VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

vir

https://forum.viry.cz:443/viewtopic.php?t=106604

Stránka 1 z 3

vir

Napsal: 15 lis 2010 21:38
od Jan Vasak
Dobrý večer,
prosím o pomoc. mizí mi místo na C disku. jedná se o -3Gb za den. Před třemi dny jsem smazal temp, kde bylo asi 20Gb a za dva dny se tam uložilo asi 2Gb.
Všiml jsem si, že taky na C ve složce User je mě neznámý NTUSER.DAT.
Nevíte někdo, co by to mohlo být?
předem díky

zde je log
toLogfile of random's system information tool 1.08 (written by random/random)
Run by Jeník at 2009-11-15 21:26:58
Microsoft® Windows Vista™ Ultimate
System drive C: has 27 GB (54%) free of 50 GB
Total RAM: 4094 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:27:02, on 15.11.2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal

Running processes:
E:\instalacky\Rainlendar2\Rainlendar2.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\Illustrator.exe
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\trend micro\Jeník.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Rainlendar2] E:\instalacky\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Skype.lnk = ?
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: RocketDock.lnk = C:\Program Files (x86)\RocketDock\RocketDock.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - E:\instalacky\comodo\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9086 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe"
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {F614609B-805D-4DFF-8FA9-914F11B2D332}
"C:\Windows\system32\Dwm.exe"
taskeng.exe {D66ABEDC-E0EF-4F63-B559-A3157AED43BD}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Windows Defender\MSASCui.exe" -hide
"C:\Windows\RAVCpl64.exe"
"E:\instalacky\comodo\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Windows\WindowsMobile\wmdSync.exe"
"E:\instalacky\Rainlendar2\Rainlendar2.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9e500c11-1593-4c80-8ea6-39e580010cd0 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-3f50511d-0de8-4435-80cd-3aedfe6ac621 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-26218874-a4b2-494e-a4be-0b1463f1030c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b1050b8a-5ce7-468b-859a-9bfe204dde1e
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe" /SILENT
"C:\Program Files (x86)\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\Illustrator.exe" "C:\Users\Jeník\Desktop\Desktop\deep\DEEP_UPRAVA_prechod_krivky.ai"
"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" "-launchedbycsxs"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4676.4563440.1405974438 "C:\Windows\system32\Macromed\Flash\NPSWF32.dll" 4676 plugin \\.\pipe\gecko-crash-server-pipe.4676
"C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE" /recycle
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe42_ Global\UsGthrCtrlFltPipeMssGthrPipe42 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot) " "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 640 644 652 65536 648
"C:\Users\Jeník\Desktop\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{4FCBA629-8E8E-4492-8C0A-0DA699842C8F}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2009-05-21 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-05-21 41368]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-02 1579624]
"RtHDVCpl"=C:\Windows\RAVCpl64.exe [2007-10-01 5426688]
"Skytel"=C:\Windows\Skytel.exe [2007-08-03 1826816]
"COMODO Internet Security"=E:\instalacky\comodo\COMODO\COMODO Internet Security\cfp.exe [2010-03-03 7795984]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 225792]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-27 500208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"Rainlendar2"=E:\instalacky\Rainlendar2\Rainlendar2.exe [2009-08-22 5148672]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2010-05-13 26192168]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
RocketDock.lnk - C:\Program Files (x86)\RocketDock\RocketDock.exe

C:\Users\Jeník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Skype.lnk - C:\Windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=95

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 months======

2010-09-21 18:37:35 ----D---- C:\Users\Jeník\AppData\Roaming\Processing
2010-09-06 11:03:42 ----RD---- C:\Program Files (x86)\Skype
2010-07-27 21:52:18 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2010-05-04 17:53:52 ----D---- C:\Users\Jeník\AppData\Roaming\Diercke Globus Online
2010-05-04 17:53:41 ----D---- C:\Program Files (x86)\ImagonShared
2010-05-04 15:11:38 ----D---- C:\Users\Jeník\AppData\Roaming\Thunderbird
2010-05-04 15:11:28 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2010-04-19 15:51:40 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2010-04-19 15:51:40 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2010-04-19 15:51:40 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-04-19 15:51:40 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-04-19 15:51:39 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2010-04-19 15:51:39 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2010-04-19 15:51:39 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-04-19 15:51:39 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-04-19 15:50:13 ----D---- C:\Windows\SYSWOW64\directx
2010-04-18 14:50:59 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-04-18 14:50:09 ----D---- C:\Program Files\NVIDIA Corporation
2010-04-18 14:48:15 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2010-04-18 14:48:15 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2010-04-18 14:48:15 ----A---- C:\Windows\system32\OpenCL.dll
2010-04-18 14:48:15 ----A---- C:\Windows\system32\nvwgf2umx.dll
2010-04-18 14:48:15 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2010-04-18 14:48:12 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2010-04-18 14:48:12 ----A---- C:\Windows\system32\nvoglv64.dll
2010-04-18 14:48:08 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2010-04-18 14:48:08 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2010-04-18 14:48:08 ----A---- C:\Windows\system32\nvcuvid.dll
2010-04-18 14:48:07 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2010-04-18 14:48:07 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2010-04-18 14:48:07 ----A---- C:\Windows\system32\nvcuvenc.dll
2010-04-18 14:48:07 ----A---- C:\Windows\system32\nvcuda.dll
2010-04-18 14:48:06 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2010-04-18 14:48:04 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2010-04-18 14:48:04 ----A---- C:\Windows\system32\nvcompiler.dll
2010-04-18 14:48:04 ----A---- C:\Windows\system32\nvcod1914.dll
2010-04-18 14:48:04 ----A---- C:\Windows\system32\nvcod.dll
2010-04-18 14:48:00 ----D---- C:\NVIDIA
2010-04-03 17:42:00 ----A---- C:\Windows\system32\nvvsvc.exe
2010-04-03 17:42:00 ----A---- C:\Windows\system32\nvsvc64.dll
2010-04-03 17:42:00 ----A---- C:\Windows\system32\nvshext.dll
2010-04-03 17:42:00 ----A---- C:\Windows\system32\nvmctray.dll
2010-04-03 17:42:00 ----A---- C:\Windows\system32\nvcpl.dll
2010-03-22 18:34:06 ----A---- C:\Windows\wnaspi32.dll
2010-03-14 21:12:27 ----HD---- C:\Sandbox
2010-03-14 21:11:49 ----D---- C:\ProgramData\COMODO
2010-03-14 21:04:24 ----D---- C:\Program Files (x86)\COMODO
2010-03-14 21:01:25 ----D---- C:\ProgramData\Comodo Downloader
2010-03-14 20:35:41 ----D---- C:\ProgramData\Alwil Software
2010-03-03 19:54:42 ----A---- C:\Windows\SYSWOW64\guard32.dll
2010-03-03 19:54:42 ----A---- C:\Windows\system32\guard64.dll
2010-03-03 19:54:02 ----A---- C:\Windows\system32\drivers\inspect.sys
2010-03-03 19:54:00 ----A---- C:\Windows\system32\drivers\cmdhlp.sys
2010-03-03 19:54:00 ----A---- C:\Windows\system32\drivers\cmdGuard.sys
2010-03-03 19:53:58 ----A---- C:\Windows\system32\drivers\cmderd.sys
2010-02-12 12:01:24 ----A---- C:\Windows\system32\dns-sd.exe
2010-01-27 18:11:42 ----D---- C:\Users\Jeník\AppData\Roaming\Skype
2010-01-24 23:32:01 ----D---- C:\Users\Jeník\AppData\Roaming\Mozilla
2010-01-10 18:41:30 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2010-01-10 18:41:30 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-01-10 18:41:29 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2010-01-10 18:41:29 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-01-10 18:41:28 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2010-01-10 18:41:28 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-01-10 18:41:22 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2010-01-10 18:41:22 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2010-01-10 18:41:22 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-01-10 18:41:22 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-01-10 18:41:20 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2010-01-10 18:41:20 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-01-10 18:41:17 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2010-01-10 18:41:17 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-01-10 18:41:15 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2010-01-10 18:41:15 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2010-01-10 18:41:15 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-01-10 18:41:15 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-01-10 18:41:12 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2010-01-10 18:41:12 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-01-10 18:41:11 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2010-01-10 18:41:11 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2010-01-10 18:41:11 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2010-01-10 18:41:11 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-01-10 18:41:11 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-01-10 18:41:11 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-01-10 18:41:10 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2010-01-10 18:41:10 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-01-10 18:41:07 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2010-01-10 18:41:07 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2010-01-10 18:41:07 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-01-10 18:41:07 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-01-10 18:41:02 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2010-01-10 18:41:02 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-01-10 18:41:01 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2010-01-10 18:41:01 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2010-01-10 18:41:01 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-01-10 18:41:01 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-01-10 18:41:00 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2010-01-10 18:41:00 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2010-01-10 18:41:00 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-01-10 18:41:00 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-01-10 18:40:59 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2010-01-10 18:40:59 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2010-01-10 18:40:59 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-01-10 18:40:59 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-01-10 18:40:58 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2010-01-10 18:40:58 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-01-10 18:40:56 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2010-01-10 18:40:56 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2010-01-10 18:40:56 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-01-10 18:40:56 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-01-10 18:40:52 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2010-01-10 18:40:52 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-01-10 18:40:51 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2010-01-10 18:40:51 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2010-01-10 18:40:51 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-01-10 18:40:51 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-01-10 18:40:50 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2010-01-10 18:40:50 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2010-01-10 18:40:50 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-01-10 18:40:50 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-01-10 18:40:47 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2010-01-10 18:40:47 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2010-01-10 18:40:47 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-01-10 18:40:47 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-01-10 18:40:43 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2010-01-10 18:40:43 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-01-10 18:40:42 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2010-01-10 18:40:42 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2010-01-10 18:40:42 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-01-10 18:40:42 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-01-10 18:40:41 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2010-01-10 18:40:41 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-01-10 18:40:38 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2010-01-10 18:40:38 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2010-01-10 18:40:38 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-01-10 18:40:38 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-01-10 18:40:34 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2010-01-10 18:40:34 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-01-10 18:40:33 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2010-01-10 18:40:33 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-01-10 18:40:30 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2010-01-10 18:40:30 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2010-01-10 18:40:30 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-01-10 18:40:30 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-01-10 18:40:26 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2010-01-10 18:40:26 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-01-10 18:40:25 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2010-01-10 18:40:25 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-01-10 18:40:22 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2010-01-10 18:40:22 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2010-01-10 18:40:22 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-01-10 18:40:22 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-01-10 18:40:17 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2010-01-10 18:40:17 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-01-10 18:40:16 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2010-01-10 18:40:16 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2010-01-10 18:40:16 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-01-10 18:40:16 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-01-10 18:40:13 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2010-01-10 18:40:13 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2010-01-10 18:40:13 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-01-10 18:40:13 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-01-10 18:40:09 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2010-01-10 18:40:09 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-01-10 18:40:08 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2010-01-10 18:40:08 ----A---- C:\Windows\system32\xinput1_3.dll
2010-01-10 18:40:07 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2010-01-10 18:40:07 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-01-10 18:40:04 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2010-01-10 18:40:04 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2010-01-10 18:40:04 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-01-10 18:40:04 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-01-10 18:39:59 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2010-01-10 18:39:59 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-01-10 18:39:58 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2010-01-10 18:39:58 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-01-10 18:39:57 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2010-01-10 18:39:57 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-01-10 18:39:55 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2010-01-10 18:39:55 ----A---- C:\Windows\system32\d3dx10.dll
2010-01-10 18:39:53 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2010-01-10 18:39:53 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-01-10 18:39:52 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2010-01-10 18:39:52 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2010-01-10 18:39:52 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-01-10 18:39:52 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-01-10 18:39:49 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2010-01-10 18:39:49 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2010-01-10 18:39:49 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-01-10 18:39:49 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-01-10 18:39:48 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2010-01-10 18:39:48 ----A---- C:\Windows\system32\xinput1_2.dll
2010-01-10 18:39:47 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2010-01-10 18:39:47 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2010-01-10 18:39:47 ----A---- C:\Windows\system32\xinput1_1.dll
2010-01-10 18:39:47 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-01-10 18:39:46 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2010-01-10 18:39:46 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-01-10 18:39:35 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2010-01-10 18:39:35 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-01-10 18:39:34 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2010-01-10 18:39:34 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2010-01-10 18:39:34 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-01-10 18:39:34 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-01-10 18:39:32 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2010-01-10 18:39:32 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-01-10 18:39:30 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2010-01-10 18:39:30 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-01-10 18:39:28 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2010-01-10 18:39:28 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-01-10 18:39:25 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2010-01-10 18:39:25 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-01-10 18:39:23 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2010-01-10 18:39:23 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-01-10 18:39:20 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2010-01-10 18:39:20 ----A---- C:\Windows\system32\d3dx9_24.dll
2009-11-18 20:56:54 ----D---- C:\Program Files (x86)\OpenXML-ODF Translator
2009-11-15 21:26:58 ----D---- C:\rsit
2009-11-15 21:15:12 ----D---- C:\Program Files\trend micro
2009-11-04 11:32:12 ----D---- C:\Program Files (x86)\QIP Infium
2009-11-03 18:48:22 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-11-03 17:42:51 ----D---- C:\Users\Jeník\AppData\Roaming\ZipGenius
2009-11-03 00:06:20 ----N---- C:\Windows\SYSWOW64\TXTUSER.EXE
2009-11-03 00:06:20 ----N---- C:\Windows\SYSWOW64\patchmod.dll
2009-11-03 00:06:20 ----N---- C:\Windows\SYSWOW64\lookmod.dll
2009-11-03 00:06:20 ----N---- C:\Windows\SYSWOW64\hookmod.dll
2009-11-03 00:06:15 ----D---- C:\pc-bib
2009-10-25 14:01:11 ----D---- C:\ProgramData\Google

======List of files/folders modified in the last 1 months======

2010-09-06 11:03:41 ----D---- C:\ProgramData\Skype
2010-07-19 12:28:53 ----D---- C:\ProgramData\FLEXnet
2010-07-01 15:02:38 ----D---- C:\Windows\system32\drivers\UMDF
2010-07-01 15:01:59 ----D---- C:\Windows\WindowsMobile
2010-05-04 23:58:12 ----D---- C:\Users\Jeník\AppData\Roaming\VMware
2010-04-26 10:29:56 ----SD---- C:\Users\Jeník\AppData\Roaming\Microsoft
2010-04-19 19:34:01 ----RSD---- C:\Windows\assembly
2010-04-18 16:08:41 ----A---- C:\Windows\Ascd_log.ini
2010-04-18 16:07:25 ----A---- C:\Windows\Ascd_tmp.ini
2010-04-03 23:55:31 ----A---- C:\Windows\system32\nvudisp.exe
2010-04-03 23:55:31 ----A---- C:\Windows\system32\nvd3dumx.dll
2010-04-03 23:55:31 ----A---- C:\Windows\system32\nvapi64.dll
2010-04-02 15:54:44 ----A---- C:\Windows\system32\NVUNINST.EXE
2010-03-23 00:04:11 ----D---- C:\Users\Jeník\AppData\Roaming\Apple Computer
2010-03-14 20:35:41 ----D---- C:\Program Files\Alwil Software
2010-03-14 14:20:12 ----D---- C:\Windows\SYSWOW64\Dexter Screen Saver dir
2010-03-14 14:17:02 ----D---- C:\Users\Jeník\AppData\Roaming\STGU
2010-03-11 10:07:19 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2010-03-05 09:13:40 ----A---- C:\Windows\SYSWOW64\msjava.dll
2010-02-03 10:13:46 ----D---- C:\Program Files (x86)\WinRAR
2010-01-05 19:58:10 ----D---- C:\Windows\Minidump
2009-11-18 21:39:11 ----D---- C:\Windows\Microsoft.NET
2009-11-15 21:26:55 ----D---- C:\Windows\Temp
2009-11-15 21:25:10 ----D---- C:\Windows\Prefetch
2009-11-15 21:15:12 ----RD---- C:\Program Files
2009-11-15 16:03:54 ----D---- C:\Users\Jeník\AppData\Roaming\skypePM
2009-11-14 20:25:39 ----D---- C:\Users\Jeník\AppData\Roaming\vlc
2009-11-14 20:09:09 ----D---- C:\Windows\inf
2009-11-14 20:09:09 ----AD---- C:\Windows\System32
2009-11-14 20:09:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-11-14 20:04:57 ----D---- C:\ProgramData\NVIDIA
2009-11-12 18:20:32 ----RD---- C:\Users
2009-11-12 17:21:05 ----SHD---- C:\Windows\Installer
2009-11-12 17:20:59 ----D---- C:\Program Files (x86)\Opera
2009-11-12 17:20:48 ----SHD---- C:\System Volume Information
2009-11-11 11:28:27 ----D---- C:\Windows\system32\WDI
2009-11-11 00:37:18 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2009-11-11 00:37:14 ----D---- C:\Windows\SYSWOW64\drivers
2009-11-10 23:38:21 ----D---- C:\Windows\system32\catroot2
2009-11-10 22:57:33 ----SD---- C:\Windows\Downloaded Program Files
2009-11-10 22:12:31 ----D---- C:\Windows
2009-11-07 21:55:45 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-11-04 11:35:23 ----D---- C:\Program Files (x86)\Internet Explorer
2009-11-04 00:06:34 ----D---- C:\Program Files (x86)\Google
2009-11-04 00:04:48 ----RD---- C:\Program Files (x86)
2009-11-03 23:58:36 ----D---- C:\Windows\system32\drivers
2009-11-03 23:55:32 ----HD---- C:\ProgramData
2009-11-03 23:55:32 ----D---- C:\Program Files (x86)\Common Files
2009-11-03 23:55:31 ----AD---- C:\ProgramData\TEMP
2009-11-03 23:50:05 ----D---- C:\Program Files (x86)\DivX
2009-11-03 23:49:32 ----D---- C:\Windows\SysWOW64
2009-11-03 23:42:32 ----D---- C:\ProgramData\VMware
2009-11-03 23:41:51 ----D---- C:\Windows\system32\catroot
2009-11-03 23:36:30 ----D---- C:\Program Files (x86)\The KMPlayer
2009-11-03 23:36:15 ----D---- C:\Windows\system32\Tasks
2009-11-03 23:35:47 ----D---- C:\Windows\winsxs
2009-11-03 23:12:02 ----D---- C:\Users\Jeník\AppData\Roaming\Adobe
2009-11-03 23:09:35 ----D---- C:\Program Files (x86)\Adobe
2009-11-03 22:46:59 ----D---- C:\ProgramData\Adobe
2009-11-03 19:12:03 ----D---- C:\ProgramData\WinZip
2009-11-03 18:56:55 ----D---- C:\Program Files\Common Files\Adobe
2009-11-03 18:52:21 ----RSD---- C:\Windows\Fonts
2009-11-03 18:48:22 ----D---- C:\Program Files\Common Files
2009-11-03 00:06:14 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2009-10-28 18:24:00 ----D---- C:\Users\Jeník\AppData\Roaming\dvdcss

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [2006-11-02 138856]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-06-28 871408]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2010-03-03 19760]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2010-03-03 216456]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2010-03-03 33128]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2010-03-03 84616]
R2 47504;47504; \??\C:\Windows\System32\47504.sys [2001-10-21 6136]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R3 3xHybr64;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybr64.sys [2007-04-20 873216]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x64.sys [2007-12-17 56832]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 19304]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2007-10-02 1227160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-11-01 15680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-04-03 13807976]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 108032]
S2 TBPanel;TBPanel; C:\Windows\system32\drivers\TBPanel.sys []
S3 aj3kb61n;aj3kb61n; C:\Windows\system32\drivers\aj3kb61n.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 6144]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 7936]
S3 radpms;Driver for RADPMS Device; C:\Windows\system32\DRIVERS\radpms.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2008-10-01 40448]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2006-11-02 36864]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 46080]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 CLPSLS;COMODO livePCsupport Service; C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe [2010-02-12 148744]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 159336]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2006-11-02 26624]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-04-03 240232]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2006-11-02 26624]
S2 cmdAgent;COMODO Internet Security Helper Service; E:\instalacky\comodo\COMODO\COMODO Internet Security\cmdagent.exe [2010-03-03 1220688]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-04 136176]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-11-03 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-09 655624]
S3 iPod Service;iPod Service; C:\Program Files (x86)\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

Re: vir

Napsal: 15 lis 2010 22:10
od Rudy
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Re: vir

Napsal: 15 lis 2010 23:16
od Jan Vasak
Tady je sken...nic to nenašlo.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4052

Windows 6.0.6000
Internet Explorer 7.0.6000.16386

15.11.2009 23:11:37
mbam-log-2009-11-15 (23-11-37).txt

Typ skenu: Úplný sken (C:\|)
Skenované objekty: 222897
Uplynulý čas: 40 minuta(y), 11 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Re: vir

Napsal: 15 lis 2010 23:24
od Rudy
Ntuser.dat je regulérní soubor. Udělejte ještě sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 a dejte log. MBAM nenašel nic.

Re: vir

Napsal: 17 lis 2010 13:59
od Jan Vasak
Tady je sken.

Automatická kontrola: dokončeno před 1 den (události: 2511, objekty: 2504, čas: 00:10:27)
Výsledek: OK (události: 2495)
Výsledek: Archiv (události: 3)
16.11.2009 0:01:14 E:\instalacky\qipinfium\qip_cz.exe
16.11.2009 0:01:35 C:\Users\Jeník\Desktop\Desktop\mbam-setup-1.46.exe
16.11.2009 0:01:44 C:\Users\Jeník\Desktop\Desktop\setup_9.0.0.722_16.11.2010_00-16.exe
Výsledek: Zabaleno (události: 6)
15.11.2009 23:58:40 C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Alcohol.exe
15.11.2009 23:58:49 C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64Helper.exe
15.11.2009 23:58:53 C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe
15.11.2009 23:59:30 C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE
16.11.2009 0:00:51 C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AXShlEx.dll
16.11.2009 0:02:33 C:\Program Files (x86)\Opera\Opera.dll
Výsledek: Nezpracováno (události: 5)
16.11.2009 0:02:11 C:\Windows\System32\olepro32.dll Objekt nebyl nalezen
16.11.2009 0:02:17 C:\Windows\System32\guard32.dll Objekt nebyl nalezen
16.11.2009 0:02:30 C:\Windows\System32\Macromed\Flash\NPSWF32.dll Objekt nebyl nalezen
16.11.2009 0:02:30 C:\Windows\System32\MSVBVM60.DLL Objekt nebyl nalezen
16.11.2009 0:02:31 C:\Windows\System32\CRTDLL.dll Objekt nebyl nalezen
Výsledek: Úloha byla spuštěna (události: 1)
Výsledek: Úloha byla dokončena (události: 1)

Re: vir

Napsal: 17 lis 2010 18:33
od Rudy
OK. Jak se nyní PC tváří?

Re: vir

Napsal: 17 lis 2010 19:12
od Jan Vasak
Dobrý večer,
tak za poslední tři dny co to s vámi řeším mi zmizelo 25Gb místa z disku C. Momentálně mám volých 447Mb.

Re: vir

Napsal: 17 lis 2010 19:57
od Jan Vasak
Ještě jeden poznatek. V případě že označím všechny i skryté soubory na disku a dám vlastnosti tak mají dohromady 24,5 a disk má celkem 50, ale přitom hlásí že je úplně plný. Takže někde lítá 25 Gb.

Re: vir

Napsal: 17 lis 2010 20:20
od Rudy
Ještě zkuste toto:

Stáhněte OTL: http://oldtimer.geekstogo.com/OTL.exe . Uložte na plochu, klikněte prvým myšítkem a zadejte "spustit jako správce". Zaškrtněte "pro 64b systém", "pro všechny uživatele", "kontrola na havěť LOP" a "PURITY". Do spodního okna vložte:
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
Klikněte na "Prohledat" a vložte logy OTL.txt. a Extras.txt.

Re: vir

Napsal: 17 lis 2010 21:28
od Jan Vasak
Tak spustil jsem kontrolu a něco to našlo, tak jsem dal vyčistit-pak restart, ale za celou dobu jsem nepochopil, kde je ten txt soubor. Omlouvám se nevím kde ho najít.

Re: vir

Napsal: 17 lis 2010 21:53
od Rudy
Měly by být na kořenovém adresáři. Můžete použít "vyhledat v PC".

Re: vir

Napsal: 17 lis 2010 22:07
od Jan Vasak
OTL logfile created on: 17.11.2009 21:32:58 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Jeník\Desktop\Desktop
64bit-Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): e:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 25,80 Gb Free Space | 52,84% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 59,88 Gb Free Space | 25,72% Space Free | Partition Type: NTFS
Drive E: | 184,05 Gb Total Space | 83,57 Gb Free Space | 45,41% Space Free | Partition Type: NTFS

Computer Name: JENÍK-PC | User Name: Jeník | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010.09.15 00:01:52 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.09.15 00:01:52 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010.04.03 15:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.02.12 19:23:32 | 000,148,744 | ---- | M] (COMODO) -- C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe
PRC - [2009.11.17 21:24:36 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jeník\Desktop\Desktop\OTL.exe
PRC - [2009.08.22 11:31:06 | 005,148,672 | ---- | M] () -- E:\instalacky\Rainlendar2\Rainlendar2.exe
PRC - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
PRC - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


========== Modules (SafeList) ==========

MOD - [2010.03.03 19:54:42 | 000,276,648 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll
MOD - [2009.11.17 21:24:36 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jeník\Desktop\Desktop\OTL.exe
MOD - [2006.11.02 10:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009.11.03 18:48:22 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2006.11.02 16:03:52 | 000,196,096 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2006.11.02 16:00:00 | 000,368,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010.04.03 15:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.03.03 19:54:44 | 001,220,688 | ---- | M] (COMODO) [Auto | Running] -- E:\instalacky\comodo\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010.02.12 19:23:32 | 000,148,744 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe -- (CLPSLS)
SRV - [2009.08.09 16:47:09 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2006.11.02 12:19:10 | 000,428,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2006.11.02 12:19:08 | 000,211,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006.11.02 07:34:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\radpms.sys -- (radpms)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lmimirr.sys -- (lmimirr)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - [2010.03.03 19:53:58 | 000,019,760 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\cmderd.sys -- (cmderd)
DRV:64bit: - [2009.10.22 12:54:24 | 000,040,464 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\58613302.sys -- (58613302)
DRV:64bit: - [2009.10.09 22:30:56 | 000,352,784 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\5861330.sys -- (setup_9.0.0.722_16.11.2010_00-16drv)
DRV:64bit: - [2009.09.25 16:59:46 | 000,157,712 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\58613301.sys -- (58613301)
DRV:64bit: - [2009.06.28 22:47:12 | 000,871,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2008.10.01 12:01:28 | 000,040,448 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2008.04.17 12:12:54 | 000,019,304 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007.12.17 12:32:00 | 000,056,832 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\l160x64.sys -- (AtcL001)
DRV:64bit: - [2007.04.20 06:40:10 | 000,873,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\3xHybr64.sys -- (3xHybr64)
DRV:64bit: - [2006.11.02 10:56:46 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2006.11.01 16:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2006.09.18 22:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2001.10.21 12:22:36 | 000,006,136 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\47504.sys -- (47504)
DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2318273236-1966652962-4018328269-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
IE - HKU\S-1-5-21-2318273236-1966652962-4018328269-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-2318273236-1966652962-4018328269-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-2318273236-1966652962-4018328269-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-2318273236-1966652962-4018328269-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-2318273236-1966652962-4018328269-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru
IE - HKU\S-1-5-21-2318273236-1966652962-4018328269-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2318273236-1966652962-4018328269-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2318273236-1966652962-4018328269-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\S-1-5-21-2318273236-1966652962-4018328269-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8080

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..network.proxy.type: 2

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009.11.04 00:01:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009.11.04 00:01:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.05.04 15:11:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2009.11.03 23:50:05 | 000,000,000 | ---D | M]

[2010.05.04 15:11:41 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Mozilla\Extensions
[2010.05.04 15:11:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeník\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009.10.03 19:41:39 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Mozilla\Firefox\Profiles\ysvjt7un.default\extensions
[2009.10.03 19:35:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.09.14 22:10:37 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.14 22:10:37 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.09.14 22:10:37 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.09.14 22:10:37 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.09.14 22:10:37 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] E:\instalacky\comodo\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2318273236-1966652962-4018328269-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-2318273236-1966652962-4018328269-1000..\Run: [Rainlendar2] E:\instalacky\Rainlendar2\Rainlendar2.exe ()
O4 - Startup: C:\Users\Jeník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_16.11.2010_00-16.lnk = C:\Users\Jeník\Desktop\Desktop\Virus Removal Tool\setup_9.0.0.722_16.11.2010_00-16\startup.exe ()
O4 - Startup: C:\Users\Jeník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skype.lnk = C:\Windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll ()
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jeník\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jeník\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2318273236-1966652962-4018328269-1000\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKU\S-1-5-21-2318273236-1966652962-4018328269-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll ()

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\Windows\SysWow64\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.wmv3 - C:\Windows\SysWow64\WMV9VCM.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== LOP Check ==========

[2009.08.09 17:37:18 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Azureus
[2001.10.21 22:04:44 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\DAEMON Tools
[2010.05.04 17:53:52 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Diercke Globus Online
[2008.11.02 19:37:20 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Gearbox Software
[2008.12.14 13:47:32 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\ICQ
[2001.10.21 13:00:36 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\KWorld Multimedia
[2001.10.21 23:56:28 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Opera
[2010.09.21 18:37:35 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Processing
[2001.10.21 20:17:21 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\QIP
[2010.03.14 14:17:02 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\STGU
[2010.05.04 15:11:41 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Thunderbird
[2009.11.03 17:50:33 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\ZipGenius
[2009.11.17 21:19:29 | 000,032,598 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.10.12 07:55:45 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{4FCBA629-8E8E-4492-8C0A-0DA699842C8F}.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"AdobeBridge" =
"Rainlendar2" = E:\instalacky\Rainlendar2\Rainlendar2.exe -- [2009.08.22 11:31:06 | 005,148,672 | ---- | M] ()
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized -- [2010.05.13 15:12:40 | 026,192,168 | R--- | M] (Skype Technologies S.A.)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.11.03 23:12:02 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Adobe
[2010.03.23 00:04:11 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Apple Computer
[2009.08.09 17:37:18 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Azureus
[2001.10.21 22:04:44 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\DAEMON Tools
[2010.05.04 17:53:52 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Diercke Globus Online
[2009.10.28 18:24:00 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\dvdcss
[2009.04.29 15:43:35 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\ESTsoft
[2008.12.14 01:54:08 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\FastStone
[2008.11.02 19:37:20 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Gearbox Software
[2008.12.14 13:47:32 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\ICQ
[2001.10.21 12:18:59 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Identities
[2001.10.21 13:00:36 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\KWorld Multimedia
[2001.10.21 19:23:08 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Macromedia
[2009.10.07 23:58:47 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Malwarebytes
[2006.11.02 16:06:33 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Media Center Programs
[2010.04.26 10:29:56 | 000,000,000 | --SD | M] -- C:\Users\Jeník\AppData\Roaming\Microsoft
[2010.01.24 23:32:13 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Mozilla
[2001.10.21 23:56:28 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Opera
[2010.09.21 18:37:35 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Processing
[2001.10.21 20:17:21 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\QIP
[2001.10.25 18:27:53 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Real
[2009.11.17 21:21:44 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Skype
[2009.11.17 21:18:03 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\skypePM
[2010.03.14 14:17:02 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\STGU
[2010.05.04 15:11:41 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\Thunderbird
[2009.11.14 20:25:39 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\vlc
[2010.05.04 23:58:12 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\VMware
[2008.12.07 23:43:05 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\WinRAR
[2009.11.03 17:50:33 | 000,000,000 | ---D | M] -- C:\Users\Jeník\AppData\Roaming\ZipGenius

< %APPDATA%\*.exe /s >


< MD5 for: AUTOCHK.EXE >
[2006.11.02 12:15:40 | 000,730,112 | ---- | M] (Microsoft Corporation) MD5=B56DB371DC4C6F791B2708EAA4814BB7 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_3bdbc6d17d338351\autochk.exe
[2006.11.02 10:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\SysWOW64\autochk.exe
[2006.11.02 10:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\SysWOW64\autochk.exe
[2006.11.02 10:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2006.11.02 10:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\SysWOW64\cryptsvc.dll
[2006.11.02 10:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\SysWOW64\cryptsvc.dll
[2006.11.02 10:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2006.11.02 12:16:52 | 000,163,328 | ---- | M] (Microsoft Corporation) MD5=4B48CC76EBFE97314EA64C3BDA983623 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_cfe772ec5641ae4b\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2006.11.02 12:15:52 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=5D768BEB711FF67ADC8FAD4E2F6ABB02 -- C:\Windows\explorer.exe
[2006.11.02 12:15:52 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=5D768BEB711FF67ADC8FAD4E2F6ABB02 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_ab9c809a352ecf21\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\SysWOW64\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\SysWOW64\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_b5f12aec698f911c\explorer.exe

< MD5 for: LSASS.EXE >
[2006.11.02 12:15:57 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=7B6AA93EEE1F354B3A4AC2ADE5EE334E -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_0032644a183d9898\lsass.exe

< MD5 for: NDIS.SYS >
[2006.11.02 12:52:20 | 000,641,128 | ---- | M] (Microsoft Corporation) MD5=CCA69C9493A13AF86DCF0AE272AFBB72 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_01af054ed7816d7a\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\SysWOW64\netlogon.dll
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\SysWOW64\netlogon.dll
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_61f43b1d27cd0ab4\netlogon.dll
[2006.11.02 12:18:47 | 000,684,032 | ---- | M] (Microsoft Corporation) MD5=BFAB28B54DF41208CF3490FF26E53FD9 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_579f90caf36c48b9\netlogon.dll

< MD5 for: SCECLI.DLL >
[2006.11.02 12:19:09 | 000,239,616 | ---- | M] (Microsoft Corporation) MD5=32EF13F20B28966D29DE5EABE036431D -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_91f5bbe3948dcf74\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\SysWOW64\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\SysWOW64\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_9c4a6635c8ee916f\scecli.dll

< MD5 for: SMSS.EXE >
[2006.11.02 12:16:12 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=362C49C769D938B1FB6648D240BF5C76 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_06228184d4a4001c\smss.exe

< MD5 for: SVCHOST.EXE >
[2006.11.02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\SysWOW64\svchost.exe
[2006.11.02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\SysWOW64\svchost.exe
[2006.11.02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2006.11.02 12:16:13 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=6B30067D55E10E4DEBDC842FB1911479 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_0fa33328c0c01e47\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.11.02 10:48:29 | 001,193,472 | ---- | M] (Microsoft Corporation) MD5=DB08D7CB8D64A07E4D59F8983CD13758 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_bb6d6f644acc0b1a\tcpip.sys

< MD5 for: USERINIT.EXE >
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\SysWOW64\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\SysWOW64\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
[2006.11.02 12:16:15 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=46D5B6B80E4A5997F508F938F96B7628 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_3610939d8d22586d\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.11.02 12:16:20 | 000,397,312 | ---- | M] (Microsoft Corporation) MD5=9642EED809219A2F914DD8E40A09C48B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_c9aada9e9063dc57\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\SysWOW64\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\SysWOW64\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.11.02 10:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\SysWOW64\ws2_32.dll
[2006.11.02 10:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\SysWOW64\ws2_32.dll
[2006.11.02 10:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2006.11.02 12:19:11 | 000,264,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_4c9f8a4a89c86626\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< %systemroot%\system32\drivers\*.sys /3 >
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys

< %systemroot%\system32\*.* /3 >
[2010.03.14 20:36:34 | 000,000,000 | ---- | M] () -- C:\Windows\SysWOW64\config.nt
[2010.03.03 19:54:42 | 000,276,648 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll
[2010.03.05 09:13:40 | 000,947,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msjava.dll
[2010.04.03 23:55:31 | 001,296,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvapi.dll
[2010.04.03 23:55:31 | 011,647,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvcompiler.dll
[2010.04.03 23:55:31 | 004,029,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvcuda.dll
[2010.04.03 23:55:31 | 002,646,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvcuvenc.dll
[2010.04.03 23:55:31 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvcuvid.dll
[2010.04.03 23:55:31 | 009,386,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll
[2010.04.03 23:55:31 | 015,227,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvoglv32.dll
[2010.04.03 23:55:31 | 004,503,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvwgf2um.dll
[2010.04.03 23:55:31 | 000,056,424 | ---- | M] (Khronos Group) -- C:\Windows\SysWOW64\OpenCL.dll
[2010.02.04 09:01:14 | 000,022,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\X3DAudio1_7.dll
[2010.02.04 09:01:14 | 000,238,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xactengine3_6.dll
[2010.02.04 09:01:14 | 000,074,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\XAPOFX1_4.dll
[2010.02.04 09:01:14 | 000,528,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\XAudio2_6.dll

< End of report >

Re: vir

Napsal: 17 lis 2010 22:11
od Jan Vasak
Jen pro zajímavost, tak od posledního skenu je to cca 30minut a C disk ukazuje 23,4 Gb z 48,8 volných.
Honza

Re: vir

Napsal: 17 lis 2010 22:17
od Jan Vasak
tady přikládám extras
OTL Extras logfile created on: 17.11.2009 21:32:58 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Jeník\Desktop\Desktop
64bit-Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): e:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 25,80 Gb Free Space | 52,84% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 59,88 Gb Free Space | 25,72% Space Free | Partition Type: NTFS
Drive E: | 184,05 Gb Total Space | 83,57 Gb Free Space | 45,41% Space Free | Partition Type: NTFS

Computer Name: JENÍK-PC | User Name: Jeník | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-2318273236-1966652962-4018328269-1000\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = comfile] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.pif [@ = piffile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l ()
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2318273236-1966652962-4018328269-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5425BD2B-B7EF-4277-90FA-CBD21A73A30D}" = lport=3389 | protocol=6 | dir=in | name=hovno |
"{CCD6545E-F6F1-4F38-9899-22513CEF62C2}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{E795C83A-1128-4F9A-95B7-508DB6BCF2A4}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{28779E80-5732-455B-BA9A-31535C09041F}" = protocol=6 | dir=in | app=e:\burnout\burnoutconfigtool.exe |
"{49389A23-DAFB-4874-B7B8-DC91B22B69A1}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{53F5CBF4-6B92-4E62-976B-46B14922E2C0}" = protocol=6 | dir=in | app=e:\call of duty\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{56EB3440-D010-4A22-8F94-821F1CC7C110}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{831BD5A9-8DE9-4B3C-8AE9-44B0D87F7715}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8441E234-E742-4DBA-A98B-C3EDE610AA09}" = protocol=17 | dir=in | app=e:\burnout\burnoutconfigtool.exe |
"{9A92A904-DD10-415D-A7EF-21B94D4F3328}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{A720004B-107D-4CD1-B213-DCC6A4B0B5E7}" = protocol=17 | dir=in | app=e:\burnout\burnoutlauncher.exe |
"{AA09CACF-7B2D-4A9A-AF31-827229B5CC00}" = protocol=6 | dir=in | app=e:\burnout\burnoutlauncher.exe |
"{AA52910F-1F16-47AB-AA98-0976EA81F875}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B70779AE-84EB-402E-B389-0478E5A3A028}" = protocol=6 | dir=in | app=e:\burnout\burnoutparadise.exe |
"{B7E8361D-3CEB-4722-BAE9-1B3D390D2202}" = protocol=17 | dir=in | app=e:\burnout\burnoutparadise.exe |
"{CDE8CBE5-FB12-4D76-8E11-CA8FE810DF38}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{DDB87AC1-007B-4834-A91D-7AB5D7FFA333}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E73BCFE9-FA36-4016-AC7E-B619CA3F4D2A}" = protocol=6 | dir=in | app=e:\call of duty\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{E93F1AC3-ADDA-4F06-97B4-65EFED20C3A2}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{EBF30969-CE6B-4F5F-A1FB-3BC0A9C59D93}" = protocol=17 | dir=in | app=e:\call of duty\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{EC20B547-20DF-41CC-B76B-7DAB834CA60E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{F788592E-0FA9-4D9C-A14F-5B3840146E6F}" = protocol=17 | dir=in | app=e:\call of duty\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"TCP Query User{6467AC0B-4249-4CCD-BFD8-A636928FB9E0}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{832A4594-7E93-4B6B-9313-78670B31DA71}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{83B42630-7F70-4CAB-99D4-A98E65FA6A57}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"TCP Query User{B1CC0831-D0A4-4BC5-B373-0BF1BE81A742}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{B6DF9B90-2606-4D12-80B2-ED3940674F99}C:\program files (x86)\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qip\qip.exe |
"TCP Query User{DE4DABB1-B499-45F7-A7F3-1EC034F504C2}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{FEE836F2-9884-427D-8A13-3A9A8CCBF0C9}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe |
"UDP Query User{190E2987-E76F-4857-BCA3-1EEDA8877270}C:\program files (x86)\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qip\qip.exe |
"UDP Query User{2EA2B552-84A9-4648-BD16-CC97F47CCF53}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{5606D731-992D-4AAA-85F7-0727BC5DBD93}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{77ABD986-524A-4893-AF10-8DCF0CA7257B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{867E1A00-A93F-472B-A75E-C728DDAE24DA}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe |
"UDP Query User{ACC02994-831B-4C03-B088-29B25D1DD925}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{FAEE59C9-6072-4A77-B420-9AC3371D3AB9}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A9B7ADD-FF58-49E5-8204-956121D764DC}" = Apple Mobile Device Support
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6ED1F13C-6C61-F771-463E-9BA9A891BFE7}" = ATI Catalyst Install Manager
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{D8BD0DDE-E007-4A55-9973-B95D5FA08C3F}" = iTunes
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 14
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{377B2121-65F6-4C5F-998F-5284DEF41F3E}" = COMODO livePCsupport
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49F864F5-1A85-4E69-8764-C7E4EABD8BA0}" = KWorld TV Tuner Card Utilities
"{4CE4B975-A5C1-43C0-A565-C00F0ABFC94C}" = PC-Bibliothek 3.0
"{59D1195A-7E64-4120-BB37-F053D9FD45FB}" = ODF Add-in for Microsoft Office
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AE9A059-6372-435D-A5FE-0568A3B67F19}" = HyperMediaCenter
"{6E19F210-3813-4002-B561-94D66AA182B6}" = Atheros Communications Inc.(R) L1 Gigabit Ethernet Driver
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9B97EC91-B3FD-4BFF-88FC-5345A26AC2E7}" = Adobe Illustrator CS5
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A92000000001}" = Adobe Reader 9.2 - Czech
"{ADEBB98C-DCD0-4369-BC4A-71B342CF55B2}" = HT Fireman CD/DVD Burner
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E1B2DF7C-A176-4A1D-9D32-3CEC5037A524}" = Apple Application Support
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"ALZip_is1" = ALZip
"CCleaner" = CCleaner (remove only)
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EXPERTool_is1" = EXPERTool 6.4
"FastStone Image Viewer" = FastStone Image Viewer 3.6
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Rainlendar2" = Rainlendar2 (remove only)
"RocketDock_is1" = RocketDock 1.3.5
"TVP3XDrv" = KWorld TV713X BDA Driver
"VLC media player" = VLC media player 1.0.1
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2318273236-1966652962-4018328269-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP Infium" = QIP Infium 2.0.9032 RC4

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 17.11.2009 8:46:34 | Computer Name = Jeník-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 17.11.2009 8:46:34 | Computer Name = Jeník-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 17.11.2009 15:21:19 | Computer Name = Jeník-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 17.11.2009 15:21:19 | Computer Name = Jeník-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 17.11.2009 15:21:20 | Computer Name = Jeník-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace cmdagent.exe, verze 4.0.4167.742, časové razítko
0x4b8e9a2d, chybující modul ntdll.dll, verze 6.0.6000.16386, časové razítko 0x4549d372,
kód výjimky 0xc0000005, posun chyby 0x000000000005278e, ID procesu 0x114, čas spuštění
aplikace 0x01ca66ab03038c7f.

Error - 17.11.2009 15:21:21 | Computer Name = Jeník-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 17.11.2009 16:18:41 | Computer Name = Jeník-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 17.11.2009 16:18:41 | Computer Name = Jeník-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 17.11.2009 16:21:05 | Computer Name = Jeník-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 17.11.2009 16:21:05 | Computer Name = Jeník-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

[ OSession Events ]
Error - 2.12.2008 18:03:25 | Computer Name = Jeník-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 1586 seconds with 1380 seconds of active time. This session ended with a
crash.

Error - 6.1.2010 20:15:33 | Computer Name = Jeník-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.

Error - 19.4.2010 17:13:39 | Computer Name = Jeník-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10.5.2010 13:17:10 | Computer Name = Jeník-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 17524
seconds with 900 seconds of active time. This session ended with a crash.

Error - 15.11.2009 15:10:29 | Computer Name = Jeník-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 542
seconds with 180 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 15.11.2009 6:34:09 | Computer Name = Jeník-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 16.11.2009 5:19:51 | Computer Name = Jeník-PC | Source = BROWSER | ID = 8032
Description =

Error - 16.11.2009 6:52:01 | Computer Name = Jeník-PC | Source = DCOM | ID = 10010
Description =

Error - 16.11.2009 6:54:58 | Computer Name = Jeník-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 16.11.2009 6:59:21 | Computer Name = Jeník-PC | Source = BROWSER | ID = 8032
Description =

Error - 17.11.2009 15:21:54 | Computer Name = Jeník-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 17.11.2009 16:18:04 | Computer Name = Jeník-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 17.11.2009 16:21:11 | Computer Name = Jeník-PC | Source = W32Time | ID = 39452706
Description =

Error - 17.11.2009 16:22:14 | Computer Name = Jeník-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 17.11.2009 16:41:29 | Computer Name = Jeník-PC | Source = BROWSER | ID = 8032
Description =


< End of report >

Re: vir

Napsal: 17 lis 2010 23:05
od Rudy
Do spodního okna zkopírujte:
:files
C:\Windows\SysNative\47504.sys
a klikněte na "vyčistit".
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz