002-08-28 455168]
"NvCplDaemon"=C:\WINNT\system32\NvCpl.dll [2005-10-10 7286784]
"nwiz"=nwiz.exe /install []
"CTHelper"=C:\WINNT\system32\CTHELPER.EXE [2003-10-06 24576]
"High Definition Audio Property Page Shortcut"=C:\WINNT\system32\HDAShCut.exe [2005-01-07 61952]
"SoundMan"=C:\WINNT\SOUNDMAN.EXE [2005-09-21 86016]
"AlcWzrd"=C:\WINNT\ALCWZRD.EXE [2005-12-13 2809856]
"NvMediaCenter"=C:\WINNT\system32\NvMcTray.dll [2005-10-10 86016]
"AGRSMMSG"=C:\WINNT\AGRSMMSG.exe [2004-06-29 88363]
"Control Center"=C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2006-03-02 1667584]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINNT\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2007-03-30 25263144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINNT\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoUpdate Monitor.lnk]
C:\PROGRA~1\Sophos\AUTOUP~1\ALMon.exe [2009-07-02 245760]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINNT\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINNT\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SAVService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"disablecad"=1
"dontdisplaylockeduserid"=3

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINNT\system32\sessmgr.exe"="C:\WINNT\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\WINNT\system32\sessmgr.exe"="C:\WINNT\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

======List of files/folders created in the last 1 months======

2011-03-31 06:35:44 ----D---- C:\rsit
2011-03-28 10:26:14 ----D---- C:\Program Files\Common Files\DESIGNER
2011-03-28 10:23:01 ----D---- C:\Program Files\Microsoft Analysis Services
2011-03-28 10:22:36 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2011-03-28 10:21:00 ----RHD---- C:\MSOCache
2011-03-28 10:05:51 ----D---- C:\WINNT\pss
2011-03-28 10:04:28 ----A---- C:\WINNT\system32\javaws.exe
2011-03-28 10:04:28 ----A---- C:\WINNT\system32\javaw.exe
2011-03-28 10:04:28 ----A---- C:\WINNT\system32\java.exe
2011-03-22 12:39:41 ----N---- C:\WINNT\Setup1.exe
2011-03-22 12:39:40 ----A---- C:\WINNT\ST6UNST.EXE
2011-03-22 12:39:39 ----A---- C:\WINNT\system32\VB6STKIT.DLL
2011-03-22 12:39:38 ----D---- C:\aswinstal
2011-03-22 07:16:07 ----A---- C:\WINNT\IE4 Error Log.txt

