Prosím o kontrolu logu

Zpráva

825 · #1 Příspěvek od **825** » 26 pro 2011 01:13

Dobrý den,
prosím o kontrolu logu jede mi pomalu notebook a nevim jestli tam něco nemám. děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Zucchi at 2011-12-26 01:10:11
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 38 GB (50%) free of 76 GB
Total RAM: 2038 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:12:25, on 26.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Documents and Settings\Zucchi\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\RSIT.exe
C:\Program Files\trend micro\Zucchi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {675002D7-149C-5C2F-2300-7EED44012BE2} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Zástupce - Switcher.lnk = C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - Global Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: RailNotification - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - C:\Program Files\Stardock\ObjectDockPlus2\ODMenu.dll
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

--
End of file - 6541 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{675002D7-149C-5C2F-2300-7EED44012BE2}]
Groove GFS Browser Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-05 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-11-05 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SonyPowerCfg"=C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2006-03-09 217088]
"LogonStudio"=C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe [2002-09-03 987187]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2008-08-01 200704]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2008-03-01 1443072]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 171008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2010-10-25 821144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2010-10-25 36760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe [2011-11-17 2773328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViGlance]
C:\Program Files\ViGlance\ViGlance.exe [2011-10-21 446464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinClicker.exe]
C:\Program Files\Salling Software AB\Salling Clicker\WinClicker.exe [2007-05-11 1150976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [2006-02-02 1753088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Zucchi^Nabídka Start^Programy^Po spuštění^Stardock ObjectDock.lnk]
C:\PROGRA~1\Stardock\OBJECT~2\OBJECT~1.EXE [2010-10-12 4142448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"osppsvc"=3
"ose"=3
"OODefragAgent"=2
"gupdatem"=3
"gupdate"=2
"Apple Mobile Device"=2

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe

C:\Documents and Settings\Zucchi\Nabídka Start\Programy\Po spuštění
Zástupce - Switcher.lnk - C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\WINDOWS\system32\fusstub.dll [2006-02-22 39936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RailNotification]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\WINDOWS\system32\VESWinlogon.dll [2006-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2010-01-14 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2010-01-14 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - C:\Program Files\Stardock\ObjectDockPlus2\ODMenu.dll [2010-03-24 511344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2010-01-14 304128]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
fusstub

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\Zucchi\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\tinyumbrella-5.00.12a.exe"="C:\Documents and Settings\Zucchi\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\tinyumbrella-5.00.12a.exe:*:Enabled:TinyUmbrella - Save your SHSH!"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Salling Software AB\Salling Clicker\WinClicker.exe"="C:\Program Files\Salling Software AB\Salling Clicker\WinClicker.exe:*:Enabled:WinClicker.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Zucchi\Plocha\utorrent-portable\utorrent.exe"="C:\Documents and Settings\Zucchi\Plocha\utorrent-portable\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Zucchi\Dokumenty\utorrent-portable\utorrent.exe"="C:\Documents and Settings\Zucchi\Dokumenty\utorrent-portable\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\SmartFTP Client\SmartFTP.exe"="C:\Program Files\SmartFTP Client\SmartFTP.exe:*:Enabled:SmartFTP Client 4.0"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.dvsd"=C:\PROGRA~1\COMMON~1\SONYSH~1\VideoLib\sonydv.dll
"vidc.tscc"=tsccvid.dll

======List of files/folders created in the last 1 month======

2011-12-25 16:19:29 ----D---- C:\Program Files\ImTOO
2011-12-24 17:24:17 ----D---- C:\Documents and Settings\Zucchi\Data aplikací\AnvSoft
2011-12-24 17:16:54 ----D---- C:\WINDOWS\system32\tfc
2011-12-24 17:00:19 ----D---- C:\Program Files\VLCRemote
2011-12-21 23:53:17 ----D---- C:\Documents and Settings\Zucchi\Data aplikací\SmartFTP
2011-12-21 23:51:03 ----D---- C:\Program Files\SmartFTP Client
2011-12-21 23:50:19 ----D---- C:\Program Files\SmartFTP Client 4.0 Setup Files
2011-12-21 20:37:37 ----D---- C:\Program Files\WYSIWYG Web Builder 8 UNICODE
2011-12-20 15:29:40 ----D---- C:\Program Files\EAGLE-5.8.0
2011-12-20 15:29:32 ----D---- C:\Documents and Settings\Zucchi\Data aplikací\CadSoft
2011-12-17 21:37:28 ----A---- C:\LOGFILE.TXT
2011-12-17 21:37:15 ----D---- C:\Documents and Settings\Zucchi\Data aplikací\LangSoft
2011-12-17 21:37:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\LangSoft
2011-12-17 21:29:01 ----A---- C:\WINDOWS\system32\cdintf400.dll
2011-12-17 21:28:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Broderbund Software
2011-12-17 21:10:18 ----D---- C:\Program Files\Calendar Creator
2011-12-17 09:19:28 ----D---- C:\Programs
2011-12-15 01:01:49 ----D---- C:\Program Files\Magnus
2011-12-15 00:58:29 ----D---- C:\Program Files\ViaVoiceTTS
2011-12-15 00:58:28 ----A---- C:\WINDOWS\system32\rotest.txt
2011-12-15 00:57:28 ----D---- C:\WINDOWS\lhsp
2011-12-15 00:56:53 ----D---- C:\WINDOWS\speech
2011-12-14 22:42:11 ----D---- C:\SLOVNIK
2011-12-14 22:42:11 ----A---- C:\WINDOWS\UNISTB16.EXE
2011-12-14 21:58:13 ----A---- C:\WINDOWS\zipinst.exe
2011-12-13 23:18:56 ----A---- C:\WINDOWS\iun6002.exe
2011-12-12 22:42:46 ----A---- C:\WINDOWS\system32\tsccvid.dll
2011-12-12 22:42:23 ----A---- C:\WINDOWS\system32\zlib1.dll
2011-12-12 22:42:23 ----A---- C:\WINDOWS\system32\bwplay.exe
2011-12-12 22:42:22 ----A---- C:\WINDOWS\system32\unzip32.dll
2011-12-12 22:42:21 ----A---- C:\WINDOWS\system32\ssce5532.dll
2011-12-12 22:42:20 ----A---- C:\WINDOWS\system32\patchw32.dll
2011-12-12 22:42:20 ----A---- C:\WINDOWS\system32\patchw.dll
2011-12-12 22:42:19 ----A---- C:\WINDOWS\system32\bwntsend.dll
2011-12-12 22:42:19 ----A---- C:\WINDOWS\system32\bwnthook.dll
2011-12-12 22:42:15 ----A---- C:\WINDOWS\system32\bwbits80.dll
2011-12-12 22:23:27 ----D---- C:\Program Files\BibleWorks 8
2011-12-12 22:18:30 ----D---- C:\Program Files\Elaborate Bytes
2011-12-12 19:55:12 ----A---- C:\WINDOWS\system32\drivers\porttalk.sys
2011-12-12 19:55:04 ----D---- C:\Program Files\GMABooster
2011-12-12 14:21:06 ----A---- C:\WINDOWS\Zobrazit plochu.lnk
2011-12-11 22:17:24 ----D---- C:\WINDOWS\system32\oodag
2011-12-11 22:16:15 ----D---- C:\Program Files\OO Software
2011-12-10 18:55:25 ----D---- C:\Documents and Settings\Zucchi\Data aplikací\GetRightToGo
2011-12-10 09:21:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\CADProfi
2011-12-10 09:18:32 ----A---- C:\WINDOWS\system32\CUUT13.DLL
2011-12-10 09:18:31 ----A---- C:\WINDOWS\system32\CUPR13.DLL
2011-12-10 09:18:30 ----A---- C:\WINDOWS\system32\CULS13.DLL
2011-12-10 09:18:26 ----A---- C:\WINDOWS\system32\CULL13.DLL
2011-12-10 09:18:26 ----A---- C:\WINDOWS\system32\CUDW13.DLL
2011-12-10 09:18:25 ----A---- C:\WINDOWS\system32\CUCT13.DLL
2011-12-10 09:18:24 ----A---- C:\WINDOWS\system32\CUBR13.DLL
2011-12-10 09:18:24 ----A---- C:\WINDOWS\system32\CMUT13.DLL
2011-12-10 09:18:24 ----A---- C:\WINDOWS\system32\CMPR13.DLL
2011-12-10 09:18:23 ----A---- C:\WINDOWS\system32\CMMX02.DLL
2011-12-10 09:18:21 ----A---- C:\WINDOWS\system32\CMLS13.DLL
2011-12-10 09:18:20 ----A---- C:\WINDOWS\system32\CMLL13XL.DLL
2011-12-10 09:18:15 ----A---- C:\WINDOWS\system32\CMLL13.DLL
2011-12-10 09:18:15 ----A---- C:\WINDOWS\system32\CMDW13.DLL
2011-12-10 09:18:14 ----A---- C:\WINDOWS\system32\CMCT13.DLL
2011-12-10 09:18:13 ----A---- C:\WINDOWS\system32\CMBR13.DLL
2011-12-10 00:46:46 ----A---- C:\WINDOWS\system32\LLVIEW13.EXE
2011-12-09 22:54:41 ----A---- C:\WINDOWS\system32\drivers\hardlock.sys
2011-12-09 22:54:27 ----A---- C:\WINDOWS\system32\haspvdd.dll
2011-12-09 22:54:27 ----A---- C:\WINDOWS\system32\haspdos.sys
2011-12-09 22:54:27 ----A---- C:\WINDOWS\system32\drivers\Haspnt.sys
2011-12-09 21:09:38 ----D---- C:\Program Files\GstarCAD2009Professional
2011-12-06 22:34:33 ----D---- C:\Documents and Settings\Zucchi\Data aplikací\AdobeMuse
2011-12-06 22:34:19 ----D---- C:\Program Files\Muse
2011-12-05 09:45:24 ----D---- C:\Documents and Settings\Zucchi\Data aplikací\BatteryBar
2011-11-27 15:40:42 ----D---- C:\Documents and Settings\Zucchi\Data aplikací\ViGlance

