Prosím o kontrolu - 3 x úplně zamrznul

Zpráva

fimalil · #1 Příspěvek od **fimalil** » 09 črc 2012 10:08

Logfile of random's system information tool 1.09 (written by random/random)
Run by Akont at 2012-07-09 10:45:18
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 5 GB (7%) free of 71 GB
Total RAM: 2038 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:46:06, on 9.7.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\igfxsrvc.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\Akont\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\totalcmd\TOTALCMD.EXE
C:\Users\Akont\Desktop\Tisk-smazat\RSIT.exe
C:\Program Files\trend micro\Akont.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O8 - Extra context menu item: Capture Selection - C:\Program Files\SmarThru Office\WebCapture.dll2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save as HTML - C:\Program Files\SmarThru Office\WebCapture.dll1.htm
O8 - Extra context menu item: Save Selected Text - C:\Program Files\SmarThru Office\WebCapture.dll.htm
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Web Capture - C:\Program Files\SmarThru Office\WebCapture.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Web Capture - {7BDBFB9E-FD6E-43c2-937A-5C9F33FEBE5F} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: Web Capture - {7BDBFB9E-FD6E-43c2-937A-5C9F33FEBE5F} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra button: Capture Selection - {A36A58CC-70D5-4462-9C90-C0E9D244B230} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: Capture Selection - {A36A58CC-70D5-4462-9C90-C0E9D244B230} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra button: Save Selected Text - {A5183750-A927-4ec3-B027-C633A2D5418C} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: Save Selected Text - {A5183750-A927-4ec3-B027-C633A2D5418C} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra button: Save as HTML - {BDC4DF0E-D605-48d6-B4AF-CA5927A463EE} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: Save as HTML - {BDC4DF0E-D605-48d6-B4AF-CA5927A463EE} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: TgbIke Starter - TheGreenBow - C:\Windows\system32\TgbStarter.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12208 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Akont\AppData\Roaming\Mozilla\Firefox\Profiles\cic3vrq6.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, maps@ovi.com:4.0.12.11, xmlfiller@software602.cz:3.16.2, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42, pdfforge@mybrowserbar.com:1.1.2, searchsettings@spigot.com:1.2.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =302398&p="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.262 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox 4.0 Beta 7\extensions\
testpilot@labs.mozilla.com
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox 4.0 Beta 7\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins\
npdeployJava1.dll
npEModelPlugin.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nsEModelPlugin.xpt
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox 4.0 Beta 7\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Akont\AppData\Roaming\Mozilla\Firefox\Profiles\cic3vrq6.default\extensions\
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(21)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-06 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-04-25 299008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-06 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-04-25 151552]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-05-29 4472832]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-23 815104]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-04-25 457216]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-06-15 850704]
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]
"Skytel"=C:\Windows\Skytel.exe [2007-05-29 1826816]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-01-12 2219184]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
"NSU_agent"=C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]
""= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.WMV3"=wmv9vcm.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-07-09 10:45:18 ----D---- C:\rsit
2012-07-09 10:45:18 ----D---- C:\Program Files\trend micro
2012-07-02 13:47:47 ----D---- C:\Users\Akont\AppData\Roaming\pdfforge
2012-07-02 13:47:43 ----A---- C:\Windows\system32\MSMPIDE.DLL
2012-07-02 13:47:40 ----D---- C:\ProgramData\Premium
2012-07-02 13:47:38 ----D---- C:\ProgramData\InstallMate
2012-06-22 14:07:25 ----A---- C:\Windows\system32\wups2.dll
2012-06-22 14:07:25 ----A---- C:\Windows\system32\wucltux.dll
2012-06-22 14:07:25 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-22 14:07:25 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-22 14:06:58 ----A---- C:\Windows\system32\wups.dll
2012-06-22 14:06:58 ----A---- C:\Windows\system32\wudriver.dll
2012-06-22 14:06:58 ----A---- C:\Windows\system32\wuapi.dll
2012-06-22 14:06:46 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-22 14:06:46 ----A---- C:\Windows\system32\wuapp.exe
2012-06-14 14:54:34 ----A---- C:\Windows\system32\mshtmled.dll
2012-06-14 14:54:34 ----A---- C:\Windows\system32\iertutil.dll
2012-06-14 14:54:33 ----A---- C:\Windows\system32\ieUnatt.exe
2012-06-14 14:54:33 ----A---- C:\Windows\system32\ieui.dll
2012-06-14 14:54:32 ----A---- C:\Windows\system32\wininet.dll
2012-06-14 14:54:32 ----A---- C:\Windows\system32\url.dll
2012-06-14 14:54:31 ----A---- C:\Windows\system32\jsproxy.dll
2012-06-14 14:54:31 ----A---- C:\Windows\system32\jscript9.dll
2012-06-14 14:54:31 ----A---- C:\Windows\system32\jscript.dll
2012-06-14 14:54:30 ----A---- C:\Windows\system32\urlmon.dll
2012-06-14 14:54:29 ----A---- C:\Windows\system32\mshtml.dll
2012-06-14 14:54:28 ----A---- C:\Windows\system32\ieframe.dll
2012-06-14 09:05:04 ----A---- C:\Windows\system32\cryptsvc.dll
2012-06-14 09:05:04 ----A---- C:\Windows\system32\cryptnet.dll
2012-06-14 09:05:04 ----A---- C:\Windows\system32\crypt32.dll
2012-06-14 09:04:12 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-14 09:04:10 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2012-07-09 10:45:29 ----D---- C:\Windows\Prefetch
2012-07-09 10:45:22 ----D---- C:\Windows\Temp
2012-07-09 10:45:18 ----RD---- C:\Program Files
2012-07-09 10:25:58 ----D---- C:\Windows\inf
2012-07-09 10:25:58 ----AD---- C:\Windows\System32
2012-07-09 10:25:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-07-09 10:21:10 ----D---- C:\Windows\Minidump
2012-07-09 10:21:04 ----D---- C:\Windows
2012-07-02 20:32:37 ----D---- C:\Windows\Tasks
2012-07-02 20:25:34 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 7
2012-07-02 15:47:50 ----D---- C:\FINANAL
2012-07-02 14:10:52 ----D---- C:\ProgramData\firebird
2012-07-02 14:02:51 ----D---- C:\Windows\system32\Tasks
2012-07-02 14:02:51 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-07-02 14:00:10 ----D---- C:\Users\Akont\AppData\Roaming\602Installer
2012-07-02 13:47:59 ----D---- C:\Program Files\PDFCreator
2012-07-02 13:47:40 ----HD---- C:\ProgramData
2012-07-02 10:29:19 ----D---- C:\Stereo2012 v14
2012-07-02 08:20:17 ----SHD---- C:\System Volume Information
2012-06-28 12:50:34 ----D---- C:\Windows\system32\catroot2
2012-06-25 08:50:54 ----D---- C:\Ekon2010
2012-06-24 20:38:36 ----D---- C:\Windows\rescache
2012-06-23 19:54:50 ----D---- C:\Windows\system32\cs-CZ
2012-06-22 16:02:31 ----D---- C:\Windows\winsxs
2012-06-22 14:08:03 ----D---- C:\Windows\system32\catroot
2012-06-21 06:20:23 ----D---- C:\EKON2012
2012-06-20 20:26:38 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-06-15 11:43:11 ----RSD---- C:\Windows\assembly
2012-06-15 11:43:11 ----D---- C:\Windows\Microsoft.NET
2012-06-15 11:06:23 ----SHD---- C:\Windows\Installer
2012-06-15 11:06:23 ----HD---- C:\Config.Msi
2012-06-15 11:06:19 ----D---- C:\ProgramData\Microsoft Help
2012-06-15 06:51:42 ----A---- C:\Windows\system32\pdfcmon.dll
2012-06-14 15:06:25 ----D---- C:\Windows\system32\migration
2012-06-14 15:06:21 ----D---- C:\Program Files\Internet Explorer
2012-06-14 15:06:17 ----AD---- C:\Windows\system32\drivers
2012-06-14 14:59:33 ----A---- C:\Windows\system32\mrt.exe
2012-06-11 12:00:43 ----D---- C:\Ekon2006

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-07-12 305176]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2007-04-25 20776]
R0 PSDNServ;PSDNSERVER; C:\Windows\system32\drivers\PSDNServ.sys [2007-04-25 16680]
R0 psdvdisk;psdvdisk; C:\Windows\system32\drivers\psdvdisk.sys [2007-04-25 60712]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\Windows\system32\Drivers\eusk2par.sys [2006-12-13 30656]
R1 ndistgb;TheGreenBow NDIS filter driver; C:\Windows\system32\DRIVERS\ndistgb.sys [2010-07-12 25656]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2010-10-25 229208]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-12-21 134000]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-12-21 41336]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-03-02 76584]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-18 95744]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-11-15 5120]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-02-09 179712]
R3 Cam5607;Acer Crystal Eye webcam; C:\Windows\System32\Drivers\BisonC07.sys [2007-07-27 974248]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2007-06-15 21264]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-12-21 33120]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-22 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-22 207360]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-31 1780576]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-18 30720]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-07-13 6144]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-10 89088]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-05-02 27632]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-23 179896]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-12-12 25984]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-05-02 290816]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\Windows\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-22 659968]
S1 TgbHook;TgbHook; C:\Windows\System32\Drivers\vistahook.sys [2010-07-12 65080]
S1 TgbIpSec;TgbIpSec; C:\Windows\System32\Drivers\dfiltervpn.sys [2010-07-12 102840]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2006-06-12 41984]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-18 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-01-09 78128]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2007-01-09 80688]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-01-09 16560]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 esihdrv;esihdrv; \??\C:\Users\Akont\AppData\Local\Temp\esihdrv.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HPFXBULK;HPFXBULK; C:\Windows\system32\drivers\hpfxbulk.sys []
S3 HPFXFAX;HPFXFAX; C:\Windows\system32\drivers\hpfxfax.sys [2007-07-16 20504]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102912]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2012-01-09 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2012-01-09 8576]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-10-14 4422560]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 148992]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\Windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\Windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\Windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-10 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S3 WisINT15;WisINT15; \??\C:\Elements\1stboot\WisINT15.SYS []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2009-02-23 30312]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-04-25 457512]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2011-01-12 810144]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-04-23 24576]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-06-13 135168]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-07-03 53248]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-06-28 24576]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [2010-09-17 98304]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-07-12 354840]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-04-03 272024]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 TgbIke Starter;TgbIke Starter; C:\Windows\system32\TgbStarter.exe [2010-07-12 129592]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-30 1021256]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-06-13 167936]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [2010-09-17 3735552]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 33584]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-20 113120]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2009-12-12 36352]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2011-01-07 79360]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-09-29 435016]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 09 črc 2012 11:37