======List of files/folders modified in the last 1 months======

2011-03-31 06:36:06 ----D---- C:\Program Files\Trend Micro
2011-03-31 06:35:59 ----D---- C:\TEMP
2011-03-31 06:35:53 ----D---- C:\WINNT\Prefetch
2011-03-31 06:32:51 ----D---- C:\Documents and Settings\fr0648\Application Data\Skype
2011-03-31 06:32:17 ----D---- C:\Program Files\Google
2011-03-31 06:32:17 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2011-03-31 06:32:15 ----SHD---- C:\WINNT\Installer
2011-03-31 06:30:55 ----D---- C:\WINNT\system32\Lang
2011-03-31 06:15:39 ----D---- C:\WINNT\system32
2011-03-30 16:00:53 ----A---- C:\WINNT\SchedLgU.Txt
2011-03-29 10:24:43 ----SD---- C:\Documents and Settings\fr0648\Application Data\Microsoft
2011-03-28 10:33:03 ----D---- C:\WINNT\Microsoft.NET
2011-03-28 10:32:49 ----RSD---- C:\WINNT\assembly
2011-03-28 10:31:38 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-03-28 10:31:33 ----HD---- C:\WINNT\inf
2011-03-28 10:31:11 ----D---- C:\WINNT\SHELLNEW
2011-03-28 10:30:38 ----A---- C:\WINNT\win.ini
2011-03-28 10:30:34 ----D---- C:\Program Files\Common Files\System
2011-03-28 10:27:44 ----D---- C:\WINNT\system32\config
2011-03-28 10:26:53 ----RSD---- C:\WINNT\Fonts
2011-03-28 10:26:27 ----D---- C:\WINNT\WinSxS
2011-03-28 10:26:14 ----D---- C:\Program Files\Common Files
2011-03-28 10:25:36 ----D---- C:\Program Files\Microsoft Office
2011-03-28 10:25:35 ----D---- C:\Program Files\Microsoft.NET
2011-03-28 10:25:10 ----RD---- C:\Program Files
2011-03-28 10:06:22 ----RASH---- C:\boot.ini
2011-03-28 10:06:22 ----A---- C:\WINNT\system.ini
2011-03-28 10:05:51 ----D---- C:\WINNT
2011-03-28 10:05:13 ----D---- C:\Program Files\Common Files\Java
2011-03-28 10:04:25 ----D---- C:\Program Files\Java
2011-03-28 07:27:38 ----A---- C:\WINNT\system32\PerfStringBackup.INI
2011-03-22 08:55:58 ----D---- C:\WINNT\system32\CatRoot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Intel AGP Bus Filter; C:\WINNT\System32\DRIVERS\agp440.sys [2008-04-14 42368]
R0 ohci1394;VIA OHCI Compliant IEEE 1394 Host Controller; C:\WINNT\System32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R1 intelppm;Intel Processor Driver; C:\WINNT\System32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINNT\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SAVOnAccessControl;SAVOnAccessControl; C:\WINNT\system32\DRIVERS\savonaccesscontrol.sys [2010-06-04 111232]
R1 SAVOnAccessFilter;SAVOnAccessFilter; C:\WINNT\system32\DRIVERS\savonaccessfilter.sys [2010-06-04 38912]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINNT\system32\DRIVERS\AegisP.sys [2007-03-20 20747]
R2 Fallback;Fallback; C:\WINNT\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
R2 Fsks;Fsks; C:\WINNT\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
R2 K56;K56; C:\WINNT\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
R2 mdmxsdk;mdmxsdk; C:\WINNT\System32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 PfModNT;PfModNT; \??\C:\WINNT\system32\drivers\PfModNT.sys []
R2 SoftFax;SoftFax; C:\WINNT\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
R2 Tones;Tones; C:\WINNT\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
R2 V124;V124; C:\WINNT\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINNT\system32\DRIVERS\AGRSM.sys [2004-06-29 1268204]
R3 Cap7134;ASUS TV7134 WDM Video Capture; C:\WINNT\system32\DRIVERS\Cap7134.sys [2004-05-21 334432]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINNT\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINNT\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINNT\system32\drivers\RtkHDAud.sys [2005-12-19 4127232]
R3 mouhid;Mouse HID Driver; C:\WINNT\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINNT\System32\DRIVERS\nv4_mini.sys [2005-10-10 3530432]
R3 PhTVTune;ASUS WDM TV Tuner; C:\WINNT\system32\DRIVERS\PhTVTune.sys [2003-07-18 24608]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINNT\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINNT\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;USB Mass Storage Driver; C:\WINNT\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINNT\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Arp1394;1394 ARP Client Protocol; C:\WINNT\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 basic2;basic2; C:\WINNT\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
S3 BCM43XX;ASUS 802.11 ovladač síťového adaptéru; C:\WINNT\system32\DRIVERS\bcmwl5.sys [2005-02-11 371712]
S3 CCDECODE;Closed Caption Decoder; C:\WINNT\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 ctac32k;Creative AC3 Software Decoder; C:\WINNT\system32\drivers\ctac32k.sys [2003-05-28 135040]
S3 ctaud2k;Creative Audio Driver (WDM); C:\WINNT\system32\drivers\ctaud2k.sys [2004-01-30 497696]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINNT\system32\drivers\ctdvda2k.sys [2003-03-27 287920]
S3 ctprxy2k;Creative Proxy Driver; C:\WINNT\system32\drivers\ctprxy2k.sys [2003-05-28 6144]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINNT\system32\drivers\ctsfm2k.sys [2003-05-28 135248]
S3 emupia;E-mu Plug-in Architecture Driver; C:\WINNT\system32\drivers\emupia2k.sys [2003-05-28 116000]
S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINNT\system32\drivers\ha10kx2k.sys [2003-05-28 822928]
S3 hap16v2k;Creative P16V HAL Driver; C:\WINNT\system32\drivers\hap16v2k.sys [2003-05-28 139968]
S3 hcwPVRP2;Hauppauge WinTV-PVR PCI II (Encoder-16); C:\WINNT\system32\DRIVERS\hcwPVRP2.sys [2004-10-27 819712]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINNT\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HSF_DP;HSF_DP; C:\WINNT\system32\DRIVERS\HSF_DP.sys [2003-11-13 1042816]
S3 hsf_msft;hsf_msft; C:\WINNT\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
S3 HSFHWBS2;HSFHWBS2; C:\WINNT\system32\DRIVERS\HSFHWBS2.sys [2003-11-13 210304]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINNT\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINNT\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINNT\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NIC1394;1394 Net Driver; C:\WINNT\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 ossrv;Creative OS Services Driver; C:\WINNT\system32\drivers\ctoss2k.sys [2003-05-28 184656]
S3 PRISM_A00;Intersil PRISM 802.11a/g Driver; C:\WINNT\system32\DRIVERS\PRISMA00.sys [2003-08-14 363008]
S3 Rksample;Rksample; C:\WINNT\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
S3 SLIP;BDA Slip De-Framer; C:\WINNT\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINNT\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USB Wireless USB Adapter(R);USB Wireless USB Adapter(R) Service for Wireless USB Adapter; C:\WINNT\system32\DRIVERS\vnetusbr.sys [2002-08-06 87168]
S3 winachsf;winachsf; C:\WINNT\system32\DRIVERS\HSF_CNXT.sys [2003-11-13 679808]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINNT\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINNT\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINNT\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 SophosBootDriver;SophosBootDriver; C:\WINNT\system32\DRIVERS\SophosBootDriver.sys [2009-04-03 14976]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe [2008-06-13 81920]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINNT\system32\nvsvc32.exe [2005-10-10 131139]
R2 SAVAdminService;Sophos Anti-Virus status reporter; C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2009-10-30 80936]
R2 SAVService;Sophos Anti-Virus; C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe [2009-04-03 98304]
R2 Sophos Agent;Sophos Agent; C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe [2010-06-04 266240]
R2 Sophos AutoUpdate Service;Sophos AutoUpdate Service; C:\Program Files\Sophos\AutoUpdate\ALsvc.exe [2010-06-04 172032]
R2 Sophos Message Router;Sophos Message Router; C:\Program Files\Sophos\Remote Management System\RouterNT.exe [2010-06-04 794624]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe [2008-06-13 2723840]
S2 ASWLSVC;ASWLSVC; C:\WINNT\system32\ASWLSVC.exe [2004-05-06 496640]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINNT\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 OracleClientCache80;OracleClientCache80; C:\orant\BIN\ONRSD80.EXE [1998-06-10 95744]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINNT\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.08 2011-03-31 06:36:08

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINNT\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINNT\system32\Macromed\Flash\FlashUtil10o_ActiveX.exe -maintain activex
Adobe Reader 7.0.9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
Adobe Reader Chinese Traditional Fonts-->MsiExec.exe /I{AC76BA86-7AD7-2448-5A64-7E8A45000001}
Adobe Reader Korean Fonts-->MsiExec.exe /I{AC76BA86-7AD7-5670-0000-7E8A45000001}
Agere Systems PCI Soft Modem-->agrsmdel
ASUS WLAN Card Utilities/Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8F722FA9-B994-4C9B-B292-FD32D6206EDF}\Setup.exe" -l0x9
BDE (Borland Database Engine)-->C:\WINNT\uninst.exe -fC:\SFIS\BDE\DeIsL1.isu -cC:\SFIS\BDE\_ISREG32.DLL
BSPlayer-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
Codec Pack - All In 1 6.0.2.6-->C:\WINNT\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Creative Driver-->C:\WINNT\system32\ctdrvins /s /u
Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINNT\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Firebird 2.1.1.17910 (Win32)-->"C:\Program Files\Firebird\Firebird_2_1\unins000.exe"
Free DWG Viewer 5.3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}\Setup.exe" -l0x9
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
High Definition Audio Driver Package - KB888111-->"C:\WINNT\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HighMAT Extension to Microsoft Windows XP CD Writing Wizard-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINNT\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINNT\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINNT\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINNT\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINNT\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINNT\$NtUninstallKB961118$\spuninst\spuninst.exe"
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
J2SE Runtime Environment 5.0 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 24-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINNT\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Base Smart Card Cryptographic Service Provider Package-->"C:\WINNT\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINNT\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft ODBC .NET Data Provider-->MsiExec.exe /I{6868B3BD-0642-442C-A542-28716AA6DD2D}
Microsoft Office Excel MUI (English) 2010-->MsiExec.exe /X{90140000-0016-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2010-->MsiExec.exe /X{90140000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2010-->MsiExec.exe /X{90140000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2010-->MsiExec.exe /X{90140000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2010-->MsiExec.exe /X{90140000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2010-->MsiExec.exe /X{90140000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2010-->MsiExec.exe /X{90140000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2010-->MsiExec.exe /X{90140000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0115-0409-0000-0000000FF1CE}
Microsoft Office Standard 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall STANDARD /dll OSETUP.DLL
Microsoft Office Standard 2010-->MsiExec.exe /X{90140000-0012-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2010-->MsiExec.exe /X{90140000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINNT\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Miranda IM-->"C:\Program Files\Miranda IM\Uninstall\unins000.exe"
MRP-KS, účetní systém - zkušební verze-->C:\PROGRA~1\MRP\DEMO\MRPKS\UNINSTAL.EXE C:\PROGRA~1\MRP\DEMO\MRPKS\INSTALL.LOG
MSI to redistribute MS VS2005 CRT libraries-->MsiExec.exe /I{A8D93648-9F7F-407D-915C-62044644C3DA}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NVIDIA Drivers-->C:\WINNT\system32\nvudisp.exe UninstallGUI
Oracle JInitiator 1.1.8.24-->C:\PROGRA~1\Oracle\JINITI~1.24\bin\uninstall.exe C:\WINNT\uninst.exe -f"C:\PROGRA~1\Oracle\JINITI~1.24\DeIsL1.isu" -cC:\PROGRA~1\Oracle\JINITI~1.24\_ISREG32.DLL
PDFCreator 0.8.0-->C:\Program Files\PDFCreator\unins000.exe
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x5 -removeonly
Security Update for Windows Media Player (KB952069)-->"C:\WINNT\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINNT\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINNT\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINNT\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINNT\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINNT\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINNT\system32\MacroMed\Flash\genuinst.exe C:\WINNT\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464-v2)-->"C:\WINNT\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINNT\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINNT\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINNT\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINNT\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINNT\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINNT\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINNT\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINNT\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINNT\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINNT\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINNT\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINNT\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINNT\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINNT\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINNT\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINNT\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINNT\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINNT\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINNT\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINNT\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINNT\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINNT\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINNT\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINNT\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINNT\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB963027)-->"C:\WINNT\$NtUninstallKB963027$\spuninst\spuninst.exe"
Skype 3.1-->"C:\Program Files\Skype\Phone\unins000.exe"
Skype add-on for IE-->rundll32 "C:\Program Files\Skype\Phone\IEPlugin\SkypeIEPlugin.dll",FriendlyUnregisterServer 0
Skype Plugin Manager-->MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}
SopCast 1.1.2-->C:\Program Files\SopCast\uninst.exe
Sophos Anti-Virus-->MsiExec.exe /X{034759DA-E21A-4795-BFB3-C66D17FAD183}
Sophos AutoUpdate-->MsiExec.exe /X{15C418EB-7675-42BE-B2B3-281952DA014D}
Sophos Remote Management System-->MsiExec.exe /X{FF11005D-CBC8-45D5-A288-25C7BB304121}
Total Commander (Remove or Repair)-->c:\TotalCMD\tcuninst.exe
Update for Windows XP (KB943729)-->"C:\WINNT\$NtUninstallKB943729$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINNT\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINNT\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINNT\$NtUninstallKB967715$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINNT\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINNT\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows PowerShell(TM) 1.0-->"C:\WINNT\$NtUninstallKB926139-v2$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINNT\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

======Security center information======

AV: Sophos Anti-Virus

======System event log======

Computer Name: TCZ0648WKS
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 26562
Source Name: Tcpip
Time Written: 20110112072833.000000+060
Event Type: warning
User:

Computer Name: TCZ0648WKS
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 26509
Source Name: Tcpip
Time Written: 20110111074340.000000+060
Event Type: warning
User:

Computer Name: TCZ0648WKS
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 26471
Source Name: Tcpip
Time Written: 20110110123338.000000+060
Event Type: warning
User:

Computer Name: TCZ0648WKS
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 26462
Source Name: Tcpip
Time Written: 20110110075232.000000+060
Event Type: warning
User:

Computer Name: TCZ0648WKS
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 26457
Source Name: Tcpip
Time Written: 20110110072831.000000+060
Event Type: warning
User:

=====Application event log=====

Computer Name: TCZ0648WKS
Event Code: 1085
Message: The Group Policy client-side extension Security failed to execute. Please look for any errors reported earlier by that extension.

Record Number: 5360
Source Name: Userenv
Time Written: 20071002070616.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM

Computer Name: TCZ0648WKS
Event Code: 1202
Message: Security policies were propagated with warning.
0x534 : No mapping between account names and security IDs was done.

For best results in resolving this event, log on with a non-administrative account and search http://support.microsoft.com for "Troubleshooting Event 1202's".

A user account in one or more Group Policy objects (GPOs) could not be resolved to a SID. This error is possibly caused by a mistyped or deleted user account referenced in either the User Rights or Restricted Groups branch of a GPO. To resolve this event, contact an administrator in the domain to perform the following actions:

1. Identify accounts that could not be resolved to a SID:

From the command prompt, type: FIND /I "Cannot find" %SYSTEMROOT%\Security\Logs\winlogon.log

The string following "Cannot find" in the FIND output identifies the problem account names.
Example: Cannot find JohnDough.
In this case, the SID for username "JohnDough" could not be determined. This most likely occurrs because the account was deleted, renamed, or is spelled differently (e.g. "JohnDoe").
2. Use RSoP to identify the specific User Rights, Restricted Groups, and Source GPOs that contain the problem accounts:
a. Start-> Run-> MMC.Exe
b. From the File Menu, select "Add/Remove Snap-in"
c. From the "Add/Remove Snap-in" dialog box select "Add…"
d. In the "Add Standalone Snap-in" dialog box select "Resultant Set of Policy" and click "Add"
e. Select "Close" then "OK" to return to the newly added Snap-in
f. In the scope pane, Right-click on the Resultant Set of Policy node and select "Generate RSoP Data…"
g. As you proceed through the RSoP wizard, select the following options:
i. Logging Mode
ii. This Computer (or Another Computer if you are performing the operation remotely).
iii. Do not display user policy settings in the results (display computer policy settings only)
Then click Finish to generate the RSoP data.
h. Review the results for Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment and Computer configuration\Windows Settings\Security Settings\Local Policies\Restricted Groups for any errors flagged with a Red X.
i. For any User Right or Restricted Group marked with a Red X, the corresponding GPO that contains the problem policy setting is listed under the column entitled "Source GPO". Note the specific User Rights, Restricted Groups and containing Source GPOs that are generating errors.
3. Remove unresolved accounts from Group Policy
a. Start -> Run -> MMC.EXE
b. From the File menu select "Add/Remove Snap-in…"
c. From the "Add/Remove Snap-in" dialog box select "Add…"
d. In the "Add Standalone Snap-in" dialog box select "Group Policy" and click "Add"
e. In the "Select Group Policy Object" dialog box click the "Browse" button.
f. On the "Browse for a Group Policy Object" dialog box choose the "All" tab
g. For each source GPO identified in step 2, correct the specific User Rights or Restricted Groups that were flagged with a Red X in step 2. These User Rights or Restricted Groups can be corrected by removing or correcting any references to the problem accounts that were identified in step 1.

Record Number: 5359
Source Name: SceCli
Time Written: 20071002070616.000000+120
Event Type: warning
User:

Computer Name: TCZ0648WKS
Event Code: 1085
Message: The Group Policy client-side extension Security failed to execute. Please look for any errors reported earlier by that extension.

Record Number: 5358
Source Name: Userenv
Time Written: 20071002053612.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM

Computer Name: TCZ0648WKS
Event Code: 1202
Message: Security policies were propagated with warning.
0x534 : No mapping between account names and security IDs was done.

For best results in resolving this event, log on with a non-administrative account and search http://support.microsoft.com for "Troubleshooting Event 1202's".

A user account in one or more Group Policy objects (GPOs) could not be resolved to a SID. This error is possibly caused by a mistyped or deleted user account referenced in either the User Rights or Restricted Groups branch of a GPO. To resolve this event, contact an administrator in the domain to perform the following actions:

1. Identify accounts that could not be resolved to a SID:

From the command prompt, type: FIND /I "Cannot find" %SYSTEMROOT%\Security\Logs\winlogon.log

The string following "Cannot find" in the FIND output identifies the problem account names.
Example: Cannot find JohnDough.
In this case, the SID for username "JohnDough" could not be determined. This most likely occurrs because the account was deleted, renamed, or is spelled differently (e.g. "JohnDoe").
2. Use RSoP to identify the specific User Rights, Restricted Groups, and Source GPOs that contain the problem accounts:
a. Start-> Run-> MMC.Exe
b. From the File Menu, select "Add/Remove Snap-in"
c. From the "Add/Remove Snap-in" dialog box select "Add…"
d. In the "Add Standalone Snap-in" dialog box select "Resultant Set of Policy" and click "Add"
e. Select "Close" then "OK" to return to the newly added Snap-in
f. In the scope pane, Right-click on the Resultant Set of Policy node and select "Generate RSoP Data…"
g. As you proceed through the RSoP wizard, select the following options:
i. Logging Mode
ii. This Computer (or Another Computer if you are performing the operation remotely).
iii. Do not display user policy settings in the results (display computer policy settings only)
Then click Finish to generate the RSoP data.
h. Review the results for Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment and Computer configuration\Windows Settings\Security Settings\Local Policies\Restricted Groups for any errors flagged with a Red X.
i. For any User Right or Restricted Group marked with a Red X, the corresponding GPO that contains the problem policy setting is listed under the column entitled "Source GPO". Note the specific User Rights, Restricted Groups and containing Source GPOs that are generating errors.
3. Remove unresolved accounts from Group Policy
a. Start -> Run -> MMC.EXE
b. From the File menu select "Add/Remove Snap-in…"
c. From the "Add/Remove Snap-in" dialog box select "Add…"
d. In the "Add Standalone Snap-in" dialog box select "Group Policy" and click "Add"
e. In the "Select Group Policy Object" dialog box click the "Browse" button.
f. On the "Browse for a Group Policy Object" dialog box choose the "All" tab
g. For each source GPO identified in step 2, correct the specific User Rights or Restricted Groups that were flagged with a Red X in step 2. These User Rights or Restricted Groups can be corrected by removing or correcting any references to the problem accounts that were identified in step 1.

Record Number: 5357
Source Name: SceCli
Time Written: 20071002053611.000000+120
Event Type: warning
User:

Computer Name: TCZ0648WKS
Event Code: 1085
Message: The Group Policy client-side extension Security failed to execute. Please look for any errors reported earlier by that extension.

Record Number: 5356
Source Name: Userenv
Time Written: 20071002040610.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=C:\orant\bin;C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem;C:\WINNT\system32\WindowsPowerShell\v1.0
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=0403
"TEMP"=%SYSTEMDRIVE%\TEMP
"TMP"=%SYSTEMDRIVE%\TEMP
"windir"=%SystemRoot%

-----------------EOF-----------------
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15700
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Zamrza

#2 Příspěvek od JaRon »

v logu nevidim nic zavadne - ak mas pocir, ze pocitac by mohol byt zavireny mozes pre istotu prescanovat s AVPTool ,,,
mam vsak pocir, ze problem je niekde inde:
System drive C: has 1 GB (11%) free of 12 GB
najprv uvolni miesto na disku - aby bolo volne 2GB - potom otestuj disk programom HDTune - obrazok z casti benchmark vloz +
pozri health status a prescanuj error
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“