======List of files/folders modified in the last 1 month======

2011-12-26 01:10:34 ----D---- C:\Program Files\trend micro
2011-12-26 01:10:21 ----D---- C:\WINDOWS\Temp
2011-12-26 01:03:35 ----D---- C:\WINDOWS
2011-12-25 20:45:49 ----SH---- C:\boot.ini
2011-12-25 20:45:49 ----A---- C:\WINDOWS\win.ini
2011-12-25 20:45:49 ----A---- C:\WINDOWS\system.ini
2011-12-25 20:39:50 ----A---- C:\WINDOWS\LogonStudio.ini
2011-12-25 20:38:08 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-12-25 20:11:24 ----SHD---- C:\WINDOWS\Installer
2011-12-25 20:11:22 ----SHD---- C:\Config.Msi
2011-12-25 20:10:36 ----D---- C:\Program Files\Common Files\Adobe
2011-12-25 20:10:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-12-25 20:08:43 ----D---- C:\WINDOWS\system32
2011-12-25 20:08:41 ----D---- C:\WINDOWS\system32\drivers
2011-12-25 20:08:36 ----HD---- C:\WINDOWS\inf
2011-12-25 20:08:03 ----D---- C:\Program Files\Adobe
2011-12-25 20:02:31 ----D---- C:\Documents and Settings\Zucchi\Data aplikací\Adobe
2011-12-25 19:51:36 ----A---- C:\WINDOWS\NeroDigital.ini
2011-12-25 19:45:21 ----D---- C:\WINDOWS\Prefetch
2011-12-25 19:32:27 ----RSD---- C:\WINDOWS\Fonts
2011-12-25 16:20:44 ----D---- C:\WINDOWS\WinSxS
2011-12-25 16:19:29 ----RD---- C:\Program Files
2011-12-24 14:14:42 ----D---- C:\Documents and Settings\Zucchi\Data aplikací\vlc
2011-12-23 21:38:25 ----D---- C:\WINDOWS\system32\CatRoot2
2011-12-22 00:43:48 ----D---- C:\Program Files\CCleaner
2011-12-18 15:57:41 ----RSD---- C:\WINDOWS\assembly
2011-12-18 15:46:53 ----D---- C:\WINDOWS\Microsoft.NET
2011-12-18 00:22:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-12-15 00:59:13 ----HD---- C:\Program Files\InstallShield Installation Information
2011-12-15 00:56:47 ----D---- C:\WINDOWS\msagent
2011-12-15 00:56:47 ----D---- C:\WINDOWS\Help
2011-12-14 22:46:05 ----D---- C:\WINDOWS\system
2011-12-14 21:32:16 ----D---- C:\WINDOWS\system32\config
2011-12-14 21:31:49 ----D---- C:\WINDOWS\system32\wbem
2011-12-14 21:31:47 ----D---- C:\WINDOWS\Registration
2011-12-12 16:11:00 ----SD---- C:\Documents and Settings\Zucchi\Data aplikací\Microsoft
2011-12-12 14:39:32 ----D---- C:\Program Files\Opera
2011-12-10 22:34:46 ----D---- C:\Program Files\Rainmeter
2011-12-10 17:58:20 ----D---- C:\Program Files\Stardock
2011-12-10 17:48:47 ----D---- C:\WINDOWS\Cursors
2011-12-09 22:54:30 ----D---- C:\WINDOWS\system32\Setup
2011-12-09 21:11:03 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-12-09 20:26:54 ----D---- C:\Documents and Settings\Zucchi\Data aplikací\Skype
2011-12-06 22:33:46 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-11-27 15:41:15 ----D---- C:\Program Files\ViGlance
2011-11-27 14:27:37 ----D---- C:\WINDOWS\pss

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2010-01-14 61824]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-17 44944]
R1 DMICall;Sony DMI Call service; C:\WINDOWS\system32\DRIVERS\DMICall.sys [2000-12-05 3952]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-03-01 29704]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2008-03-01 54280]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-03-01 39944]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2008-03-01 71176]
R2 FdRedir;FdRedir; \??\C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys []
R2 FileDisk2;FileDisk Protector Kernel Driver; \??\C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 rspndr;Odpovídající zařízení zjišťování topologie linkové vrstvy; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2010-01-14 62848]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2008-07-24 170032]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2010-01-14 60800]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2005-06-13 162816]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2008-03-01 30728]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-09 4273152]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2010-01-14 61824]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
R3 SNC;Zařízení pro ovládání přenosného počítače Sony; C:\WINDOWS\system32\DRIVERS\SonyNC.sys [2001-08-17 20752]
R3 SPI;Programovatelné zařízení Sony pro ovládání V/V ; C:\WINDOWS\system32\DRIVERS\SonyPI.sys [2001-08-17 37040]
R3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2006-02-22 28800]
R3 ti21sony;ti21sony; C:\WINDOWS\system32\drivers\ti21sony.sys [2006-02-21 226304]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-11-24 47104]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-02-26 1428480]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S1 DumpDrv;Crash Dump Driver; C:\WINDOWS\system32\drivers\DumpDrv.sys [2010-01-14 9472]
S3 motccgp;Motorola USB Composite Device Driver; C:\WINDOWS\system32\DRIVERS\motccgp.sys [2008-08-21 18688]
S3 motccgpfl;MotCcgpFlService; C:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2008-08-21 8320]
S3 MotDev;Motorola Inc. USB Device; C:\WINDOWS\system32\DRIVERS\motodrv.sys [2007-10-10 42112]
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-06-18 23680]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 PortTalk;PortTalk; C:\WINDOWS\System32\Drivers\PortTalk.sys [2009-01-18 3567]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-02-02 108928]
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2005-12-14 37632]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-02-08 62848]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-11-11 52864]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-01-31 39808]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2011-08-02 42496]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-22 32384]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2010-01-14 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2010-01-14 82944]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2010-01-14 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2006-04-13 176128]
R4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-09 55144]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2008-03-01 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-10-09 821608]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2010-01-14 14848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2010-01-14 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2010-01-14 14848]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-06 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-06 136176]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 OODefragAgent;O&O Defrag Agent; C:\Program Files\OO Software\Defrag\oodag.exe [2011-11-17 2489680]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S4 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]

-----------------EOF-----------------

#2 Příspěvek od **Mc_Murphy** » 26 pro 2011 06:29

Zdravím.

Inu jako první se musím zeptat na legalitu toho ESETu... jak je to s ním tentokrát?

825 · #3 Příspěvek od **825** » 26 pro 2011 11:36

je legální

#4 Příspěvek od **Mc_Murphy** » 26 pro 2011 11:59

Vlož mi sem i druhý log ze RSITu, který se jmenuje info.txt a najdeš jej v C:\RSIT

Stáhni na Plochu utilitu CKScanner.

Spusť ji a klikni na Search for files.
Po dokončení scanu klikni na Save List to File a následně OK.
Na Ploše se vytvoří log s názvem ckfiles.txt, jeho obsah mi sem vlož.

Stáhni a spusť WVCheck.exe nebo WVCheck.zip.

Stiskni klávesu [Enter].
Program začne prohledávat PC, délka skenování je závislá na počtu souborů ve Tvém PC.
Po dokončení skenování se Ti zobrazí log, který mi sem zkopíruj (log případně najdeš i na Ploše).

825 · #5 Příspěvek od **825** » 26 pro 2011 12:10

RSIT
info.txt
info.txt logfile of random's system information tool 1.09 2011-11-06 14:43:29

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader X (10.1.0) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Aktualizace systému Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2616676-v2)-->"C:\WINDOWS\$NtUninstallKB2616676-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení pro Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2586448)-->"C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2483614)-->"C:\WINDOWS\$NtUninstallKB2483614$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Apple Application Support-->MsiExec.exe /I{A83279FD-CA4B-4206-9535-90974DE76654}
Apple Mobile Device Support-->MsiExec.exe /I{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
AV Mode Button Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1C70BE80-35E0-46DA-B81D-5BF5652F8D80}\Setup.exe" -l0x9
Bonjour-->MsiExec.exe /X{79155F2B-9895-49D7-8612-D92580E0DE5B}
BootSkin-->C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\UNWISE.EXE C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\INSTALL.LOG
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Core Temp 1.0 RC2-->"C:\Program Files\Core Temp\unins000.exe"
Dell Touchpad-->C:\Program Files\DellTPad\Uninstap.exe ADDREMOVE
ESET Smart Security-->MsiExec.exe /I{6ECB944F-D027-4E8A-9906-70E77C005AD5}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
IconPackager-->"C:\Documents and Settings\All Users\Data aplikací\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}\IconPackager.exe" REMOVE=TRUE MODIFY=FALSE
IconPackager-->C:\Documents and Settings\All Users\Data aplikací\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}\IconPackager.exe
ImTOO Video Converter Ultimate 6-->C:\Program Files\ImTOO\Video Converter Ultimate 6\Uninstall.exe
Instant Mode-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E6707034-D7A4-49B1-94D0-F5AACE46F06C}\setup.exe"
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Intel(R) PRO Network Connections Drivers-->Prounstl.exe
iTunes-->MsiExec.exe /I{29ED20C9-5E15-4969-9279-25BF3727A3DA}
Java(TM) 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216029FF}
Klient pro správu práv Microsoft Windows Rights Management Services s aktualizací Service Pack 2-->MsiExec.exe /X{176B7642-72A8-49D0-8EC4-26D59D8E21B2}
Klient Správy přístupových práv v systému Windows SP2, zpětná kompatibilita-->MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790}
LogonStudio-->C:\PROGRA~1\WINCUS~1\LOGONS~1\UNWISE.EXE C:\PROGRA~1\WINCUS~1\LOGONS~1\INSTALL.LOG
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
Microsoft .NET Framework 1.1 Czech Language Pack-->MsiExec.exe /X{5E65E94D-69F2-4850-9E93-6459C53A0F50}
Microsoft .NET Framework 1.1 Security Update (KB2416447)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp"
Microsoft .NET Framework 1.1 Service Pack 1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /X{A2C9CD1B-2551-3AED-B244-6698FB929FA6}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /X{546C143E-68DC-314D-97BC-1E454E3BA429}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /X{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Silverlight-->rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\MSSlight.inf,DefaultUninstall
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
Opera 11.52-->"C:\Program Files\Opera\Opera.exe" /uninstall
Oprava Hotfix systému Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x5 -removeonly
Software Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe
Sony Utilities DLL-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF3D45BB-2260-4008-88EA-492E7744A9DF}\Setup.exe" -l0x9
Sony Video Shared Library-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}\setup.exe" -l0x9 -removeonly
Styler-->MsiExec.exe /I{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}
VAIO Event Service-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}\Setup.exe" -l0x9
VAIO Power Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E319E96-ED8E-4B01-9775-C521A1869A25}\Setup.exe" -l0x9 UNINSTALL
VLC media player 1.1.11-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WindowBlinds-->C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\INSTALL.LOG
WinRAR 4.01 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe
Wireless Switch Setting Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}\Setup.exe" -l0x9
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======Hosts File======

::1 localhost

======Security center information======

AV: ESET Smart Security 3.0
FW: ESET Personal firewall

======System event log======

Computer Name: ZUCCHI-2C0E6035
Event Code: 15007
Message: Rezervace pro obor názvů identifikovaný prefixem adresy URL http://+:47001/wsman/ byla úspěšně přidána.

Record Number: 5
Source Name: HTTP
Time Written: 20111103213906.000000+060
Event Type: Informace
User:

Computer Name: ZUCCHI-2C0E6035
Event Code: 3260
Message: Tento počítač byl úspěšně připojen k workgroup SKUPINA.

Record Number: 4
Source Name: Workstation
Time Written: 20111103213234.000000+060
Event Type: Informace
User:

Computer Name: ZUCCHI-2C0E6035
Event Code: 6011
Message: Název tohoto počítače v systémech DNS a NetBIOS byl změněn z MACHINENAME na ZUCCHI-2C0E6035.

Record Number: 3
Source Name: EventLog
Time Written: 20111103212552.000000+060
Event Type: Informace
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: Služba Event Log byla spuštěna.

Record Number: 2
Source Name: EventLog
Time Written: 20111103220431.000000+060
Event Type: Informace
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20111103220431.000000+060
Event Type: Informace
User:

=====Application event log=====

Computer Name: ZUCCHI-2C0E6035
Event Code: 1000
Message: Čítače výkonu pro službu TermService (Terminálová služba) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.

Record Number: 5
Source Name: LoadPerf
Time Written: 20111103213753.000000+060
Event Type: Informace
User:

Computer Name: ZUCCHI-2C0E6035
Event Code: 4097
Message: Aplikace C:\WINDOWS\system32\svchost.exe vygenerovala aplikační chybu.
K chybě došlo dne 03. 11. 2011 v 21:26:47,562
Vygenerovaná výjimka: c0000005 na adrese 7C92C288 (ntdll!RtlDeregisterWaitEx)

Record Number: 4
Source Name: DrWatson
Time Written: 20111103212647.000000+060
Event Type: Informace
User:

Computer Name: ZUCCHI-2C0E6035
Event Code: 1000
Message: Čítače výkonu pro službu RemoteAccess (Směrování a vzdálený přístup) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.

Record Number: 3
Source Name: LoadPerf
Time Written: 20111103212643.000000+060
Event Type: Informace
User:

Computer Name: ZUCCHI-2C0E6035
Event Code: 1000
Message: Čítače výkonu pro službu PSched (PSched) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.

Record Number: 2
Source Name: LoadPerf
Time Written: 20111103212607.000000+060
Event Type: Informace
User:

Computer Name: ZUCCHI-2C0E6035
Event Code: 1000
Message: Čítače výkonu pro službu RSVP (QoS RSVP) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.

Record Number: 1
Source Name: LoadPerf
Time Written: 20111103212606.000000+060
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0e08
"NUMBER_OF_PROCESSORS"=1
"PSModulePath"=C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"asl.log"=Destination=file

-----------------EOF-----------------

CKSCANNER

CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.FA.11.WNNAOR
----- EOF -----

WVCHECK

Windows Validation Check
Version: 1.9.12.5
Log Created On: 1209_26-12-2011
-----------------------

Windows Information
-----------------------
Windows Version: Windows XP Service Pack 3
Windows Mode: Normal
Systemroot Path: C:\WINDOWS

WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Download updates automatically, but ask me when I want to install them.
-----------------------
Last Success Time for Update Detection: 2011-12-25 15:14:40
Last Success Time for Update Download: 2011-11-29 12:52:21
Last Success Time for Update Installation: 2011-12-17 23:32:40

WVCheck's Registry Check Check
-----------------------
Antiwpa: Not Found
-----------------------
Chew7Hale: Not Found
-----------------------

WVCheck's File Dump
-----------------------
WVCheck found no known bad files.

WVCheck's Dir Dump
-----------------------
WVCheck found no known bad directories.

WVCheck's Missing File Check
-----------------------
WVCheck found no missing Windows files.

WVCheck's HOSTS File Check
-----------------------
WVCheck found no bad lines in the hosts file.

WVCheck's MD5 Check
EXPERIMENTAL!!
-----------------------
user32.dll - a88d1807ef5370f4313c58d137d6f7b4

-------- End of File, program close at 1209_26-12-2011 --------

#6 Příspěvek od **Mc_Murphy** » 26 pro 2011 12:44

Stáhni a nainstaluj Malwarebytes' Anti-Malware (zkráceně MBAM) podle návodu z tohoto topicu.

Proveď aktualizaci virové databáze.
V záložce Kontrolor zvol Úplná kontrola a zaškrtni všechny pevné disky, které máš na počítači.
Předem nic nemaž!!
MBAM mívá občas falešné detekce, proto vlož jeho log do příspěvku a počkej na posouzení!

825 · #7 Příspěvek od **825** » 26 pro 2011 14:19

Tak tady je log z MBAM

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

26.12.2011 14:17:58
mbam-log-2011-12-26 (14-17-55).txt

Typ: Úplná kontrola (C:\|)
Kontrolované objekty: 217017
Uplynulý čas: 49 minut, 33 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 1
Infikované složky: 0
Infikované soubory: 4

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\documents and settings\Zucchi\local settings\data aplikací\Opera\Opera\cache\g_0048\opr01YCZ.tmp (Trojan.Agent) -> No action taken.
c:\system volume information\_restore{7a0df5ed-f2ba-4127-ba37-e5417dc548a8}\RP94\A0022926.exe (RiskWare.Tool.HCK) -> No action taken.
c:\system volume information\_restore{7a0df5ed-f2ba-4127-ba37-e5417dc548a8}\RP94\A0022940.EXE (Dont.Steal.Our.Software) -> No action taken.
c:\system volume information\_restore{7a0df5ed-f2ba-4127-ba37-e5417dc548a8}\RP94\A0022941.exe (RiskWare.Tool.HCK) -> No action taken.

#8 Příspěvek od **Mc_Murphy** » 26 pro 2011 14:51

Všechny nálezy MBAMu dej opravit (vymazat). Po akci MBAM odinstaluj.

Podle tohoto návodu smaž starý a znovu vytvoř nový bod obnovy pro svůj počítač, v těch starých máš havěť.

Potom stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Zaškrtni okénko Pro všechny uživatele.
Zaškrtni okénko Kontrola na havěť "LOP".
Zaškrtni okénko Kontrola na havěť "Purity".
Stáři souborů změň z 30 dnů na 7 dnů!
Do spodního okénka Vlastní skenování/opravy vlož tento script(pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

CREATERESTOREPOINT
netsvc
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
%userprofile%\Plocha\*.*
%userprofile%\Desktop\*.*
%ALLUSERSPROFILE%\Plocha\*.*
%ALLUSERSPROFILE%\Desktop\*.*
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*KMSEmulator* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Klikni na tlačítko [Prohledat].
Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

825 · #9 Příspěvek od **825** » 26 pro 2011 19:29

Tak tady to je

OTL Extras logfile created on: 26.12.2011 18:51:18 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Zucchi\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 0,60 Gb Available Physical Memory | 30,07% Memory free
3,83 Gb Paging File | 1,96 Gb Available in Paging File | 51,14% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 38,03 Gb Free Space | 51,03% Space Free | Partition Type: NTFS

Computer Name: ZUCCHI-2C0E6035 | User Name: Zucchi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-1220945662-2000478354-1644491937-1004\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5353:UDP" = 5353:UDP:*:Enabled:Salling Clicker mDNS

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Documents and Settings\Zucchi\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\tinyumbrella-5.00.12a.exe" = C:\Documents and Settings\Zucchi\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\tinyumbrella-5.00.12a.exe:*:Enabled:TinyUmbrella - Save your SHSH!
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Salling Software AB\Salling Clicker\WinClicker.exe" = C:\Program Files\Salling Software AB\Salling Clicker\WinClicker.exe:*:Enabled:WinClicker.exe -- (Salling Software AB)
"C:\Documents and Settings\Zucchi\Plocha\utorrent-portable\utorrent.exe" = C:\Documents and Settings\Zucchi\Plocha\utorrent-portable\utorrent.exe:*:Enabled:µTorrent
"C:\Documents and Settings\Zucchi\Dokumenty\utorrent-portable\utorrent.exe" = C:\Documents and Settings\Zucchi\Dokumenty\utorrent-portable\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\SmartFTP Client\SmartFTP.exe" = C:\Program Files\SmartFTP Client\SmartFTP.exe:*:Enabled:SmartFTP Client 4.0 -- (SmartSoft Ltd.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02708F33-1437-8382-73AC-09EAC0F51AB7}" = Muse (code name)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC2
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{176B7642-72A8-49D0-8EC4-26D59D8E21B2}" = Klient pro správu práv Microsoft Windows Rights Management Services s aktualizací Service Pack 2
"{1C70BE80-35E0-46DA-B81D-5BF5652F8D80}" = AV Mode Button Utility
"{2158ED55-19D1-4C0C-B213-5EFF748248AC}" = Salling Clicker
"{24CD85A3-6562-4C24-8257-27826C7CF7FE}" = O&O Defrag Professional
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F2CE68F-EDBB-4592-BF07-5AC930A51029}" = Nero 7 Ultra Edition
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6ECB944F-D027-4E8A-9906-70E77C005AD5}" = ESET Smart Security
"{715CB4C3-383C-4D20-B29C-932C08203563}" = CADprofi
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7ACF49E8-FBFC-46DE-9863-679A26B36263}" = SmartFTP Client
"{7D777586-7EB1-48A9-AAF9-4AB0E807E81E}" = PNGGauntlet
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{8DF4C627-4AF3-4245-9F13-3518FC8584DC}" = Protector Suite QL 5.3
"{90140000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 14
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90F50409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core
"{90F60409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core - English
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94ED958B-C7BC-4B54-8B27-2FBA717D4EDB}" = IBM ViaVoice TTS Runtime v6.405 - Français
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{9FB28802-77C3-4336-8D97-4E55E6375384}" = SmartFTP Client Czech (Czech Republic) MUI
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Czech
"{B038A58E-EAF0-44CB-ADCA-3895ECD0812D}" = BibleWorks 8
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 Service Pack 1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CF91A5A9-F10D-433D-A677-9505B84EAF1B}" = Stardock Software
"{D0ACE207-0F90-402C-8CFA-2CB3D44CE689}" = Adobe Photoshop Lightroom 3.6
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D7947079-A82D-44A7-95EC-E5B62785288E}" = Magnus 2011
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E6707034-D7A4-49B1-94D0-F5AACE46F06C}" = Instant Mode
"{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}" = Styler
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Klient Správy přístupových práv v systému Windows SP2, zpětná kompatibilita
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FD0C9330-E89A-4520-9A47-FE01366D5633}" = IBM ViaVoice TTS Runtime v6.405 - Deutsch
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3D FlipClock" = 3D Flip Clock Screensaver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AdobeMuse" = Muse (code name)
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"LHTTSENG" = L&H TTS3000 British English
"LHTTSRUR" = L&H TTS3000 Russian
"LogonStudio" = LogonStudio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft Silverlight" = Microsoft Silverlight
"ObjectDock Plus 2" = ObjectDock Plus 2
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Opera 11.60.1185" = Opera 11.60
"ProInst" = Software Intel(R) PROSet/Wireless
"PROSet" = Intel(R) PRO Network Connections Drivers
"Rainmeter" = Rainmeter
"SmartFTP Client 4.0 Setup Files" = SmartFTP Client 4.0 Setup Files (remove only)
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"ViGlance" = ViGlance
"VLC media player" = VLC media player 1.1.11
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WYSIWYG_Web_Builder_8_UNICODE" = WYSIWYG Web Builder 8 UNICODE
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1220945662-2000478354-1644491937-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ImTOO Video Converter Ultimate 6" = ImTOO Video Converter Ultimate 6

========== Last 10 Event Log Errors ==========

[ System Events ]
Error - 19.12.2011 13:43:28 | Computer Name = ZUCCHI-2C0E6035 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.77.100 pro síťovou kartu s adresou 0018DED5584A
byla serverem DHCP 192.168.77.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 21.12.2011 16:00:57 | Computer Name = ZUCCHI-2C0E6035 | Source = Service Control Manager | ID = 7034
Description = Služba O&O Defrag Agent byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 21.12.2011 16:01:13 | Computer Name = ZUCCHI-2C0E6035 | Source = Service Control Manager | ID = 7034
Description = Služba iPod Service byla neočekávaně ukončena. Tento stav nastal již
1krát.

Error - 22.12.2011 5:49:55 | Computer Name = ZUCCHI-2C0E6035 | Source = Dhcp | ID = 1001
Description = Počítači nebyla přiřazena síťová adresa (serverem DHCP) pro síťovou
kartu se síťovou adresou 0018DED5584A. Došlo k následující chybě: %%1223. Počítač
se bude pokoušet získat síťovou adresu samostatně ze serveru DHCP.

Error - 22.12.2011 12:36:52 | Computer Name = ZUCCHI-2C0E6035 | Source = Dhcp | ID = 1001
Description = Počítači nebyla přiřazena síťová adresa (serverem DHCP) pro síťovou
kartu se síťovou adresou 0018DED5584A. Došlo k následující chybě: %%1223. Počítač
se bude pokoušet získat síťovou adresu samostatně ze serveru DHCP.

Error - 24.12.2011 21:11:48 | Computer Name = ZUCCHI-2C0E6035 | Source = Service Control Manager | ID = 7034
Description = Služba iPod Service byla neočekávaně ukončena. Tento stav nastal již
2krát.

Error - 25.12.2011 11:22:20 | Computer Name = ZUCCHI-2C0E6035 | Source = DCOM | ID = 10010
Description = Server {DC0C2640-1415-4644-875C-6F4D769839BA} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 25.12.2011 15:40:33 | Computer Name = ZUCCHI-2C0E6035 | Source = DCOM | ID = 10010
Description = Server {4EB61BAC-A3B6-4760-9581-655041EF4D69} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 25.12.2011 15:43:31 | Computer Name = ZUCCHI-2C0E6035 | Source = Service Control Manager | ID = 7034
Description = Služba O&O Defrag Agent byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 26.12.2011 12:26:56 | Computer Name = ZUCCHI-2C0E6035 | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace zabezpečení pro produkt Microsoft Silverlight
(KB2617986).

< End of report >

825 · #10 Příspěvek od **825** » 26 pro 2011 19:33

OTL

OTL logfile created on: 26.12.2011 18:51:18 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Zucchi\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 0,60 Gb Available Physical Memory | 30,07% Memory free
3,83 Gb Paging File | 1,96 Gb Available in Paging File | 51,14% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 38,03 Gb Free Space | 51,03% Space Free | Partition Type: NTFS

Computer Name: ZUCCHI-2C0E6035 | User Name: Zucchi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.12.26 18:50:00 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Zucchi\Plocha\OTL.exe
PRC - [2011.12.21 23:52:35 | 012,402,536 | ---- | M] (SmartSoft Ltd.) -- C:\Program Files\SmartFTP Client\SmartFTP.exe
PRC - [2011.12.12 14:39:20 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011.12.02 12:15:42 | 000,100,352 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
PRC - [2010.04.07 04:01:40 | 035,444,688 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files\Adobe\Adobe Photoshop CS5\Photoshop.exe
PRC - [2010.02.22 04:57:06 | 000,406,992 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
PRC - [2010.01.14 16:00:04 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.08.01 23:12:24 | 000,200,704 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008.06.30 10:36:44 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008.03.21 20:32:04 | 000,046,376 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008.03.01 04:54:52 | 001,443,072 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2007.12.21 08:21:16 | 000,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2007.10.25 17:23:36 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2006.04.13 13:36:36 | 000,176,128 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2006.03.09 20:58:00 | 000,217,088 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2006.02.14 12:11:46 | 000,176,128 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe

========== Modules (No Company Name) ==========

MOD - [2011.12.12 14:39:31 | 000,275,968 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2011.12.12 14:39:31 | 000,078,336 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2011.12.12 14:39:31 | 000,064,000 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2011.12.12 14:39:31 | 000,046,592 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2011.12.12 14:39:31 | 000,045,568 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2011.12.12 14:39:30 | 000,316,928 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2011.12.12 14:39:30 | 000,168,448 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2011.12.12 14:39:30 | 000,099,840 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2011.12.12 14:39:30 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2011.12.12 14:39:30 | 000,076,800 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2011.12.12 14:39:30 | 000,068,608 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2011.12.12 14:39:29 | 000,783,360 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll
MOD - [2011.12.12 14:39:29 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2011.12.02 12:16:40 | 000,023,040 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\RecycleManager.dll
MOD - [2011.12.02 12:16:34 | 000,143,360 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\WebParser.dll
MOD - [2011.12.02 12:16:12 | 000,028,160 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\QuotePlugin.dll
MOD - [2011.12.02 12:16:10 | 000,020,992 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\PowerPlugin.dll
MOD - [2011.12.02 12:15:42 | 000,100,352 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
MOD - [2011.12.02 12:15:40 | 000,569,344 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.dll
MOD - [2011.12.01 18:00:57 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.06.16 00:14:48 | 000,331,776 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2011.05.28 22:04:58 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010.04.07 02:34:46 | 000,033,280 | ---- | M] () -- C:\Program Files\Adobe\Adobe Photoshop CS5\QuickTimeGlue.dll
MOD - [2010.02.22 04:50:20 | 000,060,416 | ---- | M] () -- C:\Program Files\Common Files\Adobe\CS5ServiceManager\zlib1.dll
MOD - [2008.04.14 12:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2005.05.20 17:42:20 | 000,010,752 | ---- | M] () -- C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
MOD - [2004.07.20 17:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.11.17 18:17:46 | 002,489,680 | ---- | M] (O&O Software GmbH) [Disabled | Stopped] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV - [2011.06.12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2008.03.01 04:58:08 | 000,019,200 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2007.12.21 08:21:16 | 000,468,224 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2006.04.13 13:36:36 | 000,176,128 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)

========== Driver Services (SafeList) ==========

DRV - [2011.12.09 22:54:27 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2010.01.14 16:04:10 | 000,009,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dumpdrv.sys -- (DumpDrv)
DRV - [2009.01.18 17:19:10 | 000,003,567 | ---- | M] (Beyond Logic http://www.beyondlogic.org) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\porttalk.sys -- (PortTalk)
DRV - [2008.08.21 18:49:56 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2008.08.21 18:49:22 | 000,018,688 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2008.07.24 18:42:48 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.03.01 04:56:36 | 000,054,280 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2008.03.01 04:56:34 | 000,030,728 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2008.03.01 04:56:30 | 000,071,176 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2008.03.01 04:53:16 | 000,029,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2008.03.01 04:52:30 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2007.10.10 17:41:50 | 000,042,112 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev)
DRV - [2007.06.18 15:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2006.11.22 10:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2006.05.09 18:27:00 | 004,273,152 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.02.26 04:43:00 | 001,428,480 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2006.02.22 18:13:12 | 000,013,440 | ---- | M] (UPEK Inc.) [File_System | Auto | Running] -- C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys -- (FdRedir)
DRV - [2006.02.22 18:13:04 | 000,033,024 | ---- | M] (UPEK Inc.) [Kernel | Auto | Running] -- C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys -- (FileDisk2)
DRV - [2006.02.21 19:32:32 | 000,226,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2006.02.08 17:33:34 | 000,062,848 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfhid.sys -- (Tosrfhid)
DRV - [2006.02.02 23:16:08 | 000,108,928 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd)
DRV - [2006.01.31 18:35:28 | 000,039,808 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2005.12.14 17:07:24 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2005.11.24 13:37:36 | 000,047,104 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2005.11.11 15:09:52 | 000,052,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfsnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2005.08.01 16:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005.07.11 18:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt)
DRV - [2005.01.06 13:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2001.08.17 20:51:22 | 000,037,040 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyPI.sys -- (SPI)
DRV - [2001.08.17 20:51:20 | 000,020,752 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC)
DRV - [2000.12.05 16:18:02 | 000,003,952 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1220945662-2000478354-1644491937-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1220945662-2000478354-1644491937-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011.12.25 19:39:34 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2011.11.06 14:09:53 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {675002D7-149C-5C2F-2300-7EED44012BE2} - Reg Error: Value error. File not found
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1220945662-2000478354-1644491937-1004\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [LogonStudio] C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe (Stardock and Luca Saggese)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O4 - Startup: C:\Documents and Settings\Zucchi\Nabídka Start\Programy\Po spuštění\Zástupce - Switcher.lnk = C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1220945662-2000478354-1644491937-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.77.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C80D016D-E6B8-4523-9E1D-22D53CC1CE91}: DhcpNameServer = 192.168.77.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\WINDOWS\system32\logonuiX.exe) -C:\WINDOWS\system32\logonuiX.exe (Microsoft Corporation)
O20 - Winlogon\Notify\psfus: DllName - (fusstub.dll) - C:\WINDOWS\System32\fusstub.dll (UPEK Inc.)
O20 - Winlogon\Notify\RailNotification: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O22 - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - C:\Program Files\Stardock\ObjectDockPlus2\ODMenu.dll (Stardock)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Zucchi\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Zucchi\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.11.03 21:44:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011.12.26 18:49:37 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Zucchi\Plocha\OTL.exe
[2011.12.26 17:24:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Zucchi\Recent
[2011.12.26 17:18:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zucchi\Plocha\backup
[2011.12.26 13:00:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zucchi\Data aplikací\Malwarebytes
[2011.12.26 13:00:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.12.26 13:00:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.12.26 13:00:27 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.12.26 13:00:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.12.25 19:41:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe LiveCycle ES2
[2011.12.25 16:20:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zucchi\Nabídka Start\Programy\ImTOO
[2011.12.25 16:19:29 | 000,000,000 | ---D | C] -- C:\Program Files\ImTOO
[2011.12.24 17:25:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zucchi\Dokumenty\Any Audio Converter
[2011.12.24 17:24:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zucchi\Data aplikací\AnvSoft
[2011.12.24 17:16:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\tfc
[2011.12.24 17:00:19 | 000,000,000 | ---D | C] -- C:\Program Files\VLCRemote
[2011.12.24 13:53:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zucchi\Plocha\christmas
[2011.12.22 00:43:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2011.12.22 00:20:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Zucchi\Dokumenty\Text
[2011.12.21 23:53:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zucchi\Data aplikací\SmartFTP
[2011.12.21 23:51:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\SmartFTP Client
[2011.12.21 23:51:03 | 000,000,000 | ---D | C] -- C:\Program Files\SmartFTP Client
[2011.12.21 23:50:19 | 000,000,000 | ---D | C] -- C:\Program Files\SmartFTP Client 4.0 Setup Files
[2011.12.21 20:43:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\WYSIWYG Web Builder 8 UNICODE
[2011.12.21 20:37:37 | 000,000,000 | ---D | C] -- C:\Program Files\WYSIWYG Web Builder 8 UNICODE
[2011.12.20 15:29:40 | 000,000,000 | ---D | C] -- C:\Program Files\EAGLE-5.8.0
[2011.12.20 15:29:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zucchi\Data aplikací\CadSoft
[2 C:\Documents and Settings\Zucchi\Dokumenty\*.tmp files -> C:\Documents and Settings\Zucchi\Dokumenty\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.12.26 18:58:58 | 000,834,845 | ---- | M] () -- C:\Documents and Settings\Zucchi\Plocha\PNGGauntlet-2.1.3.exe
[2011.12.26 18:56:10 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.12.26 18:50:00 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Zucchi\Plocha\OTL.exe
[2011.12.26 18:29:06 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\Zucchi\Data aplikací\Adobe PNG Format CS5 Prefs
[2011.12.26 16:50:23 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\jdxb.sys
[2011.12.26 14:18:47 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\xahl.sys
[2011.12.26 13:40:54 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.12.25 20:45:49 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011.12.25 20:40:27 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.12.25 20:39:50 | 000,000,024 | ---- | M] () -- C:\WINDOWS\LogonStudio.ini
[2011.12.25 20:39:03 | 003,545,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.12.25 20:39:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.25 20:38:57 | 2137,051,136 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.25 20:38:55 | 000,010,208 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2011.12.21 20:37:28 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2 C:\Documents and Settings\Zucchi\Dokumenty\*.tmp files -> C:\Documents and Settings\Zucchi\Dokumenty\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.12.26 18:57:54 | 000,834,845 | ---- | C] () -- C:\Documents and Settings\Zucchi\Plocha\PNGGauntlet-2.1.3.exe
[2011.12.26 18:56:10 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.12.26 16:50:23 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\jdxb.sys
[2011.12.26 14:18:47 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\xahl.sys
[2011.12.12 22:42:23 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\bwplay.exe
[2011.12.12 22:42:23 | 000,055,808 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2011.12.12 22:42:20 | 000,181,760 | ---- | C] () -- C:\WINDOWS\System32\patchw32.dll
[2011.12.12 22:42:20 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\patchw.dll
[2011.12.12 22:42:19 | 000,058,280 | ---- | C] () -- C:\WINDOWS\System32\bwntsend.dll
[2011.12.12 22:42:19 | 000,058,280 | ---- | C] () -- C:\WINDOWS\System32\bwnthook.dll
[2011.12.12 22:42:15 | 007,533,568 | ---- | C] () -- C:\WINDOWS\System32\bwbits80.dll
[2011.12.12 13:45:13 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Zucchi\Data aplikací\Adobe PNG Format CS5 Prefs
[2011.12.09 22:54:27 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2011.11.20 18:55:08 | 000,001,024 | -HS- | C] () -- C:\WINDOWS\System32\msi32w16.dat
[2011.11.20 08:56:58 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011.11.10 19:08:55 | 000,000,385 | ---- | C] () -- C:\WINDOWS\{2158ED55-19D1-4C0C-B213-5EFF748248AC}_WiseFW.ini
[2011.11.10 16:32:45 | 000,000,097 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2011.11.08 13:11:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2011.11.04 01:00:39 | 000,000,024 | ---- | C] () -- C:\WINDOWS\LogonStudio.ini
[2011.11.04 01:00:30 | 000,187,392 | ---- | C] () -- C:\WINDOWS\System32\JPGUtils.dll
[2011.11.04 00:02:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WB.ini
[2011.11.03 23:40:25 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2011.11.03 23:01:49 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\Zucchi\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.03 22:54:54 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011.11.03 22:54:54 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.11.03 22:49:01 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.11.03 22:06:18 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.11.03 22:04:20 | 003,545,992 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.11.03 21:52:59 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.11.03 21:48:32 | 000,562,944 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.11.03 21:38:25 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.11.03 21:37:08 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2011.11.03 21:37:08 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2011.11.03 21:37:07 | 000,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2011.11.03 21:37:07 | 000,015,552 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2011.11.03 21:37:07 | 000,014,910 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2010.03.10 18:33:52 | 012,017,664 | ---- | C] () -- C:\WINDOWS\System32\DwgView32.dll
[2010.01.14 10:48:16 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2010.01.14 10:48:16 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008.04.14 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008.04.14 12:00:00 | 000,458,882 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2008.04.14 12:00:00 | 000,441,458 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008.04.14 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008.04.14 12:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2008.04.14 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008.04.14 12:00:00 | 000,090,924 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2008.04.14 12:00:00 | 000,071,394 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008.04.14 12:00:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\naarrator.exe
[2008.04.14 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008.04.14 12:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2008.04.14 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008.04.14 12:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008.04.14 12:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008.04.14 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.09.02 14:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005.07.22 21:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004.07.20 17:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004.01.15 14:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[1999.12.02 07:12:00 | 000,000,100 | ---- | C] () -- C:\WINDOWS\System32\msconsysfe.dat
[1998.07.30 16:02:04 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\NUMERALG.DLL
[1998.03.03 10:37:32 | 000,182,784 | ---- | C] () -- C:\WINDOWS\System32\DAOLIBS.DLL

========== LOP Check ==========

[2011.11.08 12:53:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Avanquest Bluetooth SDK
[2011.12.17 21:28:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Broderbund Software
[2011.11.08 13:07:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2011.12.10 09:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CADProfi
[2011.11.05 23:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2011.12.17 21:37:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2011.11.22 22:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2011.11.26 00:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Stardock
[2011.11.26 00:04:14 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{0F4A7EFE-5950-4389-BF36-1E625D72456B}
[2011.11.05 14:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.12.24 17:24:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\AnvSoft
[2011.12.05 09:55:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\BatteryBar
[2011.11.18 19:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\BatteryCare
[2011.12.20 15:29:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\CadSoft
[2011.11.20 01:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Desktop Sidebar
[2011.11.05 23:09:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\ESET
[2011.11.20 16:39:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\EuroTalk
[2011.11.03 23:37:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\FindeXer
[2011.12.10 18:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\GetRightToGo
[2011.11.06 13:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\ImTOO
[2011.11.11 16:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\iPhone.F4B6EDD4861104DF103CA831FC6755522BBBD9C1.1
[2011.12.17 21:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\LangSoft
[2011.11.03 23:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Opera
[2011.11.05 19:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Protector Suite
[2011.11.26 12:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Rainmeter
[2011.11.06 01:52:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\redsn0w
[2011.11.11 18:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\rinsebyreal
[2011.11.10 19:10:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Salling Software AB
[2011.11.26 00:05:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Stardock
[2011.11.03 23:26:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Styler
[2011.11.20 18:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Thinstall
[2011.11.11 18:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\tidysongs15.27F6A35B76E5883BF9E6FEE514586561E60595CA.1
[2011.11.27 15:41:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\ViGlance
[2011.11.03 22:03:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Windows Desktop Search
[2011.11.05 22:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Windows Search

