Prosím o kontrolu (pro jistotu)

[koncentrak]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Strongmann at 2011-01-27 12:22:42
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (24%) free of 20 GB
Total RAM: 2046 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:22:58, on 27.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Programy\ESET\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
D:\Programy\ESET\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
F:\stahování\RSIT (1).exe
C:\Program Files\trend micro\Strongmann.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [egui] "D:\Programy\ESET\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programy\Icq\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programy\Icq\ICQ7.2\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3455FA76-A70D-4977-80A3-ADFB52ABA6B3}: NameServer = 10.0.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{3455FA76-A70D-4977-80A3-ADFB52ABA6B3}: NameServer = 10.0.0.138
O17 - HKLM\System\CS2\Services\Tcpip\..\{3455FA76-A70D-4977-80A3-ADFB52ABA6B3}: NameServer = 10.0.0.138
O17 - HKLM\System\CS3\Services\Tcpip\..\{3455FA76-A70D-4977-80A3-ADFB52ABA6B3}: NameServer = 10.0.0.138
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - D:\Programy\ESET\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Programy\ESET\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Programy\Tune Up\TuneUpUtilitiesService32.exe

--
End of file - 8528 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HOME-Rudy#77.job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HOME-Strongmann.job
C:\WINDOWS\tasks\AutoKMS.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2000478354-682003330-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2000478354-682003330-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-12-06 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-12-06 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"egui"=D:\Programy\ESET\egui.exe [2010-11-18 2219184]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-08-24 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-09 200064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-08-08 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Programy\TC UP\PLUGINS\Media\OperaUSB\opera.exe"="D:\Programy\TC UP\PLUGINS\Media\OperaUSB\opera.exe:*:Enabled:Opera Internet Browser"
"D:\Programy\Winamp\winamp.exe"="D:\Programy\Winamp\winamp.exe:*:Enabled:Winamp"
"D:\Programy\Icq\ICQ7.2\ICQ.exe"="D:\Programy\Icq\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"D:\Programy\Icq\ICQ7.2\aolload.exe"="D:\Programy\Icq\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"D:\Hry\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe"="D:\Hry\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (CLI)"
"D:\Hry\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe"="D:\Hry\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (SRV)"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Programy\Icq\ICQ7.2\ICQ.exe"="D:\Programy\Icq\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"D:\Programy\Icq\ICQ7.2\aolload.exe"="D:\Programy\Icq\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""D:\Programy\Tune Up\TUAutoReactivator32.exe"

======File associations======

.inf - open -
.inf - install -
.ini - open - notepad.exe %1
.js - edit -
.js - open - "D:\Programy\TC UP\PLUGINS\Media\HateML\HateML.exe" "%1"
.reg - open - "regedit.exe" "%1"
.scr - open - "D:\Programy\TC UP\PLUGINS\Media\XnView\xnview.exe" "%1"
.scr - install -
.scr - config -
.txt - open - notepad.exe %1
.vbs - edit -
.vbs - open -

======List of files/folders created in the last 1 months======

2011-01-27 12:22:42 ----D---- C:\rsit
2011-01-27 12:22:42 ----D---- C:\Program Files\trend micro
2011-01-27 09:15:35 ----N---- C:\WINDOWS\KMSEmulator.exe
2011-01-25 00:15:14 ----A---- C:\WINDOWS\system32\voltoCDX.dll
2011-01-25 00:15:14 ----A---- C:\WINDOWS\system32\VB5DB.DLL
2011-01-25 00:15:14 ----A---- C:\WINDOWS\system32\SmartMenuXP.dll
2011-01-25 00:15:14 ----A---- C:\WINDOWS\system32\MP3EncX.dll
2011-01-25 00:15:14 ----A---- C:\WINDOWS\system32\DVDProX2.dll
2011-01-19 21:18:15 ----D---- C:\Program Files\Tablet
2011-01-19 21:18:13 ----N---- C:\WINDOWS\system32\drivers\PenClass.sys
2011-01-19 21:18:11 ----N---- C:\WINDOWS\system32\Wintab32.dll
2011-01-19 21:18:11 ----N---- C:\WINDOWS\system32\Wintab.dll
2011-01-19 21:18:11 ----N---- C:\WINDOWS\system32\TabHook.dll
2011-01-19 21:18:11 ----D---- C:\WINDOWS\system32\WTablet
2011-01-19 21:18:10 ----N---- C:\WINDOWS\system32\Tablet.exe
2011-01-12 14:22:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-01-01 18:12:38 ----D---- C:\Documents and Settings\Strongmann\Data aplikací\ICQ
2011-01-01 01:45:23 ----A---- C:\WINDOWS\system32\ptpusd.dll
2011-01-01 01:45:23 ----A---- C:\WINDOWS\system32\ptpusb.dll
2011-01-01 01:45:23 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2010-12-30 22:40:12 ----A---- C:\WINDOWS\iun6002.exe
2010-12-30 22:40:09 ----D---- C:\Program Files\Codec Pack - All In 1
2010-12-30 21:54:42 ----D---- C:\Program Files\ASIO4ALL v2
2010-12-30 21:03:28 ----A---- C:\WINDOWS\system32\rewire.dll
2010-12-30 21:03:14 ----D---- C:\Program Files\Outsim
2010-12-30 21:03:14 ----D---- C:\Program Files\Image-Line

======List of files/folders modified in the last 1 months======

2011-01-27 12:22:44 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-27 12:22:42 ----RD---- C:\Program Files
2011-01-27 12:10:11 ----D---- C:\WINDOWS\Temp
2011-01-27 12:09:31 ----D---- C:\WINDOWS
2011-01-27 12:09:18 ----D---- C:\WINDOWS\system32
2011-01-27 12:08:29 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-27 12:03:56 ----D---- C:\Documents and Settings\Strongmann\Data aplikací\Winamp
2011-01-27 12:03:49 ----D---- C:\WINDOWS\Prefetch
2011-01-26 09:45:51 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2011-01-25 00:15:14 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-25 00:14:45 ----D---- C:\Program Files\Common Files\InstallShield
2011-01-21 20:08:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-19 21:18:13 ----D---- C:\WINDOWS\system32\drivers
2011-01-19 15:00:00 ----SD---- C:\WINDOWS\Tasks
2011-01-19 12:15:47 ----A---- C:\WINDOWS\win.ini
2011-01-19 10:10:15 ----SHD---- C:\WINDOWS\Installer
2011-01-19 10:10:15 ----SHD---- C:\Config.Msi
2011-01-19 10:08:25 ----RSD---- C:\WINDOWS\Fonts
2011-01-17 12:22:48 ----D---- C:\WINDOWS\Debug
2011-01-15 18:49:29 ----HD---- C:\WINDOWS\inf
2011-01-12 14:22:36 ----A---- C:\WINDOWS\system32\MRT.exe
2011-01-12 14:22:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-01-12 14:22:17 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-12 09:05:34 ----HD---- C:\WINDOWS\$hf_mig$
2010-12-29 22:38:01 ----D---- C:\Documents and Settings

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PenClass;Pen Class; C:\WINDOWS\system32\drivers\PenClass.sys [2001-04-09 8138]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-12-05 691696]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-08-03 55256]
R1 VD_FileDisk;VD_FileDisk; C:\WINDOWS\system32\drivers\VD_FileDisk.sys [2009-10-25 16384]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2006-07-19 13568]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-03-24 6547872]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-04 105856]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\D:\Programy\Tune Up\TuneUpUtilitiesDriver32.sys []
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 ai8yjx3f;ai8yjx3f; C:\WINDOWS\system32\drivers\ai8yjx3f.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-08-08 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-08-08 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; D:\Programy\ESET\ekrn.exe [2010-11-18 810144]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-12-06 153376]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-12-25 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2011-01-26 214520]
R2 TabletService;TabletService; C:\WINDOWS\system32\Tablet.exe [2005-01-10 729088]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; D:\Programy\Tune Up\TuneUpUtilitiesService32.exe [2010-11-23 1483072]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; D:\Programy\ESET\EHttpSrv.exe [2010-11-18 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 OODefragAgent;O&O Defrag Agent; D:\Programy\OaO Defrag\oodag.exe [2010-11-25 2404168]

-----------------EOF-----------------

[vyosek]

Zdravim a pekny den preji

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Neco mi naznacuje ze nemate legalni produkt Microsoft Office, jak to je prosim

[koncentrak]

info.txt logfile of random's system information tool 1.08 2011-01-27 12:22:59

======Uninstall list======

-->MsiExec /X{F9835182-794B-4F24-902A-E2CA9D43380F}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Creative Suite 5 Master Collection-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{288DB08D-0708-4A94-B055-55B99E39EB62}"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Aktualizace pro Microsoft Outlook Social Connector (KB2289116)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-0000-0000000FF1CE}" "{E09910D9-C94A-410B-9ACB-6F350F2BF9E7}" "1029" "0"
Aktualizace systému Windows Internet Explorer 8 (KB2447568)-->"C:\WINDOWS\ie8updates\KB2447568-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB2360131)-->"C:\WINDOWS\ie7updates\KB2360131-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2360131)-->"C:\WINDOWS\ie8updates\KB2360131-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2416400)-->"C:\WINDOWS\ie8updates\KB2416400-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
Audiosurf-->MsiExec.exe /I{6D316D67-DA52-4659-9C98-F479963534D6}
Call of Duty(R) 2-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374} /l2057
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Codec Pack - All In 1 6.0.3.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Definition update for Microsoft Office 2010 (KB982726)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{287B33BF-9EBA-4894-8C13-92D21412AF74}" "1029" "0"
Dev-C++ 5 beta 9 release (4.9.9.2)-->"D:\Hry\Dev-Cpp\uninstall.exe"
DivX Setup-->C:\Documents and Settings\All Users\Data aplikací\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
ESET Antivirus License Finder (MiNODLogin)-->"D:\Programy\eset2\MiNODLogin\MiNODLoginUninst.exe"
FL Studio 9-->D:\Programy\FL Studio 9\uninstall.exe
FlashBoot 1.2.0.119-->D:\Programy\FlashBoot\unins000.exe
GamePark-->D:\Programy\GamePark\unins000.exe
Gembird STR-FFB2 steering wheel with force feedback-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6CED3577-D993-4E4F-BF20-D1E4562D7385}\setup.exe" -l0x9
GIMP 2.6.11-->"D:\Programy\GIMP-2.0\setup\unins000.exe"
GOM Player-->"D:\Programy\GomPlayer\Uninstall.exe"
Hardcore-->C:\Program Files\Image-Line\Hardcore\uninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
hp deskjet 840c series-->rundll32 hpzcon04.dll,VendorJettison hp deskjet 840c series
HP Drive Key Boot Utility-->C:\Program Files\Compaq\hpdkbu\hpuninst.exe
Cheetah Audio Converter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B1914510-38B5-4835-83D8-A188073E542F}\Setup.exe"
Chessmaster Grandmaster Edition-->C:\Program Files\InstallShield Installation Information\{27614800-84A9-484E-9CCB-43ED2F1205F5}\setup.exe -runfromtemp -l0x0409
ICQ7.2-->"C:\Program Files\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015F0}
Java(TM) 6 Update 22-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}
LinuxLive USB Creator-->D:\Programy\livecd\LinuxLive USB Creator\Uninstall.exe
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{91140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-0000-0000000FF1CE}
Microsoft Speech SDK 5.1-->MsiExec.exe /I{A403D88E-ED7D-48E3-91FD-B8C8A720EDA1}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual Studio 2005 Tools for Office Runtime-->C:\Program Files\Common Files\Microsoft Shared\VSTO\8.0\Microsoft Visual Studio 2005 Tools for Office Runtime\install.exe
Microsoft Visual Studio 2005 Tools for Office Runtime-->MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Mp3tag v2.47b-->D:\Programy\mp3tag\Mp3tagUninstall.EXE
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
NVIDIA PhysX-->MsiExec.exe /X{F9835182-794B-4F24-902A-E2CA9D43380F}
O&O Defrag Professional-->MsiExec.exe /I{FA22FD92-2848-41C8-9647-9532294B5D10}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
PSPad editor-->"D:\Programy\PSPad editor\Uninst\unins000.exe"
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
rFactor (remove only)-->"D:\Hry\rFactor\Uninstall.exe"
S.T.A.L.K.E.R. - Call of Pripyat [v1.6.01]-->"D:\Hry\S.T.A.L.K.E.R. - Call of Pripyat\unins000.exe"
Sawer-->C:\Program Files\Image-Line\Sawer\uninstall.exe
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Security Update for Microsoft Office 2010 (KB2289078)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{1D1A4F08-2F17-475B-BA72-476CE5992FEE}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2289161)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{F134C2C6-30B3-4169-A325-58482B4CE6FC}" "1029" "0"
Security Update for Microsoft Publisher 2010 (KB2409055)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{C3C277D5-36E3-4B1A-926A-175B2BC019CF}" "1029" "0"
Security Update for Microsoft Word 2010 (KB2345000)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}" "1029" "0"
Soldat 1.5.0-->"D:\Hry\Soldat\unins000.exe"
StarCodec-->"D:\Programy\StarCodec\Uninstall.exe"
SumTotal Publish to ToolBook 10.5-->MsiExec.exe /I{7CC5E859-A12E-4534-B052-537E55AC4E33}
Tablet-->C:\Program Files\Tablet\Remove.exe /u
ToolBook 10.5-->MsiExec.exe /X{345370F1-5D76-4AF8-BD75-BCC9296A861E}
Total Commander Ultima Prime 5.3.0.0-->"D:\Programy\TC UP\un_TC UP.exe"
Total Video Converter 3.70 100621-->"D:\Programy\Total Video Converter\unins000.exe"
Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
TuneUp Utilities 2011-->D:\Programy\Tune Up\TUInstallHelper.exe --Trigger-Uninstall
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office 2010 (KB2202188)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{86B7A074-265D-420C-9E1E-7A920EF0ECA7}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{556146F7-74AE-4E0A-B64F-5B8B93469F61}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{B5516874-E926-4BFD-B412-D0E70112F244}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{D6CE7280-6EE3-419A-8F47-DB111C040B1B}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2433299)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{6C845127-B949-4D76-A732-BCB396AD9AA5}" "1029" "0"
Update for Microsoft Outlook Social Connector (KB2289116)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{75F91382-920C-4AE1-B9E6-FFFCEDA797E8}" "1029" "0"
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Vegas Movie Studio HD Platinum 10.0-->MsiExec.exe /X{40AE01BE-A290-4FFB-8DAB-C624C17DC87E}
Winamp-->"D:\Programy\Winamp\UninstWA.exe"
Windows Essentials Media Codec Pack 1.0-->D:\Programy\Essentials Codec Pack\uninst.exe
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
WinRAR-->D:\Programy\winrar\uninstall.exe

======Hosts File======

127.0.0.1 activate.adobe.com

======Security center information======

AV: ESET Smart Security 4.2
FW: ESET personal firewall

======System event log======

Computer Name: HOME
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě PnkBstrB úspěšně odeslán.

Record Number: 5848
Source Name: Service Control Manager
Time Written: 20110107212513.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: HOME
Event Code: 7036
Message: Stav služby PnkBstrB byl změněn na: Spuštěno

Record Number: 5847
Source Name: Service Control Manager
Time Written: 20110107212513.000000+060
Event Type: Informace
User:

Computer Name: HOME
Event Code: 7035
Message: Řídící příkaz Zastaveno byl službě PnkBstrB úspěšně odeslán.

Record Number: 5846
Source Name: Service Control Manager
Time Written: 20110107212510.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: HOME
Event Code: 7036
Message: Stav služby PnkBstrB byl změněn na: Zastaveno

Record Number: 5845
Source Name: Service Control Manager
Time Written: 20110107212510.000000+060
Event Type: Informace
User:

Computer Name: HOME
Event Code: 7036
Message: Stav služby Služba modelu COM pro zápis na disk CD (IMAPI) byl změněn na: Zastaveno

Record Number: 5844
Source Name: Service Control Manager
Time Written: 20110107201607.000000+060
Event Type: Informace
User:

=====Application event log=====

Computer Name: HOME
Event Code: 12288
Message: The client has sent an activation request to the key management service machine.
Info:
0x00000000, 0x00000000, 127.0.0.1:1688, d54bedc0-c409-4abf-a8da-42c07aea0cdb, 2011/01/18 18:02, 0, 1, 259017, 6f327760-8c5c-417c-9b61-836a98287e0c, 5

Record Number: 3910
Source Name: Office Software Protection Platform Service
Time Written: 20110118190228.000000+060
Event Type: Informace
User:

Computer Name: HOME
Event Code: 1003
Message: The Software Protection service has completed licensing status check.
Application Id=59a52881-a989-479d-af46-f275c6370663
Licensing Status=
1: 6f327760-8c5c-417c-9b61-836a98287e0c, 1, 1 [(0 [0x00000000, 1, 0], [(?)(?)( 1 0x00000000 30 0 msft:rm/algorithm/volume/1.0 0x00000000 259017)(?)(?)(?)])(1 )(2 )]



Record Number: 3909
Source Name: Office Software Protection Platform Service
Time Written: 20110118190226.000000+060
Event Type: Informace
User:

Computer Name: HOME
Event Code: 1003
Message: The Software Protection service has completed licensing status check.
Application Id=59a52881-a989-479d-af46-f275c6370663
Licensing Status=
1: fdf3ecb9-b56f-43b2-a9b8-1b48b6bae1a7, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]



Record Number: 3908
Source Name: Office Software Protection Platform Service
Time Written: 20110118190225.000000+060
Event Type: Informace
User:

Computer Name: HOME
Event Code: 1003
Message: The Software Protection service has completed licensing status check.
Application Id=59a52881-a989-479d-af46-f275c6370663
Licensing Status=
1: c1ceda8b-c578-4d5d-a4aa-23626be4e234, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]



Record Number: 3907
Source Name: Office Software Protection Platform Service
Time Written: 20110118190225.000000+060
Event Type: Informace
User:

Computer Name: HOME
Event Code: 1003
Message: The Software Protection service has completed licensing status check.
Application Id=59a52881-a989-479d-af46-f275c6370663
Licensing Status=
1: 8c5fa740-5dca-43f9-be1b-d0281bcf9779, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]



Record Number: 3906
Source Name: Office Software Protection Platform Service
Time Written: 20110118190225.000000+060
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=x86 Family 16 Model 2 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0203
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"KTD"=C:\WINDOWS\DriverPacks

-----------------EOF-----------------


Bohužel nejedná se o můj pc a majitel je momentálně v zahraničí, ale předpokládám že jsou Office legální. Popřípadě jak to zjistím?

[vyosek]

Dle meho legalni nejsou, jelikoz tam je prvek, ktery slouzi k obchazeni lejich legality. Dale je tam nelegalni zabezpeceni ESET a to zde podporovat opravdu nebudem, takze co s tim udelame

[koncentrak]

Dobrý den, odinstaluji... Co navrhujete místo Esetu za antivir?

[vyosek]

Taktez odinstalujte ty nelegalni Office

Dle pravidel fora (viz zde a a zde bod c.3 ) se vsak nelegalnim SW nezabyvame, jelikoz nelegalni programy jsou vetsinou zdrojem haveti. Navic tim porusujete i autorska prava , pachate trestny cin a ten jako takovy nebude nasim forem podporovan. Uvedomte si, ze jste na bezpecnostnim foru - podpora warezu (zvlaste bezpecnostnich programu) by byla zcela proti logice fora
Obstarejte si proto legalni ochranu Vaseho PC (antivir), pote sem vlozte novy log z RSITu a CKScanneru - viz nize.

Osobne Vam doporucuji kombinaci Avast ci Aviru. Prehled antiviru mate ZDE.

Log z RSITu - viz muj podpis
Stahnete na plochu CKScanner

• Spustte a kliknete na Search for files
• Po dokonceni skenu kliknete na Save List to File a nasledne OK
• Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte

[koncentrak]

Rsit
Logfile of random's system information tool 1.08 (written by random/random)
Run by Strongmann at 2011-01-28 10:02:09
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 7 GB (33%) free of 20 GB
Total RAM: 2046 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:02:21, on 28.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
D:\Programy\Tune Up\TuneUpUtilitiesService32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Programy\Tune Up\TuneUpUtilitiesApp32.exe
C:\WINDOWS\RTHDCPL.EXE
D:\Programy\TC UP\TC UP.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Programy\TC UP\totalcmd.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Programy\Avira\AntiVir Desktop\avguard.exe
D:\Programy\Avira\AntiVir Desktop\avshadow.exe
D:\Programy\Avira\AntiVir Desktop\sched.exe
D:\Programy\Avira\AntiVir Desktop\avgnt.exe
C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Programy\TC UP\TC UP.exe
D:\Programy\TC UP\totalcmd.exe
F:\stahování\RSIT (1).exe
C:\Program Files\trend micro\Strongmann.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "D:\Programy\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programy\Icq\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programy\Icq\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3455FA76-A70D-4977-80A3-ADFB52ABA6B3}: NameServer = 10.0.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{3455FA76-A70D-4977-80A3-ADFB52ABA6B3}: NameServer = 10.0.0.138
O17 - HKLM\System\CS2\Services\Tcpip\..\{3455FA76-A70D-4977-80A3-ADFB52ABA6B3}: NameServer = 10.0.0.138
O17 - HKLM\System\CS3\Services\Tcpip\..\{3455FA76-A70D-4977-80A3-ADFB52ABA6B3}: NameServer = 10.0.0.138
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - D:\Programy\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Programy\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Programy\Tune Up\TuneUpUtilitiesService32.exe

--
End of file - 8356 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HOME-Rudy#77.job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HOME-Strongmann.job
C:\WINDOWS\tasks\AutoKMS.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2000478354-682003330-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2000478354-682003330-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-12-06 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-12-06 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"avgnt"=D:\Programy\Avira\AntiVir Desktop\avgnt.exe [2010-12-13 281768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Strongmann\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-08-24 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-09 200064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-08-08 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Programy\TC UP\PLUGINS\Media\OperaUSB\opera.exe"="D:\Programy\TC UP\PLUGINS\Media\OperaUSB\opera.exe:*:Enabled:Opera Internet Browser"
"D:\Programy\Winamp\winamp.exe"="D:\Programy\Winamp\winamp.exe:*:Enabled:Winamp"
"D:\Programy\Icq\ICQ7.2\ICQ.exe"="D:\Programy\Icq\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"D:\Programy\Icq\ICQ7.2\aolload.exe"="D:\Programy\Icq\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Programy\Icq\ICQ7.2\ICQ.exe"="D:\Programy\Icq\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"D:\Programy\Icq\ICQ7.2\aolload.exe"="D:\Programy\Icq\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""D:\Programy\Tune Up\TUAutoReactivator32.exe"

======File associations======

.inf - open -
.inf - install -
.ini - open - notepad.exe %1
.js - edit -
.js - open - "D:\Programy\TC UP\PLUGINS\Media\HateML\HateML.exe" "%1"
.reg - open - "regedit.exe" "%1"
.scr - open - "D:\Programy\TC UP\PLUGINS\Media\XnView\xnview.exe" "%1"
.scr - install -
.scr - config -
.txt - open - notepad.exe %1
.vbs - edit -
.vbs - open -

======List of files/folders created in the last 1 months======

2011-01-28 10:00:50 ----D---- C:\Documents and Settings\Strongmann\Data aplikací\Avira
2011-01-28 09:40:12 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2011-01-28 09:40:12 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2011-01-28 09:40:12 ----A---- C:\WINDOWS\system32\drivers\avgntmgr.sys
2011-01-28 09:40:12 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2011-01-28 09:40:12 ----A---- C:\WINDOWS\system32\drivers\avgntdd.sys
2011-01-28 09:40:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2011-01-28 09:31:45 ----N---- C:\WINDOWS\KMSEmulator.exe
2011-01-27 12:22:42 ----D---- C:\rsit
2011-01-27 12:22:42 ----D---- C:\Program Files\trend micro
2011-01-25 00:15:14 ----A---- C:\WINDOWS\system32\voltoCDX.dll
2011-01-25 00:15:14 ----A---- C:\WINDOWS\system32\VB5DB.DLL
2011-01-25 00:15:14 ----A---- C:\WINDOWS\system32\SmartMenuXP.dll
2011-01-25 00:15:14 ----A---- C:\WINDOWS\system32\MP3EncX.dll
2011-01-25 00:15:14 ----A---- C:\WINDOWS\system32\DVDProX2.dll
2011-01-19 21:18:15 ----D---- C:\Program Files\Tablet
2011-01-19 21:18:13 ----N---- C:\WINDOWS\system32\drivers\PenClass.sys
2011-01-19 21:18:11 ----N---- C:\WINDOWS\system32\Wintab32.dll
2011-01-19 21:18:11 ----N---- C:\WINDOWS\system32\Wintab.dll
2011-01-19 21:18:11 ----N---- C:\WINDOWS\system32\TabHook.dll
2011-01-19 21:18:11 ----D---- C:\WINDOWS\system32\WTablet
2011-01-19 21:18:10 ----N---- C:\WINDOWS\system32\Tablet.exe
2011-01-12 14:22:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-01-01 18:12:38 ----D---- C:\Documents and Settings\Strongmann\Data aplikací\ICQ
2011-01-01 01:45:23 ----A---- C:\WINDOWS\system32\ptpusd.dll
2011-01-01 01:45:23 ----A---- C:\WINDOWS\system32\ptpusb.dll
2011-01-01 01:45:23 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2010-12-30 22:40:12 ----A---- C:\WINDOWS\iun6002.exe
2010-12-30 22:40:09 ----D---- C:\Program Files\Codec Pack - All In 1
2010-12-30 21:54:42 ----D---- C:\Program Files\ASIO4ALL v2
2010-12-30 21:03:28 ----A---- C:\WINDOWS\system32\rewire.dll
2010-12-30 21:03:14 ----D---- C:\Program Files\Outsim
2010-12-30 21:03:14 ----D---- C:\Program Files\Image-Line

======List of files/folders modified in the last 1 months======

2011-01-28 09:49:16 ----D---- C:\WINDOWS\Microsoft.NET
2011-01-28 09:40:43 ----D---- C:\WINDOWS\Temp
2011-01-28 09:40:42 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-28 09:40:12 ----D---- C:\WINDOWS\system32\drivers
2011-01-28 09:39:52 ----D---- C:\WINDOWS\Prefetch
2011-01-28 09:38:32 ----D---- C:\WINDOWS\system32
2011-01-28 09:37:40 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-28 09:37:08 ----SHD---- C:\Config.Msi
2011-01-28 09:37:01 ----RSD---- C:\WINDOWS\assembly
2011-01-28 09:36:52 ----RD---- C:\Program Files
2011-01-28 09:36:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-28 09:36:46 ----RSD---- C:\WINDOWS\Fonts
2011-01-28 09:36:44 ----D---- C:\WINDOWS
2011-01-28 09:36:44 ----D---- C:\Program Files\MSBuild
2011-01-28 09:36:43 ----SHD---- C:\WINDOWS\Installer
2011-01-28 09:36:43 ----D---- C:\Program Files\Common Files
2011-01-28 09:36:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-01-28 09:35:09 ----D---- C:\Program Files\Common Files\System
2011-01-28 09:35:09 ----A---- C:\WINDOWS\win.ini
2011-01-28 09:34:43 ----HD---- C:\WINDOWS\inf
2011-01-27 16:57:14 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2011-01-27 12:03:56 ----D---- C:\Documents and Settings\Strongmann\Data aplikací\Winamp
2011-01-25 00:15:14 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-25 00:14:45 ----D---- C:\Program Files\Common Files\InstallShield
2011-01-21 20:08:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-19 15:00:00 ----SD---- C:\WINDOWS\Tasks
2011-01-17 12:22:48 ----D---- C:\WINDOWS\Debug
2011-01-12 14:22:36 ----A---- C:\WINDOWS\system32\MRT.exe
2011-01-12 14:22:17 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-12 09:05:34 ----HD---- C:\WINDOWS\$hf_mig$
2010-12-29 22:38:01 ----D---- C:\Documents and Settings

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PenClass;Pen Class; C:\WINDOWS\system32\drivers\PenClass.sys [2001-04-09 8138]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-12-05 691696]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 avgio;avgio; \??\D:\Programy\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-12-13 135096]
R1 VD_FileDisk;VD_FileDisk; C:\WINDOWS\system32\drivers\VD_FileDisk.sys [2009-10-25 16384]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-12-13 61960]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2006-07-19 13568]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-03-24 6547872]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-04 105856]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\D:\Programy\Tune Up\TuneUpUtilitiesDriver32.sys []
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
S3 a90jxyg1;a90jxyg1; C:\WINDOWS\system32\drivers\a90jxyg1.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-08-08 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-08-08 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; D:\Programy\Avira\AntiVir Desktop\avguard.exe [2010-12-13 267944]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; D:\Programy\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-12-06 153376]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-12-25 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2011-01-27 214520]
R2 TabletService;TabletService; C:\WINDOWS\system32\Tablet.exe [2005-01-10 729088]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; D:\Programy\Tune Up\TuneUpUtilitiesService32.exe [2010-11-23 1483072]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 OODefragAgent;O&O Defrag Agent; D:\Programy\OaO Defrag\oodag.exe [2010-11-25 2404168]

-----------------EOF-----------------

CKScaner
CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\image-line\hardcore\presets\i cracked my tube!.hdprg
c:\program files\image-line\sawer\presets\ambient\mc cracked.sawer
hosts 127.0.0.1 activate.adobe.com
scanner sequence 3.CP.11
----- EOF -----

[vyosek]

Stahnete OTM (viz muj podpis)

• Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
• Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

• Kód: Vybrat vše

  :reg
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "Google Update"=-
  
  :files
  D:\Programy\eset2
  D:\Programy\ESET
  C:\WINDOWS\KMSEmulator.exe
  C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HOME-Rudy#77.job
  C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HOME-Strongmann.job
  C:\WINDOWS\tasks\AutoKMS.job
  C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2000478354-682003330-1003Core.job
  C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2000478354-682003330-1003UA.job
  c:\program files\image-line\hardcore\presets\i cracked my tube!.hdprg /d
  c:\program files\image-line\sawer\presets\ambient\mc cracked.sawer /d
  C:\Program Files\DAEMON Tools Toolbar
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp /s
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Kliknete na cervene tlacitko MoveIt!
• Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte

[koncentrak]

All processes killed
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
========== FILES ==========
D:\Programy\eset2 folder moved successfully.
D:\Programy\ESET\Nová složka folder moved successfully.
D:\Programy\ESET folder moved successfully.
C:\WINDOWS\KMSEmulator.exe moved successfully.
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HOME-Rudy#77.job moved successfully.
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HOME-Strongmann.job moved successfully.
C:\WINDOWS\tasks\AutoKMS.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2000478354-682003330-1003Core.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2000478354-682003330-1003UA.job moved successfully.
c:\program files\image-line\hardcore\presets\I cracked my Tube!.hdprg deleted successfully.
c:\program files\image-line\sawer\presets\ambient\MC Cracked.sawer deleted successfully.
C:\Program Files\DAEMON Tools Toolbar\Resources folder moved successfully.
C:\Program Files\DAEMON Tools Toolbar folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
C:\WINDOWS\system32\SET2D5.tmp moved successfully.
C:\WINDOWS\system32\SET2D7.tmp moved successfully.
C:\WINDOWS\system32\SET2E5.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP15B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP21D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP234.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP272.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2FB.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP329.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP367.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP456.tmp folder moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Majkl
->Temp folder emptied: 653942 bytes
->Temporary Internet Files folder emptied: 766049 bytes
->Flash cache emptied: 42458 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Rudy#77
->Temp folder emptied: 6469016 bytes
->Temporary Internet Files folder emptied: 8055768 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 6412 bytes

User: Strongmann
->Temp folder emptied: 6981245 bytes
->Temporary Internet Files folder emptied: 841996 bytes
->Java cache emptied: 32519 bytes
->Google Chrome cache emptied: 222353881 bytes
->Flash cache emptied: 22105 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 255 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 93388534 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 324,00 mb


OTM by OldTimer - Version 3.1.17.2 log created on 01282011_102115

[vyosek]

Jak se chova PC

[koncentrak]

Mockrát děkuji za pomoc pc jede svižněji jinak vypadá vše Ok.


Ještě jednou děkuji.

[vyosek]

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Nemate zac, rad jsem pomohl