Zdravim a pekny den preji

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

fimalil · #3 Příspěvek od **fimalil** » 09 črc 2012 11:41

O.K. tady je.

info.txt logfile of random's system information tool 1.09 2012-07-09 10:46:11

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
32 Bit HP BiDi Channel Components Installer-->MsiExec.exe /I{9DE3F260-B88E-42CE-90E7-73C78C37D95E}
7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{DD1DED37-2486-4F56-8F89-56AA814003F5}\Setup.exe -runfromtemp -l0x0009 -removeonly
Acer Crystal Eye webcam-->Rundll32.exe BisonR07.dll,WinMainRmv
Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe -Operation UNINSTALL
Acer eLock Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x5 -removeonly
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x5 -removeonly
Acer eNet Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x5 -removeonly
Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x5 -removeonly
Acer ePresentation Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x9 -removeonly
Acer eSettings Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -l0x5 -removeonly
Acer GridVista-->C:\Windows\UnInst32.exe GridV.UNI
Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x9 -removeonly
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 11 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_262_Plugin.exe -maintain plugin
Adobe Reader X (10.1.3) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Adobe SVG Viewer 3.0-->C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Advanced IP Scanner-->MsiExec.exe /X{B0319FCD-559D-4335-ADB3-7B57C4D33DC2}
AeroFly Professional Deluxe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B3E5A90-1F6E-4FAF-B84F-C306C8A80809}\setup.exe" -l0x9
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
Alfa CD-->MsiExec.exe /X{6ADC89F1-39B9-4CFF-A2E3-DFF8DFD0D86D}
Any DWG to PDF Converter 2010-->"D:\Program Files\Any DWG to PDF Converter\unins000.exe"
Apple Application Support-->MsiExec.exe /I{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_3a2e1afb\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_d5bc047a\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Borland Database Engine 5.1.1.1-->"C:\Windows\unins000.exe"
Broadcom Driver v4.102.15.63_Foxconn Installation Program-->C:\Program Files\InstallShield Installation Information\{88410D8F-8529-492B-B556-2394A29B811B}\setup.exe -runfromtemp -l0x0009 -removeonly
Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}
Business Contact Manager pro aplikaci Outlook 2007 SP2-->"C:\Program Files\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe" /remove {432282b5-d708-431a-9ada-abbbbac3f205}
Business Contact Manager pro aplikaci Outlook 2007 SP2-->MsiExec.exe /X{432282B5-D708-431A-9ADA-ABBBBAC3F205}
Daně a Právo 2011-10-->"C:\Program Files\Daně a Právo\DaP_2011-10\unins000.exe"
Firebird 2.5.0.26074 (Win32)-->"C:\Program Files\Firebird\Firebird_2_5\unins000.exe"
FORM studio-->"C:\Program Files\KASTNER software\FORM studio CZ\unins000.exe"
Fotostar Offline client4-->"C:\Program Files\Fotostar\Fotostar Offline client4\uninstall.exe"
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\UIU32m.exe -U -Ic:\Release\Foxconn\51338\AcrZUn32z.inf
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
ICQ7.2-->"C:\Program Files\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Intel PROSet Wireless-->Intel PROSet Wireless
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Intel(R) Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
Java(TM) 6 Update 31-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216031FF}
K-Lite Mega Codec Pack 6.5.0-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Launch Manager-->C:\Windows\UnInst32.exe LManager.UNI
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A40405-6000-11D3-8CFE-0150048383C9}
Microsoft Office 2007 Primary Interop Assemblies-->MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B2-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{E7084B89-69E0-46B3-A118-8F99D06988CD}
Microsoft Virtual PC 2007-->MsiExec.exe /X{8A7CAA24-7B23-410B-A7C3-F994B0944160}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{6AFCA4E1-9B78-3640-8F72-A7BF33448200}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\wmv9vcm.inf, Uninstall
Microsoft_VC100_CRT_SP1_x86-->MsiExec.exe /I{E3B64CC5-C011-40C0-92BC-7316CD5E5688}
Mozilla Firefox 14.0 (x86 cs)-->C:\Program Files\Mozilla Firefox 4.0 Beta 7\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
MSI to redistribute MS VS2005 CRT libraries-->MsiExec.exe /I{A8D93648-9F7F-407D-915C-62044644C3DA}
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{A57025CC-5F2E-4D01-B387-06DB10500D43}
Nokia PC Suite-->C:\ProgramData\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_cze_web.exe
Nokia PC Suite-->MsiExec.exe /I{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}
Nokia Software Updater-->MsiExec.exe /X{7130468A-F53F-4698-8C09-A339EA3B05E6}
Nokia Suite-->C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer.exe
Nokia Suite-->MsiExec.exe /X{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}
NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly
NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1029 CDM7
NTI Shadow-->"C:\Program Files\InstallShield Installation Information\{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}\setup.exe" -removeonly
NTI Shadow-->C:\Program Files\InstallShield Installation Information\{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}\setup.exe -runfromtemp -l0x0405
O2-->"C:\Program Files\O2\O2CZ\Uninstall.exe"
OpenVPN 2.1.1-->C:\Program Files\OpenVPN\Uninstall.exe
P50110 - Elektronické výkaznictví ČSÚ 2.10-->"C:\epv32-csu\2010\P50110\unins000.exe"
Parrot Software Update Tool-->C:\Program Files\Parrot Software Update Tool\Uninstall.exe
PC Connectivity Solution-->MsiExec.exe /I{A2AA4204-C05A-4013-888A-AD153139297F}
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
PDP 2011.01-->"C:\Program Files\LEGIS\PDP2011\unins000.exe"
PosteRazor-->"C:\Program Files\PosteRazor\unins000.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{0E64B098-8018-4256-BA23-C316A43AD9B0}
Readiris Pro 10-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}\Setup.exe" -l0x9
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Samsung ML-2850 Series-->C:\Program Files\Samsung\Samsung ML-2850 Series\Install\Setup.exe /R
Samsung SCX-4x28 Series-->C:\Program Files\Samsung\Samsung SCX-4x28 Series\Install\Setup.exe /R
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9EC88EA8-4ABE-393C-87BD-90EABB1C4C9B} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition -->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition -->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {31C0F635-15AD-4AA3-A3C6-B542B403D0EE}
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition -->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {3069CE04-082C-4669-9BA1-E6AA66330C1F}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {ABB5F56F-FC55-4C7E-9622-B8A1E670BAFC}
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition -->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {B4C12F08-B0EF-4CC4-AD5F-381DD62BF640}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition -->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {075C2272-0881-46D3-B3A5-1D83D6940270}
SmarThru Office PC Fax-->C:\Windows\prinst.exe /m"Samsung" /u"SmarThru Office PC Fax"
SmarThru Office-->C:\Program Files\InstallShield Installation Information\{9BC1E722-AE07-46A3-B7A6-556DBE18E22A}\Setup.exe -runfromtemp -l0x0009 uninstall -l0009 -removeonly
Software602 Form Filler-->MsiExec.exe /X{FA37AF66-D12A-4BC7-B1DE-3D50C05A4EDB}
Software602 Print2PDF-->C:\Program Files\InstallShield Installation Information\{32C74893-0243-4235-A6F3-201F0E5D2C03}\setup.exe -runfromtemp -l0x0005 REMOVE
SolidWorks eDrawings 2009-->MsiExec.exe /I{D096157B-9DF4-44FF-AF45-65B6F12304D5}
Součásti připojení sady Microsoft Office Small Business-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D}
Stereo 2012 - ekonomický software, v.14.1.1-->"C:\Stereo2012 v14\unins000.exe"
STORMWARE POHODA CZ Start-->C:\Program Files\InstallShield Installation Information\{CDD6032C-1657-4BE2-86E6-6E444552905E}\setup.exe -runfromtemp -l0x0005 -removeonly
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Program Files\InstallShield Installation Information\{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}\setup.exe -runfromtemp -l0x0409
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall
Účetní poradce-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BE1DE38-5B5D-433E-BB92-B055AD540530}\setup.exe" -l0x5 -removeonly
UNP411 - Elektronické výkaznictví ČSÚ 2.10-->"C:\epv32-csu\2011\UNP411\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D9961AC-7C99-36A2-9EF0-34678AED5384} /parameterfolder Client
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {B5B7C5DB-74C3-43E0-8413-0C6C1CA4DED0}
Vnitřní organizační předpisy pro nevýdělečné organizace 2.0Akom-->C:\pc-form\VNO20AKOM\uninstall.exe
Vnitřní organizační předpisy pro nevýdělečné organizace 2.0kom-->C:\pc-form\VNO20KOM\uninstall.exe
WIDCOMM Bluetooth Software 6.0.1.3900-->MsiExec.exe /X{88637F72-B46E-43F9-B306-6DA1FF478D51}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ZyWALL IPSec VPN Client-->C:\Program Files\ZyXEL\ZyWALL IPSec VPN Client\vpn_client_uninstall.exe

======Security center information======

AS: Windows Defender (outdated)

======System event log======

Computer Name: Fiala
Event Code: 7036
Message: Stav služby Prohledávání počítačů byl změněn na: Spuštěno
Record Number: 143344
Source Name: Service Control Manager
Time Written: 20111006055203.000000-000
Event Type: Informace
User:

Computer Name: Fiala
Event Code: 7036
Message: Stav služby Server byl změněn na: Spuštěno
Record Number: 143343
Source Name: Service Control Manager
Time Written: 20111006055203.000000-000
Event Type: Informace
User:

Computer Name: Fiala
Event Code: 7036
Message: Stav služby Pracovní stanice byl změněn na: Spuštěno
Record Number: 143342
Source Name: Service Control Manager
Time Written: 20111006055203.000000-000
Event Type: Informace
User:

Computer Name: Fiala
Event Code: 7036
Message: Stav služby Brána firewall systému Windows byl změněn na: Spuštěno
Record Number: 143341
Source Name: Service Control Manager
Time Written: 20111006055203.000000-000
Event Type: Informace
User:

Computer Name: Fiala
Event Code: 7036
Message: Stav služby Služba BFE byl změněn na: Spuštěno
Record Number: 143340
Source Name: Service Control Manager
Time Written: 20111006055203.000000-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: Fiala
Event Code: 1
Message: Nokia M Platform 2.6.221 (NLib 0.8.661)

Nokia M Data Store opened at location "c:\users\akont\appdata\local\nokia\nokiad~1\DataBase\MDataStore.db3"

Record Number: 18377
Source Name: Nokia M Platform
Time Written: 20101021071118.000000-000
Event Type: Informace
User:

Computer Name: Fiala
Event Code: 1
Message: Nokia M Platform 2.6.221 (NLib 0.8.661)

Nokia M Data Store opened at location "c:\users\akont\appdata\local\nokia\nokiad~1\DataBase\MDataStore.db3"

Record Number: 18376
Source Name: Nokia M Platform
Time Written: 20101021071117.000000-000
Event Type: Informace
User:

Computer Name: Fiala
Event Code: 1
Message: Nokia M Platform 2.6.221 (NLib 0.8.661)

NokiaMServer: Started
Record Number: 18375
Source Name: Nokia M Platform
Time Written: 20101021071056.000000-000
Event Type: Informace
User:

Computer Name: Fiala
Event Code: 251
Message:
Record Number: 18374
Source Name: FirebirdGuardianDefaultInstance
Time Written: 20101021071055.000000-000
Event Type: Informace
User:

Computer Name: Fiala
Event Code: 7500
Message: Řadič Intel RAID: Neznámý řadič
Počet portů Serial ATA: 3

Verze RAID option ROM: Neznámý
Verze ovladače: 7.6.0.1011
Verze modulu plug-in RAID: 7.6.0.1011
Verze zdroje jazyka modulu plug-in RAID: Soubor nebyl nalezen
Verze Průvodce vytvořením svazku: 7.6.0.1011
Verze zdroje jazyka Průvodce vytvořením svazku: Soubor nebyl nalezen
Verze Průvodce vytvořením svazku ze stávajícího pevného disku: 7.6.0.1011
Verze zdroje jazyka Průvodce vytvořením svazku ze stávajícího pevného disku: Soubor nebyl nalezen
Verze Průvodce úpravy svazku: 7.6.0.1011
Verze zdroje jazyka Průvodce úpravy svazku: Soubor nebyl nalezen
Verze Průvodce odstraněním svazku: 7.6.0.1011
Verze zdroje jazyka Průvodce odstraněním svazku: Soubor nebyl nalezen
Verze knihovny ISDI: 7.6.0.1011
Verze nástroje pro upozorňování uživatele Monitor události: 7.6.0.1011
Verze zdroje jazyka nástroje pro upozorňování uživatele Monitor události: Soubor nebyl nalezen
Verze Monitoru události: 7.6.0.1011

Pevný disk 0
Použití: Neznámé použití pevného disku
Stav: Normální
Port zařízení : 0
Umístění portu zařízení: Interní
Aktuální režim přenosu Serial ATA: Generace 1
Model: Hitachi HTS541616J9SA00
Sériové číslo: SB3404GRGXMJ2S
Firmware: SB4OC70P
Podpora fronty příkazů (Native Command Queuing): Ano
Systémový pevný disk: Ano
Velikost: 149 GB
Fyzická velikost sektoru : 512 bajtů
Logická velikost sektoru : 512 bajtů

Nepoužitý port 0
Port zařízení : 1
Umístění portu zařízení: Interní

Nepoužitý port 1
Port zařízení : 2
Umístění portu zařízení: Interní

Record Number: 18373
Source Name: IAANTmon
Time Written: 20101021071054.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Fiala
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: FIALA$
Doména účtu: DDSOFT
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Účet, jehož pověření bylo použito:
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Cílový server:
Název cílového serveru: localhost
Další informace: localhost

Informace o procesu:
ID procesu: 0x2d8
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Síťová adresa: -
Port: -

Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 58948
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110605185632.463600-000
Event Type: Úspěch auditu
User:

Computer Name: Fiala
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 58947
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110605185421.828200-000
Event Type: Úspěch auditu
User:

Computer Name: Fiala
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: FIALA$
Doména účtu: DDSOFT
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x2d8
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 58946
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110605185421.828200-000
Event Type: Úspěch auditu
User:

Computer Name: Fiala
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: FIALA$
Doména účtu: DDSOFT
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Účet, jehož pověření bylo použito:
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Cílový server:
Název cílového serveru: localhost
Další informace: localhost

Informace o procesu:
ID procesu: 0x2d8
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Síťová adresa: -
Port: -

Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 58945
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110605185421.828200-000
Event Type: Úspěch auditu
User:

Computer Name: Fiala
Event Code: 5032
Message: Bráně Windows Firewall se nepodařilo oznámit uživateli, že zabránila aplikaci přijímat příchozí připojení v síti.

Kód chyby: 2
Record Number: 58944
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110605185313.266200-000
Event Type: Selhání auditu
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\Intel\WiFi\bin\;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=0f0a
"NUMBER_OF_PROCESSORS"=2
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

#4 Příspěvek od **vyosek** » 09 črc 2012 11:46

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

fimalil · #5 Příspěvek od **fimalil** » 09 črc 2012 18:58

OTL stále nelze stáhnout - zaneprázdněný server? Máte nějaký jiný nápad?

#6 Příspěvek od **vyosek** » 09 črc 2012 19:00

Stahnete jej odsud http://vyosek.ic.cz/pro_usery/OTL.exe

fimalil · #7 Příspěvek od **fimalil** » 09 črc 2012 19:58

Pustil jsem skenování 2x a vždy modrá smrt, tak nevím.

#8 Příspěvek od **vyosek** » 09 črc 2012 20:27

Zkuste opakovat v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti)

fimalil · #9 Příspěvek od **fimalil** » 09 črc 2012 21:56

Konečně se podařilo

fimalil · #10 Příspěvek od **fimalil** » 09 črc 2012 21:57

2. soubor

#11 Příspěvek od **vyosek** » 09 črc 2012 22:00

Logy mi sem prosim vlozte - lepe se lusti - klidne je rozdelte do vice prispevku

fimalil · #12 Příspěvek od **fimalil** » 10 črc 2012 05:30

OTL logfile created on: 9.7.2012 22:24:28 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Akont\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 1,55 Gb Available Physical Memory | 77,81% Memory free
4,21 Gb Paging File | 3,92 Gb Available in Paging File | 93,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,65 Gb Total Space | 6,74 Gb Free Space | 9,67% Space Free | Partition Type: NTFS
Drive D: | 69,64 Gb Total Space | 34,26 Gb Free Space | 49,20% Space Free | Partition Type: NTFS

Computer Name: FIALA | User Name: Akont | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.07.09 20:05:30 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Akont\Desktop\OTL.exe
PRC - [2010.07.07 07:55:10 | 003,687,736 | ---- | M] (Ghisler Software GmbH) -- C:\totalcmd\TOTALCMD.EXE
PRC - [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

========== Modules (No Company Name) ==========

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (LiveUpdate Notice Ex)
SRV - File not found [Auto | Stopped] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (CLTNetCnService)
SRV - [2012.06.20 07:46:51 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.01.04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.10 14:55:04 | 000,085,344 | ---- | M] (Software602 a.s.) [Auto | Stopped] -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2011.01.12 17:44:02 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2011.01.12 17:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Stopped] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2011.01.07 14:16:25 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2010.09.29 11:02:57 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.09.17 12:14:50 | 000,098,304 | ---- | M] (Firebird Project) [Auto | Stopped] -- C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2010.09.17 12:14:42 | 003,735,552 | ---- | M] (Firebird Project) [On_Demand | Stopped] -- C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2010.07.12 15:09:18 | 000,129,592 | ---- | M] (TheGreenBow) [Auto | Stopped] -- C:\Windows\System32\TgbStarter.exe -- (TgbIke Starter)
SRV - [2009.12.12 01:47:44 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2009.10.30 15:05:48 | 001,021,256 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009.10.30 15:01:00 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.02.23 13:11:10 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008.10.16 17:26:20 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.10.16 16:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.01.29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008.01.18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.07.12 16:36:12 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007.07.03 10:40:10 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Stopped] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007.06.28 18:50:52 | 000,024,576 | ---- | M] () [Auto | Stopped] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007.06.13 16:54:36 | 000,135,168 | R--- | M] (Acer Inc.) [Auto | Stopped] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2007.06.13 11:23:54 | 000,167,936 | ---- | M] (acer) [Auto | Stopped] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2007.04.25 16:34:30 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Stopped] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007.04.23 09:53:48 | 000,024,576 | ---- | M] (Acer Inc.) [Auto | Stopped] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2006.11.24 12:57:54 | 000,107,008 | ---- | M] () [Auto | Stopped] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Elements\1stboot\WisINT15.SYS -- (WisINT15)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\hpfxbulk.sys -- (HPFXBULK)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Akont\AppData\Local\Temp\esihdrv.sys -- (esihdrv)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.01.09 18:28:20 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2012.01.09 18:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 18:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 18:28:20 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2012.01.09 18:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 18:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.12.21 16:04:06 | 000,137,144 | ---- | M] (ESET) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010.12.21 16:04:06 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.12.21 14:47:38 | 000,134,000 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2010.12.21 14:47:38 | 000,041,336 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2010.12.21 14:47:38 | 000,033,120 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010.10.25 07:42:18 | 000,229,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\VMM.sys -- (vmm)
DRV - [2010.07.12 15:09:16 | 000,065,080 | ---- | M] (TheGreenBow) [Kernel | System | Unknown] -- C:\Windows\System32\drivers\vistahook.sys -- (TgbHook)
DRV - [2010.07.12 15:09:10 | 000,025,656 | ---- | M] (TheGreenBow) [Kernel | System | Running] -- C:\Windows\System32\drivers\ndistgb.sys -- (ndistgb)
DRV - [2010.07.12 15:09:02 | 000,102,840 | ---- | M] (TheGreenBow) [Kernel | System | Unknown] -- C:\Windows\System32\drivers\DfilterVPN.sys -- (TgbIpSec)
DRV - [2010.05.02 19:43:40 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2009.12.15 14:05:42 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.12.15 14:05:42 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.12.15 14:05:42 | 000,023,424 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2009.12.12 01:48:04 | 000,025,984 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2009.10.14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2008.11.17 07:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.10.21 09:22:48 | 000,114,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008.10.21 09:22:48 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017unic.sys -- (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM)
DRV - [2008.10.21 09:22:48 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mgmt.sys -- (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM)
DRV - [2008.10.21 09:22:48 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008.10.21 09:22:48 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017bus.sys -- (s0017bus) Sony Ericsson Device 0017 driver (WDM)
DRV - [2008.10.21 09:22:48 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017nd5.sys -- (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS)
DRV - [2008.10.21 09:22:48 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.11.15 07:26:10 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2007.09.26 13:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Ovladač adaptéru Intel(R)
DRV - [2007.07.27 10:25:46 | 000,974,248 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BisonC07.sys -- (Cam5607)
DRV - [2007.07.16 23:29:43 | 000,020,504 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hpfxfax.sys -- (HPFXFAX)
DRV - [2007.05.02 13:52:00 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2007.03.02 18:19:34 | 000,076,584 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2007.01.29 06:20:34 | 000,059,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2006.12.13 12:10:20 | 000,030,656 | ---- | M] (Eutron) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\eusk2par.sys -- (eusk2par)
DRV - [2006.11.29 02:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006.11.02 16:51:58 | 000,013,560 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Stopped] -- C:\Program Files\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4c74-92FE-5B863F82066B})
DRV - [2006.11.02 09:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006.11.02 09:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006.10.14 05:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2006.09.19 16:47:04 | 000,080,744 | ---- | M] (Wasay) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD)
DRV - [2006.06.12 03:06:28 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searc ... 8&fr=b1ie7
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\SearchScopes,DefaultScope = {2B9BABA8-CEC1-43AF-99DE-41B6A4241C0F}
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\SearchScopes\{0b7012fe-552f-488a-84bc-e1b9e11a1afe}: "URL" = http://www.firmy.cz/phr/{searchTerms}?sourceid=IE_5
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\SearchScopes\{2B9BABA8-CEC1-43AF-99DE-41B6A4241C0F}: "URL" = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... &ch_id=osd
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\SearchScopes\{80C92A96-8E5B-4138-B083-45CE60794B03}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\SearchScopes\{be4185cd-38d2-47fc-a1f6-386fdf4211f2}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... rceid=IE_5
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\SearchScopes\{f28ffb00-c518-4cd7-917a-177cce77e455}: "URL" = http://www.mapy.cz/?query={searchTerms}&sourceid=IE_5
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 7\components [2012.06.20 07:46:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins [2012.05.21 10:28:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011.12.05 13:05:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012.03.02 13:55:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 7\components [2012.06.20 07:46:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins [2012.05.21 10:28:48 | 000,000,000 | ---D | M]

[2010.04.16 08:10:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Akont\AppData\Roaming\Mozilla\Extensions
[2010.04.19 13:13:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Akont\AppData\Roaming\Mozilla\Firefox\Profile_\j2jl8v5q.default\extensions
[2010.04.19 13:13:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Akont\AppData\Roaming\Mozilla\Firefox\Profile_\j2jl8v5q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.05.02 15:22:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Akont\AppData\Roaming\Mozilla\Firefox\Profiles\cic3vrq6.default\extensions
[2010.11.09 16:02:17 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Akont\AppData\Roaming\Mozilla\Firefox\Profiles\cic3vrq6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(21)
[2011.06.20 08:49:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.06.11 12:14:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.04.27 07:34:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\pdfforge@mybrowserbar.com
[2011.04.27 07:34:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\searchsettings@spigot.com
[2011.04.27 07:34:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\xmlfiller@software602.cz
File not found (No name found) -- C:\USERS\AKONT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J2JL8V5Q.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
[2010.06.11 12:14:12 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NSU_agent] C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003..\Run: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: Capture Selection - C:\Program Files\SmarThru Office\WEBCapture.dll2.htm ()
O8 - Extra context menu item: Save as HTML - C:\Program Files\SmarThru Office\WEBCapture.dll1.htm ()
O8 - Extra context menu item: Save Selected Text - C:\Program Files\SmarThru Office\WEBCapture.dll.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Web Capture - C:\Program Files\SmarThru Office\WebCapture.dll (Samsung Electronics Co., Ltd.)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O15 - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..Trusted Domains: mojebanka.cz ([]https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..Trusted Domains: postsignum.cz ([www] https in Důvěryhodné servery)
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0 (Active602XMLFiller Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 84.16.105.1 84.16.96.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F9CB416-178D-4C49-B188-7B742C4EA476}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E512AA1D-B069-4AF3-9E52-7615B22C0D28}: DhcpNameServer = 84.16.105.1 84.16.96.2
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Akont\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Akont\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.03.08 21:21:33 | 000,000,000 | ---D | M] - D:\Autoruns -- [ NTFS ]
O33 - MountPoints2\{8f192e05-62e8-11e1-bdc0-000000000000}\Shell - "" = AutoRun
O33 - MountPoints2\{8f192e05-62e8-11e1-bdc0-000000000000}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b48c5b72-5a2d-11e0-a2e9-000000000000}\Shell - "" = AutoRun
O33 - MountPoints2\{b48c5b72-5a2d-11e0-a2e9-000000000000}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{be937ee4-5069-11e0-b9d7-0016d3ea307c}\Shell - "" = AutoRun
O33 - MountPoints2\{be937ee4-5069-11e0-b9d7-0016d3ea307c}\Shell\AutoRun\command - "" = F:\NokiaPCIA_Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Error creating restore point.

NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.WMV3 - C:\Windows\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.07.09 20:05:30 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Akont\Desktop\OTL.exe
[2012.07.09 10:45:18 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.07.09 10:45:18 | 000,000,000 | ---D | C] -- C:\rsit
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.07.09 22:26:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.07.09 22:21:22 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2012.07.09 22:20:16 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.09 22:20:16 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.09 22:20:15 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.07.09 20:43:22 | 231,885,199 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.07.09 20:05:30 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Akont\Desktop\OTL.exe
[2012.07.09 19:47:53 | 000,659,398 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.07.09 19:47:53 | 000,646,572 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.09 19:47:53 | 000,137,836 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.07.09 19:47:53 | 000,123,400 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.09 08:27:42 | 000,001,768 | -H-- | M] () -- C:\Users\Akont\Documents\Default.rdp
[2012.07.09 07:32:05 | 000,002,589 | ---- | M] () -- C:\Users\Akont\Desktop\Microsoft Office Excel 2007.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.07.09 22:26:14 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.04.25 07:41:42 | 008,446,532 | ---- | C] () -- C:\ProgramData\SamPCFax000017DC0000
[2011.08.02 13:17:34 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011.04.15 07:11:20 | 000,080,384 | ---- | C] () -- C:\Windows\smgrinst.exe
[2011.04.15 07:08:46 | 000,159,400 | R--- | C] () -- C:\Windows\System32\sskinst.exe
[2011.04.15 07:08:46 | 000,040,616 | R--- | C] () -- C:\Windows\System32\SvcMan.exe
[2011.04.15 07:08:07 | 000,000,124 | ---- | C] () -- C:\Windows\Readiris.ini
[2011.04.15 07:08:01 | 000,023,040 | ---- | C] () -- C:\Windows\System32\irisco32.dll
[2011.04.15 07:06:29 | 000,950,585 | ---- | C] () -- C:\Windows\System32\libiconv-2.dll
[2011.04.15 07:04:17 | 000,113,768 | R--- | C] () -- C:\Windows\Wiainst.exe
[2011.04.15 07:02:27 | 000,270,336 | ---- | C] () -- C:\Windows\System32\SaMinDrv.dll
[2011.04.15 07:02:27 | 000,106,496 | ---- | C] () -- C:\Windows\System32\SaImgFlt.dll
[2011.04.15 07:02:27 | 000,090,112 | ---- | C] () -- C:\Windows\System32\SaSegFlt.dll
[2011.04.15 07:02:27 | 000,061,440 | ---- | C] () -- C:\Windows\System32\SaErHdlr.dll
[2011.04.15 07:02:16 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sss2ml3.dll
[2011.02.07 12:01:57 | 000,000,285 | ---- | C] () -- C:\Windows\ParrotFlashWiz.INI
[2011.01.27 14:06:29 | 000,016,384 | ---- | C] () -- C:\Windows\System32\FileOps.exe
[2011.01.19 22:15:05 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2011.01.19 22:14:13 | 000,006,211 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011.01.19 21:58:31 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011.01.19 21:58:31 | 000,000,008 | RHS- | C] () -- C:\ProgramData\E4727DE89F.sys
[2011.01.12 10:31:23 | 000,000,608 | -HS- | C] () -- C:\Windows\System32\winzvprt5.sys
[2011.01.12 10:17:46 | 000,000,665 | ---- | C] () -- C:\Windows\System32\hppapr12.dat
[2011.01.07 14:16:31 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2011.01.07 12:17:44 | 000,260,531 | ---- | C] () -- C:\Windows\pdfcvt.dat
[2010.11.03 12:30:47 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.11.03 12:30:46 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.11.03 12:30:44 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.11.03 12:30:44 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.11.03 12:30:43 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.09.09 12:41:10 | 000,015,872 | ---- | C] () -- C:\Users\Akont\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2012.07.02 14:00:10 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\602Installer
[2011.11.25 15:00:39 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\602XML
[2010.12.21 13:48:05 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\CasaPortale.de
[2011.01.07 14:17:21 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\DassaultSystemes
[2011.01.07 14:18:40 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\EDrawings
[2010.04.14 14:40:52 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\ESET
[2010.11.10 14:25:55 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\GHISLER
[2010.05.12 09:37:09 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\HK-Software
[2010.12.17 13:37:37 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\ICQ
[2010.05.03 09:51:14 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Kastner software
[2010.10.04 20:54:07 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Luxand
[2011.01.19 22:15:42 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\MAGIX
[2012.04.03 10:20:51 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Nokia
[2012.04.03 10:20:53 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Nokia Suite
[2012.01.25 12:27:17 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\PC Suite
[2012.07.02 13:47:47 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\pdfforge
[2011.04.15 07:08:34 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Samsung
[2012.05.10 13:51:05 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Softbit
[2011.07.11 14:28:16 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Software602
[2012.01.27 14:36:27 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\TeamViewer
[2012.02.29 17:24:12 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Telefónica Móviles
[2010.09.29 11:02:34 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\TuneUp Software
[2012.07.09 22:20:16 | 000,032,634 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2007.07.13 08:26:04 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_5a9555b4\atapi.sys
[2007.07.13 08:26:04 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20509_none_dbe4850d3d78c736\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.10 23:27:22 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.10 23:27:22 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.18 23:33:02 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.18 21:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.18 21:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.10 21:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.10 21:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.10 21:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.18 23:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.10 23:32:48 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: SCECLI.DLL >
[2008.01.18 23:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.04.10 23:33:04 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011.09.20 23:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2012.03.30 14:39:11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\System32\drivers\tcpip.sys
[2012.03.30 14:39:11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011.09.20 23:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2012.03.30 14:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) MD5=EE7E10BED85C312C1D5D30C435BDDA9F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[2008.01.18 23:43:40 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.18 23:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.18 23:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.18 23:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[14 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\msdownld.tmp\*.tmp files -> C:\Windows\msdownld.tmp\*.tmp -> ]
[1 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\1727f0ffea780768b76fd686a809ad9f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\1727f0ffea780768b76fd686a809ad9f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\181f20742d7a06495060916ec54125e6\*.tmp files -> C:\Windows\SoftwareDistribution\Download\181f20742d7a06495060916ec54125e6\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\1ecc753fb1ed944ab45636492f8173eb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\1ecc753fb1ed944ab45636492f8173eb\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\231f7a330f072d04f541b40dc2078c0c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\231f7a330f072d04f541b40dc2078c0c\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\3a3c74d73fdbc28ebbad89f7048497bb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3a3c74d73fdbc28ebbad89f7048497bb\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\5355974adafe7391f2ee89ef92bcc471\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5355974adafe7391f2ee89ef92bcc471\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\55e9356415814f0b786a143ad0facd7e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\55e9356415814f0b786a143ad0facd7e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5d9583445c1c8210da5211a78d5f1be6\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5d9583445c1c8210da5211a78d5f1be6\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\60320e1ac6a2029bdd1c27c55030226a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\60320e1ac6a2029bdd1c27c55030226a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6e8165c77499b300a31ff75a33808d34\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6e8165c77499b300a31ff75a33808d34\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6ea446189eb7b4a6a327f0701a421fd0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6ea446189eb7b4a6a327f0701a421fd0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\8f58d29a01652bb3bd3f83a410837dac\*.tmp files -> C:\Windows\SoftwareDistribution\Download\8f58d29a01652bb3bd3f83a410837dac\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\9064aeb183e12468f105e099436d1375\*.tmp files -> C:\Windows\SoftwareDistribution\Download\9064aeb183e12468f105e099436d1375\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a099f3ff1c537d94194d004d586db2ce\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a099f3ff1c537d94194d004d586db2ce\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b4c54016d4414f2a21516ca6a85284c7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b4c54016d4414f2a21516ca6a85284c7\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b4c69ff8f33fa7dd5264c611efa9e416\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b4c69ff8f33fa7dd5264c611efa9e416\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b99c9487e560d056608f825289004ed6\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b99c9487e560d056608f825289004ed6\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b9a4e9287eda20c85333ebb1d02dc49d\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b9a4e9287eda20c85333ebb1d02dc49d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c6b31f935833d8e8ceb4420c430dd604\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c6b31f935833d8e8ceb4420c430dd604\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\e175a207b2f59ee08299c313280e5245\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e175a207b2f59ee08299c313280e5245\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\e30066282086287e109376cf8f479343\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e30066282086287e109376cf8f479343\*.tmp -> ]
[2 C:\Windows\System32\spool\PRINTERS\*.tmp files -> C:\Windows\System32\spool\PRINTERS\*.tmp -> ]
[29 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.07.02 14:00:10 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\602Installer
[2011.11.25 15:00:39 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\602XML
[2012.01.27 17:31:00 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Adobe
[2012.03.12 13:13:01 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Apple Computer
[2010.12.21 13:48:05 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\CasaPortale.de
[2011.01.19 21:58:35 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Corel
[2010.09.29 13:42:33 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\CyberLink
[2011.01.07 14:17:21 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\DassaultSystemes
[2011.01.07 14:18:40 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\EDrawings
[2010.04.14 14:40:52 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\ESET
[2010.11.10 14:25:55 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\GHISLER
[2010.11.02 09:26:05 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Help
[2010.05.12 09:37:09 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\HK-Software
[2010.12.17 13:37:37 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\ICQ
[2007.10.01 08:20:24 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Identities
[2007.10.01 08:22:51 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\InstallShield
[2010.06.22 14:01:55 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Intel
[2010.05.03 09:51:14 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Kastner software
[2010.10.04 20:54:07 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Luxand
[2007.10.01 08:21:50 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Macromedia
[2011.01.19 22:15:42 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\MAGIX
[2010.12.15 10:51:33 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Media Player Classic
[2012.01.27 17:31:00 | 000,000,000 | --SD | M] -- C:\Users\Akont\AppData\Roaming\Microsoft
[2010.04.16 08:10:56 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Mozilla
[2012.04.03 10:20:51 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Nokia
[2012.04.03 10:20:53 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Nokia Suite
[2012.01.25 12:27:17 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\PC Suite
[2012.07.02 13:47:47 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\pdfforge
[2011.04.15 07:08:34 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Samsung
[2012.05.10 13:51:05 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Softbit
[2011.07.11 14:28:16 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Software602
[2012.01.27 14:36:27 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\TeamViewer
[2012.02.29 17:24:12 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\Telefónica Móviles
[2010.09.29 11:02:34 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\TuneUp Software
[2010.06.18 10:47:56 | 000,000,000 | ---D | M] -- C:\Users\Akont\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2010.09.03 16:20:40 | 022,923,264 | ---- | M] (KASTNER software s.r.o.) -- C:\Users\Akont\AppData\Roaming\Kastner software\Form Studio\Backup\Prgm\FORMasistent.exe
[2011.04.28 17:17:18 | 025,788,416 | ---- | M] (KASTNER software s.r.o.) -- C:\Users\Akont\AppData\Roaming\Kastner software\Form Studio\Backup\Prgm\FORMstudio.exe
[2010.09.03 16:26:10 | 003,521,024 | ---- | M] (KASTNER software s.r.o.) -- C:\Users\Akont\AppData\Roaming\Kastner software\Form Studio\Backup\Prgm\FSUpdate.exe
[2010.04.14 21:55:18 | 001,188,437 | ---- | M] () -- C:\Users\Akont\AppData\Roaming\Kastner software\Form Studio\Backup\Prgm\unins000.exe
[2009.11.06 12:17:52 | 003,965,440 | ---- | M] (Kastner software s.r.o.) -- C:\Users\Akont\AppData\Roaming\Kastner software\Form Studio\Backup\Prgm\Upgrade.exe
[2010.06.24 15:48:20 | 024,757,248 | ---- | M] (KASTNER software s.r.o.) -- C:\Users\Akont\AppData\Roaming\Kastner software\Form Studio\Backup\Prgs\FORMasistent.exe
[2010.06.24 15:49:50 | 033,097,728 | ---- | M] (KASTNER software s.r.o.) -- C:\Users\Akont\AppData\Roaming\Kastner software\Form Studio\Backup\Prgs\FORMstudio.exe
[2009.12.16 15:06:30 | 003,479,040 | ---- | M] (KASTNER software s.r.o.) -- C:\Users\Akont\AppData\Roaming\Kastner software\Form Studio\Backup\Prgs\FSUpdate.exe
[2010.04.14 21:55:18 | 001,188,437 | ---- | M] () -- C:\Users\Akont\AppData\Roaming\Kastner software\Form Studio\Backup\Prgs\unins000.exe
[2009.11.06 12:17:52 | 003,965,440 | ---- | M] (Kastner software s.r.o.) -- C:\Users\Akont\AppData\Roaming\Kastner software\Form Studio\Backup\Prgs\Upgrade.exe
[2010.06.22 21:52:38 | 069,214,784 | ---- | M] () -- C:\Users\Akont\AppData\Roaming\Nokia\Ovi Suite\Software Updater\NokiaOviSuite2Installer.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.07.09 22:20:16 | 000,003,296 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.09 22:20:16 | 000,003,296 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.09 19:47:53 | 000,137,836 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.07.09 19:47:53 | 000,123,400 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.07.09 19:47:53 | 000,659,398 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.07.09 19:47:53 | 000,646,572 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.07.09 19:47:53 | 001,558,252 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"WMPNSCFG" = C:\Program Files\Windows Media Player\WMPNSCFG.exe -- [2008.01.18 23:33:40 | 000,202,240 | ---- | M] (Microsoft Corporation)
"" =

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.05.18 01:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=0129BB16161C2FD9A6B19111AB047198 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.07.09 22:26:14 | 000,000,512 | ---- | M] () MD5=5B4A6D111A645F94FA5FC3FD176F0F3C -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2007.04.25 16:33:36 | 000,457,216 | ---- | M] () -- \Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012.02.03 05:32:08 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2010.12.14 10:54:22 | 000,166,400 | ---- | M] () -- \Program Files\Fotostar\Fotostar Offline client4\CWImageLoader0.dll
[2010.12.15 11:13:20 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2010.12.15 11:13:20 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2010.12.15 11:13:20 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2010.12.15 11:13:20 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\MUICoreLib\xtraLoader.swf
[2010.12.15 11:13:30 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\icq_profile\preloader.html
[2010.12.15 11:13:31 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\profile_forms\preloader.html
[2010.12.15 11:13:32 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\profile_lightboxs\preloader.html
[2006.10.24 10:05:10 | 000,014,184 | ---- | M] () -- \Program Files\Microsoft Small Business\Small Business Loader\ILoader.dll
[2006.10.24 10:06:52 | 000,047,976 | ---- | M] () -- \Program Files\Microsoft Small Business\Small Business Loader\Loader.dll
[2005.10.14 02:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\90\Tools\Binn\SqlResourceLoader.dll
[2005.10.14 02:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SqlResourceLoader.dll
[2009.01.21 14:30:04 | 000,003,072 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2010.11.06 14:11:08 | 000,011,084 | ---- | M] () -- \Program Files\Parrot Software Update Tool\Data\mk6000\bootloader.bin
[2010.11.06 14:11:08 | 000,008,220 | ---- | M] () -- \Program Files\Parrot Software Update Tool\Data\mk6000\bootloader_jump.bin
[2010.11.06 14:11:06 | 000,006,884 | ---- | M] () -- \Program Files\Parrot Software Update Tool\Data\pmk5800\bootloader.bin
[2010.08.03 11:14:00 | 000,266,240 | ---- | M] () -- \Program Files\SmarThru Office\FTPUploader.dll
[2010.08.03 11:11:46 | 000,163,840 | ---- | M] () -- \Program Files\SmarThru Office\WebUploaderLib.dll
[2010.08.03 11:03:06 | 000,001,697 | ---- | M] () -- \Program Files\SmarThru Office\Dutch\SmarThruRes-FTPUploader.xml
[2010.08.03 11:03:10 | 000,000,201 | ---- | M] () -- \Program Files\SmarThru Office\Dutch\SmarThruRes-WebUploaderLib.xml
[2010.08.03 11:01:24 | 000,001,610 | ---- | M] () -- \Program Files\SmarThru Office\English\SmarThruRes-FTPUploader.xml
[2010.08.03 11:01:26 | 000,000,201 | ---- | M] () -- \Program Files\SmarThru Office\English\SmarThruRes-WebUploaderLib.xml
[2010.08.03 11:01:30 | 000,001,774 | ---- | M] () -- \Program Files\SmarThru Office\French\SmarThruRes-FTPUploader.xml
[2010.08.03 11:01:36 | 000,000,202 | ---- | M] () -- \Program Files\SmarThru Office\French\SmarThruRes-WebUploaderLib.xml
[2010.08.03 11:01:42 | 000,001,682 | ---- | M] () -- \Program Files\SmarThru Office\German\SmarThruRes-FTPUploader.xml
[2010.08.03 11:01:46 | 000,000,204 | ---- | M] () -- \Program Files\SmarThru Office\German\SmarThruRes-WebUploaderLib.xml
[2010.08.03 11:01:16 | 000,001,462 | ---- | M] () -- \Program Files\SmarThru Office\Chinese\SmarThruRes-FTPUploader.xml
[2010.08.03 11:01:20 | 000,000,188 | ---- | M] () -- \Program Files\SmarThru Office\Chinese\SmarThruRes-WebUploaderLib.xml
[2010.08.03 11:01:52 | 000,001,649 | ---- | M] () -- \Program Files\SmarThru Office\Italian\SmarThruRes-FTPUploader.xml
[2010.08.03 11:01:58 | 000,000,204 | ---- | M] () -- \Program Files\SmarThru Office\Italian\SmarThruRes-WebUploaderLib.xml
[2010.08.03 11:02:02 | 000,001,514 | ---- | M] () -- \Program Files\SmarThru Office\Korean\SmarThruRes-FTPUploader.xml
[2010.08.03 11:02:08 | 000,000,203 | ---- | M] () -- \Program Files\SmarThru Office\Korean\SmarThruRes-WebUploaderLib.xml
[2010.08.03 11:02:56 | 000,001,664 | ---- | M] () -- \Program Files\SmarThru Office\Polish\SmarThruRes-FTPUploader.xml
[2010.08.03 11:03:02 | 000,000,202 | ---- | M] () -- \Program Files\SmarThru Office\Polish\SmarThruRes-WebUploaderLib.xml
[2010.08.03 11:02:14 | 000,001,671 | ---- | M] () -- \Program Files\SmarThru Office\Portuguese (Brazilian)\SmarThruRes-FTPUploader.xml
[2010.08.03 11:02:20 | 000,000,204 | ---- | M] () -- \Program Files\SmarThru Office\Portuguese (Brazilian)\SmarThruRes-WebUploaderLib.xml
[2010.08.03 11:02:24 | 000,001,696 | ---- | M] () -- \Program Files\SmarThru Office\Portuguese\SmarThruRes-FTPUploader.xml
[2010.08.03 11:02:28 | 000,000,202 | ---- | M] () -- \Program Files\SmarThru Office\Portuguese\SmarThruRes-WebUploaderLib.xml
[2010.08.03 11:02:34 | 000,001,627 | ---- | M] () -- \Program Files\SmarThru Office\Russian\SmarThruRes-FTPUploader.xml
[2010.08.03 11:02:42 | 000,000,205 | ---- | M] () -- \Program Files\SmarThru Office\Russian\SmarThruRes-WebUploaderLib.xml
[2010.08.03 11:02:46 | 000,001,742 | ---- | M] () -- \Program Files\SmarThru Office\Spanish\SmarThruRes-FTPUploader.xml
[2010.08.03 11:02:52 | 000,000,203 | ---- | M] () -- \Program Files\SmarThru Office\Spanish\SmarThruRes-WebUploaderLib.xml
[2009.09.25 14:00:00 | 000,001,849 | ---- | M] () -- \Program Files\TuneUp Utilities 2010\data\TuneUpUtilities.gadget\images\loader.gif
[2009.09.25 14:00:00 | 000,001,849 | ---- | M] () -- \Program Files\Windows Sidebar\Shared Gadgets\TuneUpUtilities.gadget\images\loader.gif
[2010.02.10 18:10:14 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2011.01.27 14:06:27 | 000,001,988 | ---- | M] () -- \ProgramData\TuneUp Software\TuneUp Utilities\StartUp Manager\Vypnuté objekty pro všechny uživatele\Adobe Gamma Loader.lnk
[2012.01.27 17:13:36 | 000,007,900 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3MSV0IIS\bundleloader[1].js
[2012.07.02 12:04:30 | 000,053,980 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3MSV0IIS\HlStyleLoader[1].css
[2012.07.02 12:10:23 | 000,026,065 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3MSV0IIS\PageLoader[1].htm
[2012.07.02 12:10:42 | 000,018,345 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3MSV0IIS\PageLoader[2].htm
[2012.07.02 12:11:22 | 000,018,836 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3MSV0IIS\PageLoader[3].htm
[2012.07.02 12:15:59 | 000,018,648 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3MSV0IIS\PageLoader[4].htm
[2012.07.02 12:19:53 | 000,007,534 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3MSV0IIS\PageLoader[5].htm
[2010.12.15 11:15:34 | 000,002,931 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3MSV0IIS\preloader[1].swf
[2012.01.27 17:09:56 | 000,007,900 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OX0RFBH\bundleloader[1].js
[2012.01.27 17:13:38 | 000,000,723 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OX0RFBH\downloaderror[1].js
[2012.01.27 17:13:38 | 000,001,174 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OX0RFBH\downloader[1].js
[2012.06.25 07:36:27 | 000,053,980 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OX0RFBH\HlStyleLoader[1].css
[2012.07.02 12:10:17 | 000,053,980 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OX0RFBH\HlStyleLoader[2].css
[2012.07.02 12:10:38 | 000,018,503 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OX0RFBH\PageLoader[1].htm
[2012.07.02 12:10:49 | 000,018,511 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OX0RFBH\PageLoader[2].htm
[2012.01.27 17:16:10 | 000,007,900 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8XH7IWKD\bundleloader[1].js
[2012.01.27 17:09:57 | 000,000,723 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8XH7IWKD\downloaderror[1].js
[2012.01.27 17:09:57 | 000,001,174 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8XH7IWKD\downloader[1].js
[2012.06.25 07:37:35 | 000,005,315 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8XH7IWKD\PageLoader[1].htm
[2012.07.02 12:19:43 | 000,010,358 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8XH7IWKD\PageLoader[2].htm
[2012.01.27 17:06:06 | 000,007,900 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZREO6SM7\bundleloader[1].js
[2012.01.27 17:06:10 | 000,000,723 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZREO6SM7\downloaderror[1].js
[2012.01.27 17:16:12 | 000,000,723 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZREO6SM7\downloaderror[2].js
[2012.01.27 17:06:10 | 000,001,174 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZREO6SM7\downloader[1].js
[2012.01.27 17:16:12 | 000,001,174 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZREO6SM7\downloader[2].js
[2012.07.02 12:04:35 | 000,003,932 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZREO6SM7\PageLoader[1].htm
[2012.07.02 12:08:00 | 000,005,615 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZREO6SM7\PageLoader[2].htm
[2012.07.02 12:10:18 | 000,004,729 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZREO6SM7\PageLoader[3].htm
[2010.12.15 11:15:34 | 000,001,891 | ---- | M] () -- \Users\Akont\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZREO6SM7\preloader[1].js
[2010.04.06 13:57:08 | 028,864,824 | ---- | M] () -- \Users\Akont\Desktop\Stažené soubory\NokiaMaploaderSetup_ENU.exe
[2011.01.27 14:06:27 | 000,001,988 | ---- | M] () -- \Users\All Users\TuneUp Software\TuneUp Utilities\StartUp Manager\Vypnuté objekty pro všechny uživatele\Adobe Gamma Loader.lnk
[2007.07.13 09:12:55 | 000,014,184 | ---- | M] () -- \Windows\assembly\GAC_32\ILoader\2.0.5201.0__31bf3856ad364e35\ILoader.dll
[2007.07.13 09:12:55 | 000,047,976 | ---- | M] () -- \Windows\assembly\GAC_32\Loader\2.0.5201.0__31bf3856ad364e35\Loader.dll
[2012.05.09 10:12:03 | 000,021,504 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\ILoader\b5b40fd7f47d6f32b48d1d3c5c21f46d\ILoader.ni.dll
[2011.09.01 13:13:30 | 000,112,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\CBEC1D2927C7FCE4FB6C1C13FEF36E7A\3.3.86\ta_productapiloader..D321D6CC_DBBE_4AC3_8DBD_DFF82BB39BDC

fimalil · #13 Příspěvek od **fimalil** » 10 črc 2012 05:31

pokračování:

[2008.01.18 23:34:06 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2010.04.14 15:20:48 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2010.04.14 15:20:48 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2010.04.14 15:20:48 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2010.04.14 16:09:07 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2010.04.14 16:09:08 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2010.04.14 16:09:09 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2010.04.14 15:18:27 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2010.04.14 15:18:27 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2007.12.06 20:34:53 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16609_de-de_cbcaa800f7f71dcc.manifest
[2007.12.06 20:34:52 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16609_en-us_74bb7df9e6d52991.manifest
[2007.12.06 20:34:50 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16609_es-es_7486dadde6fc1b36.manifest
[2007.12.06 20:34:50 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16609_fr-fr_173e50dcd9ce3198.manifest
[2007.12.06 20:34:52 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16609_it-it_01664723b1001716.manifest
[2007.12.06 20:34:54 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16609_ja-jp_a38bc630a41b28f1.manifest
[2007.12.06 20:34:50 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16609_nl-nl_2dc76f586fdd2598.manifest
[2010.04.14 11:39:54 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2010.04.14 11:39:44 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2010.04.14 11:40:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2010.04.14 11:39:44 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2010.04.14 11:40:07 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2010.04.14 11:40:08 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2010.04.14 11:40:13 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2007.12.06 20:34:52 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20734_de-de_cc2ed396113192b6.manifest
[2007.12.06 20:34:52 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20734_en-us_751fa98f000f9e7b.manifest
[2007.12.06 20:34:52 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20734_es-es_74eb067300369020.manifest
[2007.12.06 20:34:53 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20734_fr-fr_17a27c71f308a682.manifest
[2007.12.06 20:34:53 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20734_it-it_01ca72b8ca3a8c00.manifest
[2007.12.06 20:34:53 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20734_ja-jp_a3eff1c5bd559ddb.manifest
[2007.12.06 20:34:51 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20734_nl-nl_2e2b9aed89179a82.manifest
[2010.04.14 11:39:54 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2010.04.14 11:39:43 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2010.04.14 11:40:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2010.04.14 11:39:44 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2010.04.14 11:40:07 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2010.04.14 11:40:08 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2010.04.14 11:40:13 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.01.19 04:14:52 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2007.12.06 20:34:51 | 000,005,227 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16609_none_59497e266f783366.manifest
[2010.04.14 11:39:39 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2007.12.06 20:34:54 | 000,005,227 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20734_none_59ada9bb88b2a850.manifest
[2010.04.14 11:39:39 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.19 00:00:00 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2010.04.14 11:39:31 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2010.04.14 11:39:31 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.11 00:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 12:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.19 00:05:22 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2006.11.02 14:34:59 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6000.16386_none_43bd59f592b7be86\dmloader.dll
[2008.01.18 23:34:06 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.18 23:34:06 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 143 bytes -> C:\Users\Akont\AppData\Roaming\Hodnoty oddělené čárkami (Windows).EML:OECustomProperty

< End of report >

fimalil · #14 Příspěvek od **fimalil** » 10 črc 2012 05:33

OTL Extras logfile created on: 9.7.2012 22:24:28 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Akont\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 1,55 Gb Available Physical Memory | 77,81% Memory free
4,21 Gb Paging File | 3,92 Gb Available in Paging File | 93,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,65 Gb Total Space | 6,74 Gb Free Space | 9,67% Space Free | Partition Type: NTFS
Drive D: | 69,64 Gb Total Space | 34,26 Gb Free Space | 49,20% Space Free | Partition Type: NTFS

Computer Name: FIALA | User Name: Akont | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2279552492-2691797434-3319995449-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE prezentace fotografií] -- "C:\Program Files\Fotostar\Fotostar Offline client4\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client4] -- "C:\Program Files\Fotostar\Fotostar Offline client4\Fotostar Offline client4.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"AntiSpyWareDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0415EEE6-BDAC-4BF0-8035-051365BFBA85}" = rport=139 | protocol=6 | dir=out | app=system |
"{13EB78BF-C825-4259-BED2-20D2FC3F94A3}" = lport=445 | protocol=6 | dir=in | app=system |
"{31168A74-29EA-4DDD-8264-8F0114CACEC9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{42626101-0E3C-472F-9B52-031A37213B70}" = rport=137 | protocol=17 | dir=out | app=system |
"{42E40169-61E0-46D6-AB83-327715A527A8}" = lport=138 | protocol=17 | dir=in | app=system |
"{5413B6B9-BC51-4E89-86C2-0BE834802E1E}" = lport=139 | protocol=6 | dir=in | app=system |
"{663063E1-3085-4921-BFD4-3D81D6BBBB39}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{8233BDFD-DAD6-484D-A06F-9A57029EF110}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{86A6C04B-5158-4780-9CF9-B56AE66D663A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A2933733-F392-4854-9B34-13C8DE86C0F8}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B36A5527-7F86-43B0-AA76-0392814498C9}" = lport=137 | protocol=17 | dir=in | app=system |
"{CC02146D-3F22-4954-8F40-BB7B0FE28FCB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CD792AC7-F736-435A-9C1D-DF69609C7F83}" = rport=138 | protocol=17 | dir=out | app=system |
"{E2295500-850D-4BBA-963E-EA8510036BD9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E8DE3963-301C-410B-BC7B-D6ED0C2A223B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F8EE9C39-4AC0-4095-B511-A07AF5A106FB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FA42440B-BF57-402F-A482-EA0F98221F98}" = rport=445 | protocol=6 | dir=out | app=system |
"{FFBE13F2-C489-447E-A453-48937E5EA313}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A963AD2-5769-4C5D-AC36-24BBF90CA4AF}" = protocol=6 | dir=in | app=c:\program files\common files\soft602\langserv.exe |
"{182FD341-64AF-405D-B78C-76D07B184532}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{B6901F2E-6DEF-49BB-912B-4B75261D392A}" = protocol=17 | dir=in | app=c:\program files\common files\soft602\langserv.exe |
"{B7DD43B1-D1EC-47D7-A493-A03A3070F475}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C9A19A20-FB93-47CB-945C-D638F278937D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CC135CE5-576A-4AE7-8995-F57AE074E2A3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D203C6C7-E3FB-49EE-BE5D-213F2920248C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EF151783-CC5C-4014-8BBC-24C422972065}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{8559294A-CC6A-4685-B654-58E13B94CCEA}C:\program files\openvpn\bin\openvpn.exe" = protocol=6 | dir=in | app=c:\program files\openvpn\bin\openvpn.exe |
"TCP Query User{D3B49DEB-8CD7-44E1-A118-B52358486D15}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{EAF0B103-4F1E-4AFE-B5B8-287895B974E5}C:\program files\openvpn\bin\openvpn.exe" = protocol=6 | dir=in | app=c:\program files\openvpn\bin\openvpn.exe |
"UDP Query User{289731E2-519E-4669-9BF0-87E9104476F8}C:\program files\openvpn\bin\openvpn.exe" = protocol=17 | dir=in | app=c:\program files\openvpn\bin\openvpn.exe |
"UDP Query User{E0D068D5-250E-450B-8D5D-9C1A3569C5D5}C:\program files\openvpn\bin\openvpn.exe" = protocol=17 | dir=in | app=c:\program files\openvpn\bin\openvpn.exe |
"UDP Query User{E798AFBF-D736-401F-A23B-3AA1928190F5}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2BE1DE38-5B5D-433E-BB92-B055AD540530}" = Účetní poradce
"{32C74893-0243-4235-A6F3-201F0E5D2C03}" = Software602 Print2PDF
"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Software Intel(R) PROSet/Wireless WiFi
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{432282b5-d708-431a-9ada-abbbbac3f205}" = Business Contact Manager pro aplikaci Outlook 2007 SP2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BB1DCED-84D3-47F9-B718-5947E904593E}" = Acer Crystal Eye webcam
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67451DB8-E4DD-48F3-B6A9-C0FB81829489}" = STORMWARE POHODA CZ Start
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ADC89F1-39B9-4CFF-A2E3-DFF8DFD0D86D}" = Alfa CD
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7130468A-F53F-4698-8C09-A339EA3B05E6}" = Nokia Software Updater
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{88410D8F-8529-492B-B556-2394A29B811B}" = Broadcom Driver v4.102.15.63_Foxconn Installation Program
"{88637F72-B46E-43F9-B306-6DA1FF478D51}" = WIDCOMM Bluetooth Software 6.0.1.3900
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{8B3E5A90-1F6E-4FAF-B84F-C306C8A80809}" = AeroFly Professional Deluxe
"{8DB9D717-0908-4E86-B6A1-019EB94D1422}" = STORMWARE POHODA CZ Start
"{8E081E58-546E-4746-93E9-8A138F10BDB6}" = STORMWARE POHODA CZ Start
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90A40405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BC1E722-AE07-46A3-B7A6-556DBE18E22A}" = SmarThru Office
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DE3F260-B88E-42CE-90E7-73C78C37D95E}" = 32 Bit HP BiDi Channel Components Installer
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Součásti připojení sady Microsoft Office Small Business
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B0319FCD-559D-4335-ADB3-7B57C4D33DC2}" = Advanced IP Scanner
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{CDD6032C-1657-4BE2-86E6-6E444552905E}" = STORMWARE POHODA CZ Start
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D096157B-9DF4-44FF-AF45-65B6F12304D5}" = SolidWorks eDrawings 2009
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DD1DED37-2486-4F56-8F89-56AA814003F5}" = Acer Crystal Eye webcam
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E5278EFA-F252-4920-A39A-55F57F6B5A6F}" = STORMWARE POHODA CZ Start
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E1BA46-6167-4A33-95F0-A4A4475DC499}" = ESET Smart Security
"{FA37AF66-D12A-4BC7-B1DE-3D50C05A4EDB}" = Software602 Form Filler
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"{FF841249-0D6B-41D7-8013-953EE3A33263}" = hppQFolderCM2320
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Any DWG to PDF Converter_is1" = Any DWG to PDF Converter 2010
"BDE511_is1" = Borland Database Engine 5.1.1.1
"Business Contact Manager" = Business Contact Manager pro aplikaci Outlook 2007 SP2
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"Daně a Právo 2011-10_is1" = Daně a Právo 2011-10
"ESET Online Scanner" = ESET Online Scanner v3
"FBDBServer_2_5_is1" = Firebird 2.5.0.26074 (Win32)
"Fotostar Offline client4" = Fotostar Offline client4
"FSCZ_is1" = FORM studio
"GridVista" = Acer GridVista
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.5.0
"LManager" = Launch Manager
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 14.0 (x86 cs)" = Mozilla Firefox 14.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia PC Suite" = Nokia PC Suite
"Nokia Suite" = Nokia Suite
"O2CZ" = O2
"OpenVPN" = OpenVPN 2.1.1
"P50110 - Elektronické výkaznictví ČSÚ_is1" = P50110 - Elektronické výkaznictví ČSÚ 2.10
"Parrot Flash Update Wizard" = Parrot Software Update Tool
"Podnikový a domácí právník 2011_is1" = PDP 2011.01
"PosteRazor_is1" = PosteRazor
"PROHYBRIDR" = 2007 Microsoft Office system
"ProInst" = Intel PROSet Wireless
"Samsung ML-2850 Series" = Samsung ML-2850 Series
"Samsung SCX-4x28 Series" = Samsung SCX-4x28 Series
"SmarThru Office PC Fax" = SmarThru Office PC Fax
"suc14_is1" = Stereo 2012 - ekonomický software, v.14.1.1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"TuneUp Utilities" = TuneUp Utilities
"UNP411 - Elektronické výkaznictví ČSÚ_is1" = UNP411 - Elektronické výkaznictví ČSÚ 2.10
"Vnitřní organizační předpisy pro nevýdělečné organizace 2.0Akom" = Vnitřní organizační předpisy pro nevýdělečné organizace 2.0Akom
"Vnitřní organizační předpisy pro nevýdělečné organizace 2.0kom" = Vnitřní organizační předpisy pro nevýdělečné organizace 2.0kom
"WinRAR archiver" = WinRAR
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"ZyWALL IPSec VPN Client" = ZyWALL IPSec VPN Client

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2279552492-2691797434-3319995449-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"William Hill CASINO CLUB" = William Hill CASINO CLUB

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

#15 Příspěvek od **vyosek** » 10 črc 2012 18:25

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - File not found [Auto | Stopped] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (LiveUpdate Notice Ex)
SRV - File not found [Auto | Stopped] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (CLTNetCnService)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Elements\1stboot\WisINT15.SYS -- (WisINT15)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\hpfxbulk.sys -- (HPFXBULK)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Akont\AppData\Local\Temp\esihdrv.sys -- (esihdrv)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\SearchScopes,DefaultScope = {2B9BABA8-CEC1-43AF-99DE-41B6A4241C0F}
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\SearchScopes\{0b7012fe-552f-488a-84bc-e1b9e11a1afe}: "URL" = http://www.firmy.cz/phr/{searchTerms}?sourceid=IE_5
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\SearchScopes\{2B9BABA8-CEC1-43AF-99DE-41B6A4241C0F}: "URL" = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\SearchScopes\{80C92A96-8E5B-4138-B083-45CE60794B03}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =302398&p={searchTerms}
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\SearchScopes\{be4185cd-38d2-47fc-a1f6-386fdf4211f2}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=IE_5
IE - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..\SearchScopes\{f28ffb00-c518-4cd7-917a-177cce77e455}: "URL" = http://www.mapy.cz/?query={searchTerms}&sourceid=IE_5
O4 - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003..\Run: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O15 - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..Trusted Domains: mojebanka.cz ([]https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-2279552492-2691797434-3319995449-1003\..Trusted Domains: postsignum.cz ([www] https in Důvěryhodné servery)
O33 - MountPoints2\{8f192e05-62e8-11e1-bdc0-000000000000}\Shell - "" = AutoRun
O33 - MountPoints2\{b48c5b72-5a2d-11e0-a2e9-000000000000}\Shell - "" = AutoRun
O33 - MountPoints2\{be937ee4-5069-11e0-b9d7-0016d3ea307c}\Shell - "" = AutoRun
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[14 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\msdownld.tmp\*.tmp files -> C:\Windows\msdownld.tmp\*.tmp -> ]
[1 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\1727f0ffea780768b76fd686a809ad9f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\1727f0ffea780768b76fd686a809ad9f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\181f20742d7a06495060916ec54125e6\*.tmp files -> C:\Windows\SoftwareDistribution\Download\181f20742d7a06495060916ec54125e6\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\1ecc753fb1ed944ab45636492f8173eb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\1ecc753fb1ed944ab45636492f8173eb\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\231f7a330f072d04f541b40dc2078c0c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\231f7a330f072d04f541b40dc2078c0c\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\3a3c74d73fdbc28ebbad89f7048497bb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3a3c74d73fdbc28ebbad89f7048497bb\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\5355974adafe7391f2ee89ef92bcc471\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5355974adafe7391f2ee89ef92bcc471\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\55e9356415814f0b786a143ad0facd7e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\55e9356415814f0b786a143ad0facd7e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5d9583445c1c8210da5211a78d5f1be6\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5d9583445c1c8210da5211a78d5f1be6\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\60320e1ac6a2029bdd1c27c55030226a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\60320e1ac6a2029bdd1c27c55030226a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6e8165c77499b300a31ff75a33808d34\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6e8165c77499b300a31ff75a33808d34\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6ea446189eb7b4a6a327f0701a421fd0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6ea446189eb7b4a6a327f0701a421fd0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\8f58d29a01652bb3bd3f83a410837dac\*.tmp files -> C:\Windows\SoftwareDistribution\Download\8f58d29a01652bb3bd3f83a410837dac\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\9064aeb183e12468f105e099436d1375\*.tmp files -> C:\Windows\SoftwareDistribution\Download\9064aeb183e12468f105e099436d1375\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a099f3ff1c537d94194d004d586db2ce\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a099f3ff1c537d94194d004d586db2ce\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b4c54016d4414f2a21516ca6a85284c7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b4c54016d4414f2a21516ca6a85284c7\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b4c69ff8f33fa7dd5264c611efa9e416\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b4c69ff8f33fa7dd5264c611efa9e416\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b99c9487e560d056608f825289004ed6\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b99c9487e560d056608f825289004ed6\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b9a4e9287eda20c85333ebb1d02dc49d\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b9a4e9287eda20c85333ebb1d02dc49d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c6b31f935833d8e8ceb4420c430dd604\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c6b31f935833d8e8ceb4420c430dd604\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\e175a207b2f59ee08299c313280e5245\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e175a207b2f59ee08299c313280e5245\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\e30066282086287e109376cf8f479343\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e30066282086287e109376cf8f479343\*.tmp -> ]
[2 C:\Windows\System32\spool\PRINTERS\*.tmp files -> C:\Windows\System32\spool\PRINTERS\*.tmp -> ]
@Alternate Data Stream - 143 bytes -> C:\Users\Akont\AppData\Roaming\Hodnoty oddělené čárkami (Windows).EML:OECustomProperty

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=-
""=-

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

VIRY.CZ

Prosím o kontrolu - 3 x úplně zamrznul

Prosím o kontrolu - 3 x úplně zamrznul

Re: Prosím o kontrolu - 3 x úplně zamrznul

Re: Prosím o kontrolu - 3 x úplně zamrznul

Re: Prosím o kontrolu - 3 x úplně zamrznul

Re: Prosím o kontrolu - 3 x úplně zamrznul

Re: Prosím o kontrolu - 3 x úplně zamrznul

Re: Prosím o kontrolu - 3 x úplně zamrznul

Re: Prosím o kontrolu - 3 x úplně zamrznul

Re: Prosím o kontrolu - 3 x úplně zamrznul

Re: Prosím o kontrolu - 3 x úplně zamrznul

Re: Prosím o kontrolu - 3 x úplně zamrznul

Re: Prosím o kontrolu - 3 x úplně zamrznul

Re: Prosím o kontrolu - 3 x úplně zamrznul

Re: Prosím o kontrolu - 3 x úplně zamrznul

Re: Prosím o kontrolu - 3 x úplně zamrznul