========== Purity Check ==========

========== Custom Scans ==========

< netsvc >

< MD5 for: ATAPI.SYS >
[2010.01.14 16:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 12:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 12:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 12:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2010.01.14 16:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.05.02 10:49:40 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2010.01.14 15:59:53 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2010.01.14 16:00:04 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=8AB626E4E4B289646E11311E66FB0B88 -- C:\WINDOWS\explorer.exe
[2010.01.14 16:00:04 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=8AB626E4E4B289646E11311E66FB0B88 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2010.01.14 16:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2010.01.14 16:00:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=429B2A7E9569C19BFE58F71FC02DE220 -- C:\WINDOWS\system32\hal.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 12:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 12:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SVCHOST.EXE >
[2010.01.14 16:01:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=67E38B4A549833E02D4D1617B5DBC318 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2010.01.14 16:01:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=67E38B4A549833E02D4D1617B5DBC318 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.01.14 16:01:53 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=367DE8E5F638C091F49273144274F629 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2010.01.14 16:01:53 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=367DE8E5F638C091F49273144274F629 -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 12:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 12:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.01.14 16:02:09 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=4212BABCC4408B052193DABAD9A691AB -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2010.01.14 16:02:09 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=4212BABCC4408B052193DABAD9A691AB -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%*.* /U /s >
[11 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.12.25 20:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Adobe
[2011.12.06 22:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\AdobeMuse
[2011.11.20 16:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Ahead
[2011.12.24 17:24:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\AnvSoft
[2011.11.05 17:42:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Apple Computer
[2011.12.05 09:55:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\BatteryBar
[2011.11.18 19:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\BatteryCare
[2011.12.20 15:29:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\CadSoft
[2011.11.20 01:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Desktop Sidebar
[2011.11.05 23:09:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\ESET
[2011.11.20 16:39:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\EuroTalk
[2011.11.03 23:37:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\FindeXer
[2011.12.10 18:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\GetRightToGo
[2011.11.03 22:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Identities
[2011.11.06 13:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\ImTOO
[2011.11.11 16:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\iPhone.F4B6EDD4861104DF103CA831FC6755522BBBD9C1.1
[2011.12.17 21:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\LangSoft
[2011.11.03 23:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Macromedia
[2011.12.26 13:00:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Malwarebytes
[2011.12.12 16:11:00 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Microsoft
[2011.11.03 23:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Opera
[2011.12.26 19:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\PNGGauntlet
[2011.11.05 19:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Protector Suite
[2011.11.26 12:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Rainmeter
[2011.11.06 01:52:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\redsn0w
[2011.11.11 18:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\rinsebyreal
[2011.11.10 19:10:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Salling Software AB
[2011.12.09 20:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Skype
[2011.12.21 23:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\SmartFTP
[2011.11.03 23:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Sony Corporation
[2011.11.26 00:05:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Stardock
[2011.11.03 23:26:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Styler
[2011.11.05 20:24:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Sun
[2011.11.20 18:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Thinstall
[2011.11.11 18:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\tidysongs15.27F6A35B76E5883BF9E6FEE514586561E60595CA.1
[2011.11.27 15:41:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\ViGlance
[2011.12.24 14:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\vlc
[2011.11.03 22:03:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Windows Desktop Search
[2011.11.05 22:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\Windows Search
[2011.11.03 23:20:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zucchi\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2011.12.06 22:33:11 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\Zucchi\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.12.22 00:04:24 | 000,157,733 | R--- | M] () -- C:\Documents and Settings\Zucchi\Data aplikací\Microsoft\Installer\{9FB28802-77C3-4336-8D97-4E55E6375384}\SmartFTP.exe
[2011.11.03 23:26:50 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Zucchi\Data aplikací\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe
[2011.11.03 23:26:50 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Zucchi\Data aplikací\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_7b12541d.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2011.11.03 22:03:32 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.11.03 22:03:31 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.11.03 22:03:31 | 000,483,328 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >
[2011.12.26 16:50:23 | 000,054,016 | ---- | M] () -- C:\WINDOWS\system32\drivers\jdxb.sys
[2011.12.26 14:18:47 | 000,054,016 | ---- | M] () -- C:\WINDOWS\system32\drivers\xahl.sys

< %systemroot%\system32\*.* /3 >
[2011.12.25 20:39:03 | 003,545,992 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2011.12.25 20:38:55 | 000,010,208 | ---- | M] () -- C:\WINDOWS\system32\oodbs.lor
[2011.12.25 20:40:27 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< %userprofile%\Plocha\*.* >
[2011.12.26 18:50:00 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Zucchi\Plocha\OTL.exe
[2011.12.26 18:58:58 | 000,834,845 | ---- | M] () -- C:\Documents and Settings\Zucchi\Plocha\PNGGauntlet-2.1.3.exe

< %userprofile%\Desktop\*.* >

< %ALLUSERSPROFILE%\Plocha\*.* >

< %ALLUSERSPROFILE%\Desktop\*.* >

< *loader* /s >
[2011.12.10 18:55:33 | 000,001,426 | ---- | M] () -- \Documents and Settings\Zucchi\Data aplikací\GetRightToGo\Brothersoftdownloader_for_Leopard_Mods_On_XP.data
[2011.12.10 18:55:25 | 000,000,834 | ---- | M] () -- \Documents and Settings\Zucchi\Data aplikací\GetRightToGo\Brothersoftdownloader_for_Leopard_Mods_On_XP.data0
[2011.12.01 19:14:00 | 000,004,955 | ---- | M] () -- \Documents and Settings\Zucchi\Dokumenty\Rainmeter\Skins\Unity\Icons\apps\jdownloader.png
[2011.11.25 00:35:30 | 000,000,661 | ---- | M] () -- \Documents and Settings\Zucchi\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fmydownloader.net%2Ffavicon.png
[2010.10.25 15:13:46 | 000,013,785 | ---- | M] () -- \Program Files\Adobe\Acrobat 10.0\Acrobat\WebPublish\BootStrapLoader.swf
[2010.03.09 04:28:40 | 005,297,608 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2007.03.12 13:48:46 | 000,177,712 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2010.10.07 04:36:40 | 000,265,552 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.02.16 12:50:22 | 000,142,336 | ---- | M] () -- \Program Files\ImTOO\Video Converter Ultimate 6\vcloader.exe
[2011.02.16 12:50:48 | 000,005,932 | ---- | M] () -- \Program Files\ImTOO\Video Converter Ultimate 6\plugins\loader.avsi
[2011.12.02 13:30:36 | 000,001,849 | ---- | M] () -- \Program Files\WYSIWYG Web Builder 8 UNICODE\lightbox\galleria\theme\classic-loader.gif
[2011.12.02 13:30:36 | 000,002,545 | ---- | M] () -- \Program Files\WYSIWYG Web Builder 8 UNICODE\lightbox\prettyPhoto\images\dark_rounded\loader.gif
[2011.12.02 13:30:36 | 000,002,545 | ---- | M] () -- \Program Files\WYSIWYG Web Builder 8 UNICODE\lightbox\prettyPhoto\images\dark_square\loader.gif
[2011.12.02 13:30:36 | 000,002,545 | ---- | M] () -- \Program Files\WYSIWYG Web Builder 8 UNICODE\lightbox\prettyPhoto\images\facebook\loader.gif
[2011.12.02 13:30:36 | 000,002,545 | ---- | M] () -- \Program Files\WYSIWYG Web Builder 8 UNICODE\lightbox\prettyPhoto\images\light_rounded\loader.gif
[2011.12.02 13:30:36 | 000,002,545 | ---- | M] () -- \Program Files\WYSIWYG Web Builder 8 UNICODE\lightbox\prettyPhoto\images\light_square\loader.gif
[2011.12.17 09:24:30 | 000,547,840 | ---- | M] () -- \Programs\USDownloader\USDownloader.exe
[2011.12.17 09:22:14 | 000,000,506 | -HS- | M] () -- \Programs\USDownloader\USDownloader.exe.manifest
[2011.12.17 22:31:41 | 000,005,884 | ---- | M] () -- \Programs\USDownloader\USDownloader.ini
[2011.12.17 22:31:52 | 000,692,472 | ---- | M] () -- \Programs\USDownloader\USDownloader.log
[2011.12.17 22:31:41 | 000,001,506 | ---- | M] () -- \Programs\USDownloader\USDownloader.lst
[2011.12.17 22:23:22 | 000,001,506 | ---- | M] () -- \Programs\USDownloader\USDownloader.lst1.bak
[2011.12.17 22:05:41 | 000,001,426 | ---- | M] () -- \Programs\USDownloader\USDownloader.lst2.bak
[2011.12.17 21:56:43 | 000,001,346 | ---- | M] () -- \Programs\USDownloader\USDownloader.lst3.bak
[2011.12.17 21:45:43 | 000,001,266 | ---- | M] () -- \Programs\USDownloader\USDownloader.lst4.bak
[2011.12.17 21:34:29 | 000,001,186 | ---- | M] () -- \Programs\USDownloader\USDownloader.lst5.bak
[2011.12.17 21:34:13 | 000,001,109 | ---- | M] () -- \Programs\USDownloader\USDownloader.lst6.bak
[2011.12.17 21:34:11 | 000,000,009 | ---- | M] () -- \Programs\USDownloader\USDownloader.lst7.bak
[2011.12.17 21:34:02 | 000,005,149 | ---- | M] () -- \Programs\USDownloader\USDownloader.lst8.bak
[2011.12.17 19:46:18 | 000,005,149 | ---- | M] () -- \Programs\USDownloader\USDownloader.lst9.bak
[2006.09.10 14:39:28 | 000,014,112 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.al.lng
[2006.11.29 17:55:24 | 000,013,282 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.ar.lng
[2009.04.04 10:11:02 | 000,015,737 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.ara.lng
[2006.08.02 14:53:08 | 000,009,553 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.bn.lng
[2011.12.17 09:24:35 | 000,017,772 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.bul.lng
[2007.12.29 14:29:45 | 000,018,268 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.cat.lng
[2008.12.13 23:58:45 | 000,013,529 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.chs.lng
[2006.08.04 18:14:14 | 000,013,619 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.cro.lng
[2007.12.29 14:31:41 | 000,014,065 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.cz.lng
[2011.12.17 22:23:31 | 000,016,996 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.cze.lng
[2008.09.05 18:59:10 | 000,017,527 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.de.lng
[2008.09.05 18:59:11 | 000,017,786 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.du.lng
[2007.12.29 14:29:53 | 000,017,427 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.ell.lng
[2011.12.17 09:24:35 | 000,016,557 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.eng.lng
[2006.10.20 18:44:14 | 000,015,026 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.esp.lng
[2011.12.17 09:24:36 | 000,016,526 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.est.lng
[2008.04.26 13:35:09 | 000,019,089 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.fre.lng
[2008.12.13 23:58:57 | 000,017,548 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.gal.lng
[2006.11.28 16:13:18 | 000,015,078 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.gr.lng
[2011.12.17 09:24:36 | 000,017,916 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.hrv.lng
[2008.12.13 23:58:49 | 000,019,443 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.hu.lng
[2007.12.29 14:30:01 | 000,017,335 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.it.lng
[2006.10.09 09:48:26 | 000,013,968 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.ita.lng
[2008.09.05 18:59:13 | 000,016,525 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.lit.lng
[2006.11.28 16:13:24 | 000,014,452 | ---- | M] () -- \Programs\USDownloader\Langs\USdownloader.lt.lng
[2009.11.01 22:28:02 | 000,018,195 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.lv.lng
[2006.07.14 13:56:48 | 000,014,397 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.lvi.lng
[2006.09.10 14:37:14 | 000,009,352 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.malay.lng
[2007.12.29 14:30:06 | 000,016,839 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.nor.lng
[2009.11.01 22:27:57 | 000,017,898 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.pl.lng
[2006.11.28 16:20:10 | 000,013,346 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.pol.lng
[2007.12.29 14:30:13 | 000,017,909 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.ptbr.lng
[2008.12.13 23:58:52 | 000,017,758 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.ro.lng
[2011.12.17 09:24:39 | 000,013,851 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.rus.lng
[2009.02.22 19:50:36 | 000,016,918 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.ser.lng
[2007.12.29 14:30:16 | 000,016,760 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.sk.lng
[2009.02.02 19:56:57 | 000,018,346 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.spa.lng
[2009.11.01 22:27:59 | 000,016,308 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.swe.lng
[2009.11.01 22:28:05 | 000,017,057 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.thai.lng
[2008.09.05 18:59:18 | 000,017,726 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.tr.lng
[2008.05.09 23:57:18 | 000,013,624 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.tw.lng
[2007.12.29 14:30:22 | 000,017,043 | ---- | M] () -- \Programs\USDownloader\Langs\USDownloader.ukr.lng
[2009.04.04 10:10:48 | 000,034,304 | ---- | M] () -- \Programs\USDownloader\Plugins\SexUploader.plg
[2007.05.08 12:20:30 | 000,000,193 | ---- | M] () -- \RECYCLER\S-1-5-21-1220945662-2000478354-1644491937-1004\Dc690\__MACOSX\GreyBox_v5_54\greybox_source\base\._loader_frame.html
[2009.10.19 13:38:22 | 000,002,084 | ---- | M] () -- \RECYCLER\S-1-5-21-1220945662-2000478354-1644491937-1004\Dc690\GreyBox_v5_54\greybox\loader_frame.html
[2007.05.08 12:20:30 | 000,002,084 | ---- | M] () -- \RECYCLER\S-1-5-21-1220945662-2000478354-1644491937-1004\Dc690\GreyBox_v5_54\greybox_source\base\loader_frame.html
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2011.12.25 16:22:44 | 000,065,272 | ---- | M] () -- \WINDOWS\Prefetch\VCLOADER.EXE-28F97E31.pf
[2008.04.14 12:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 12:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *KMSEmulator* /s >

< *activator* /s >

< *serial* /s >
[2006.10.20 01:00:00 | 000,074,618 | ---- | M] () -- \Documents and Settings\Zucchi\Dokumenty\Electronica Circuit Wizard 1.05 full\New Folder\Samples\Advanced Circuits\Serial Link.cwz
[2011.11.06 21:01:55 | 000,000,363 | ---- | M] () -- \Documents and Settings\Zucchi\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fserialy.kinotip.cz%2Ffavicon.png
[2011.12.16 19:42:29 | 000,000,389 | ---- | M] () -- \Documents and Settings\Zucchi\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fwww.serial-online.cz%2Ffavicon.png
[2011.12.19 00:30:32 | 000,000,581 | ---- | M] () -- \Documents and Settings\Zucchi\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fwww.serialzone.cz%2Ffavicon.png
[2011.12.23 01:14:59 | 000,000,073 | ---- | M] () -- \Documents and Settings\Zucchi\Local Settings\Data aplikací\Opera\Opera\icons\serialy.kinotip.cz.idx
[2010.01.14 16:06:45 | 000,415,592 | ---- | M] () -- \Program Files\Microsoft Silverlight\3.0.40818.0\System.Runtime.Serialization.dll
[2010.05.17 22:14:38 | 000,010,752 | ---- | M] () -- \Program Files\PNGGauntlet\Brh.Updater.XmlSerializers.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.11.03 21:38:36 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.11.03 21:38:34 | 000,135,168 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.11.03 21:47:45 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.11.04 09:19:45 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.11.03 21:48:52 | 000,090,112 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2011.11.04 09:02:53 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.11.04 23:11:18 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.11.04 10:14:15 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
[2008.07.29 19:16:38 | 000,966,656 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\FL_System_Runtime_Serialization_dll_133675_____x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2011.11.03 21:48:05 | 000,966,656 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\FL_System_Runtime_Serialization_dll_133676_____x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2008.07.29 19:16:38 | 000,966,656 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\FL_System_Runtime_Serialization_dll_147207_____x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2007.02.17 06:24:42 | 000,135,168 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2003.04.07 19:24:52 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2008.09.10 17:46:28 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC33517\System.Runtime.Serialization.Formatters.Soap.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 12:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2008.04.14 12:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2008.04.14 12:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 12:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 12:00:00 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< *AutoRearm* /s >

< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s >
"SonyPowerCfg" = C:\Program Files\Sony\VAIO Power Management\SPMgr.exe -- [2006.03.09 20:58:00 | 000,217,088 | ---- | M] (Sony Corporation)
"LogonStudio" = "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM -- [2002.09.03 18:38:12 | 000,987,187 | ---- | M] (Stardock and Luca Saggese)
"Apoint" = C:\Program Files\DellTPad\Apoint.exe -- [2008.08.01 23:12:24 | 000,200,704 | ---- | M] (Alps Electric Co., Ltd.)
"egui" = "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice -- [2008.03.01 04:54:52 | 001,443,072 | ---- | M] (ESET)
"MSConfig" = C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto -- [2008.04.14 12:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation)
"Malwarebytes' Anti-Malware (reboot)" = "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript -- [2011.08.31 17:00:48 | 001,047,208 | ---- | M] (Malwarebytes Corporation)
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
"" =
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed" = 1
"" =
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed" = 1
"NoChange" = 1
"" =
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed" = 1
"" =

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)

< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.12.26 18:56:10 | 000,000,512 | ---- | M] () MD5=65C6A079A102D83EBC490F3FB2D1C1B7 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\Zobrazit plochu.scf:SummaryInformation

< End of report >

#11 Příspěvek od **Mc_Murphy** » 27 pro 2011 06:18

Tak takhle tedy ne! Proč jsi umazal položky z výsledného logu? Nebo to bylo přímo ve vstupním scriptu? Asi máš co skrývat, co?

Tímto tedy prozatím končím naši spolupráci a zde požádám moderátory o následné řešení a postih.

#12 Příspěvek od **vyosek** » 27 pro 2011 08:29

Zdravim a pekny den preji

I mne jako moderatora fora by zajimalo, co to ma znamenat?

825 · #13 Příspěvek od **825** » 27 pro 2011 11:15

proč bych něco mazal, zkopíroval jsem co mi vyjelo!!

#14 Příspěvek od **vyosek** » 27 pro 2011 11:30

No asi takto, vstupni log obsahoval prohledat mimo jine tyto polozky

%ALLUSERSPROFILE%\Desktop\*.*
*crack* /s
*keygen* /s
*loader* /s

A vystupni log obsahuje tyto polozky

< %ALLUSERSPROFILE%\Desktop\*.* >

< *loader* /s >

Takze tak jaksi chybi ty polozky *crack* a *keygen* - ze by chyba OTL ze je neprohledal, zrovna tyhle dve? Nebo vane vitr z najake jine strany

825 · #15 Příspěvek od **825** » 27 pro 2011 11:41

opravdu jsem s tím nic nedělal nevim co se s tím stalo, klidně to můžu udělat znova

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu