VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Log z UPM

https://forum.viry.cz:443/viewtopic.php?t=115491

Stránka 1 z 1

Log z UPM

Napsal: 18 zář 2011 14:15
od tomasr
Prosím o zhlédnutí. Předem děkuji.
Tom

Windows XP SP 3 (build 2600)
Boot Mode: Normal
Ověření souborů Microsoftu: Ano
Whitelist: Ano
Internet Explorer v6.00.2900.5512 (xpsp.080413-2105)
Log vygenerován: 18.9.2011 15:07:39
================================================================

SmallARK
================================================================
[R]NtAddBootEntry -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtAllocateVirtualMemory -> C:\WINDOWS\system32\drivers\aswSP.SYS
[R]NtClose -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtCreateEvent -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtCreateEventPair -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtCreateFile -> C:\WINDOWS\system32\drivers\fwdrv.sys
[R]NtCreateIoCompletion -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtCreateKey -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtCreateMutant -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtCreateProcess -> C:\WINDOWS\system32\drivers\fwdrv.sys
[R]NtCreateProcessEx -> C:\WINDOWS\system32\drivers\fwdrv.sys
[R]NtCreateSection -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtCreateSemaphore -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtCreateThread -> C:\WINDOWS\system32\drivers\fwdrv.sys
[R]NtCreateTimer -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtDeleteBootEntry -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtDeleteFile -> C:\WINDOWS\system32\drivers\fwdrv.sys
[R]NtDeleteKey -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtDeleteValueKey -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtDuplicateObject -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtEnumerateKey -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtEnumerateValueKey -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtFreeVirtualMemory -> C:\WINDOWS\system32\drivers\aswSP.SYS
[R]NtLoadDriver -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtMapViewOfSection -> C:\WINDOWS\system32\drivers\khips.sys
[R]NtModifyBootEntry -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtNotifyChangeKey -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtNotifyChangeMultipleKeys -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtOpenEvent -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtOpenEventPair -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtOpenFile -> C:\WINDOWS\system32\drivers\fwdrv.sys
[R]NtOpenIoCompletion -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtOpenKey -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtOpenMutant -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtOpenProcess -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtOpenSection -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtOpenSemaphore -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtOpenThread -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtOpenTimer -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtProtectVirtualMemory -> C:\WINDOWS\system32\drivers\aswSP.SYS
[R]NtQueryKey -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtQueryObject -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtQueryValueKey -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtRenameKey -> C:\WINDOWS\system32\drivers\aswSP.SYS
[R]NtRestoreKey -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtResumeThread -> C:\WINDOWS\system32\drivers\fwdrv.sys
[R]NtSetBootEntryOrder -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtSetBootOptions -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtSetInformationFile -> C:\WINDOWS\system32\drivers\fwdrv.sys
[R]NtSetSystemInformation -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtSetSystemPowerState -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtSetValueKey -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtShutdownSystem -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtSystemDebugControl -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtVdmControl -> C:\WINDOWS\system32\drivers\aswSnx.SYS
[R]NtWriteFile -> C:\WINDOWS\system32\drivers\fwdrv.sys


Běžící procesy
================================================================

C:\PROGRAM FILES\RAINLENDAR2\RAINLENDAR2.EXE
C:\PROGRAM FILES\PAMELA\PAMELA.EXE
C:\WINDOWS\SYSTEM32\NVSVC32.EXE
C:\WINDOWS\SYSTEM32\HPZIPM12.EXE
C:\PROGRAM FILES\UPM\UPM.EXE

Scanner
================================================================
[R] daemon.exe
Spouští se po startu HKLM Run [DAEMON Tools]

[?] Rainlendar2.exe
Bez výrobce
Spouští se po startu HKCU Run [Rainlendar2]
Soubor 12%

[R] Skype.exe
Spouští se po startu HKCU Run [Skype]
Podvržená cesta modulu: (00400000) C:\Program Files\Skype\Phone\Skype.exe

[?] Pamela.exe
Spouští se po startu HKCU Run [pamela.exe]
Soubor 14%

[?] nvsvc32.exe
Non Microsoft v System32:

[?] HPZipm12.exe
Non Microsoft v System32:
Nemá okno

[R] TOTALCMD.EXE
EntryPoint v sekci: UPX1
|_ Celkový počet sekcí: 3

[S] explorer.exe
Spouští se po startu HKLM Winlogon [Shell]

[R] thebat.exe
Spouští se po startu HKCU Run [thebat_startup]
EntryPoint v sekci: .ITEXT
|_ Celkový počet sekcí: 9

[?] UPM.exe
Soubor 7%


Po spuštění
================================================================

HKCU Run
|_ [R][thebat_startup] C:\Program Files\The Bat!\thebat.exe /minimize
|_ [?][Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
|_ [R][Skype] C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized
|_ [?][pamela.exe] C:\Program Files\Pamela\pamela.exe

HKLM Run
|_ [R][DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe -lang 1033
|_ [?][NvCplDaemon] C:\WINDOWS\system32\NvCpl.dll ,NvStartup
|_ [R][avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe /nogui

HKLM IC
|_ [X][>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP (Soubor nenalezen)
|_ [?][{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] C:\WINDOWS\INF\msnetmtg.inf ,NetMtg.Install.PerUser.NT
|_ [?][{5945c046-1e7d-11d1-bc44-00c04fd912be}] C:\WINDOWS\INF\msmsgs.inf ,BLC.QuietInstall.PerUser
|_ [?][{6BF52A52-394A-11d3-B153-00C04F79FAA6}] C:\WINDOWS\INF\wmp.inf ,PerUserStub
|_ [?][{89820200-ECBD-11cf-8B85-00AA005B4340}] regsvr32.exe /s /n /i:U shell32.dll


HKLM BHO
|_ [?][{69FC0024-10EB-480A-BBF2-3BF4E78E17B1}] C:\Program Files\Core Services\DebugBar\DebugInfoBar.dll
|_ [?][{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

HKCU IE WebBrowser Toolbar
|_ [?][{3E1201F4-1707-409F-BB45-A5F192381DA0}] C:\Program Files\Core Services\DebugBar\DebugToolBar.dll

HKLM IE Toolbar
|_ [?][{95188727-288F-4581-A48D-EAB3BD027314}] C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
|_ [?][{3E1201F4-1707-409F-BB45-A5F192381DA0}] C:\Program Files\Core Services\DebugBar\DebugToolBar.dll

Služby (Zobraz běžící: True, Zobraz zastavené: False, Zobraz i bezpečné služby: False)
================================================================
[?] NVIDIA Display Driver Service
|_ Cesta: C:\WINDOWS\System32\nvsvc32.exe
| |_ Výrobce: NVIDIA Corporation
| |_ Popis: NVIDIA Driver Helper Service, Version 91.48
| |_ MD5: 986D6666E076AFD2B60ACAFD5B01A00F
|
|_ Jméno: NVSvc
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Win32 Own Process
|_ Dependency:

[?] Pml Driver HPZ12
|_ Cesta: C:\WINDOWS\system32\HPZipm12.exe
| |_ Výrobce: HP
| |_ Popis: PML Driver
| |_ MD5: D31F88C5F19EEFA366A415D6BC5F2ABC
|
|_ Jméno: Pml Driver HPZ12
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Win32 Own Process
|_ Dependency:

[X] Lokátor vzdáleného volání procedur (RPC)
|_ Cesta: C:\WINDOWS\C:\WINDOWS\System32\locator.exe
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: RpcLocator
|_ StartName: NT AUTHORITY\NetworkService
|_ Typ spouštění: Boot Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency: LanmanWorkstation


Ovladače (Zobraz běžící: True, Zobraz zastavené: False, Zobraz i bezpečné služby: False)
================================================================
[?] Ovladač procesoru AMD
|_ Cesta: C:\WINDOWS\System32\DRIVERS\AmdK8.sys
| |_ Výrobce: Advanced Micro Devices
| |_ Popis: AMD Processor Driver
| |_ MD5: F6F5E047369784E607F3A636AC576148
|
|_ Jméno: AmdK8
|_ StartName:
|_ Typ spouštění: System Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] cdrbsdrv
|_ Cesta: C:\WINDOWS\system32\drivers\cdrbsdrv.sys
| |_ Výrobce: B.H.A Corporation
| |_ Popis: CD-ROM Filter Driver for Windows2000/xp
| |_ MD5: E0042BD5BEF17A6A3EF1DF576BDE24D1
|
|_ Jméno: cdrbsdrv
|_ StartName:
|_ Typ spouštění: System Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Service for Realtek HD Audio (WDM)
|_ Cesta: C:\WINDOWS\system32\drivers\RtkHDAud.sys
| |_ Výrobce: Realtek Semiconductor Corp.
| |_ Popis: Realtek(r) High Definition Audio Function Driver
| |_ MD5: 3000E98F519CF6FDA669BAE8E47F7B4F
|
|_ Jméno: IntcAzAudAddService
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Logitech SetPoint Keyboard Driver
|_ Cesta: C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
| |_ Výrobce: Logitech, Inc.
| |_ Popis: Logitech PS2 Keyboard Filter Driver.
| |_ MD5: 702E5FFD2DD24B4B00F798953320FC20
|
|_ Jméno: L8042Kbd
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] nv
|_ Cesta: C:\WINDOWS\System32\DRIVERS\nv4_mini.sys
| |_ Výrobce: NVIDIA Corporation
| |_ Popis: NVIDIA Compatible Windows 2000 Miniport Driver, Version 91.48
| |_ MD5: 15A6306A0B958BF60F09688D0EE70479
|
|_ Jméno: nv
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] nvata
|_ Cesta: C:\WINDOWS\System32\DRIVERS\nvata.sys
| |_ Výrobce: NVIDIA Corporation
| |_ Popis: NVIDIA® nForce(TM) IDE Performance Driver
| |_ MD5: 9ECCD189A9554C30A0D18A429778C7BA
|
|_ Jméno: nvata
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] NVIDIA nForce Networking Controller Driver
|_ Cesta: C:\WINDOWS\System32\DRIVERS\NVENETFD.sys
| |_ Výrobce: NVIDIA Corporation
| |_ Popis: NVIDIA Networking Function Driver.
| |_ MD5: 4D6F0D3FB17C1BA64942F415C73ADCDB
|
|_ Jméno: NVENETFD
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] NVIDIA Network Bus Enumerator
|_ Cesta: C:\WINDOWS\System32\DRIVERS\nvnetbus.sys
| |_ Výrobce: NVIDIA Corporation
| |_ Popis: NVIDIA Networking Bus Driver.
| |_ MD5: 921E63AA1E1A20302223D016ACAFB52B
|
|_ Jméno: nvnetbus
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] PDIHWCTL
|_ Cesta: C:\WINDOWS\system32\drivers\pdihwctl.sys
| |_ Výrobce: Portrait Displays, Inc.
| |_ Popis: PdiHwCtl NT kernel-mode driver
| |_ MD5: 274FB48DC92E0EC012D4D8D866CFAF8A
|
|_ Jméno: PDIHWCTL
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] StarForce Protection Synchronization Driver (version 3.x)
|_ Cesta: C:\WINDOWS\System32\drivers\sfsync03.sys
| |_ Výrobce: Protection Technology
| |_ Popis: StarForce Protection Synchronization Driver
| |_ MD5: B27F70092A84B2A381D1FCDBBB82F876
|
|_ Jméno: sfsync03
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] sptd
|_ Cesta: C:\WINDOWS\System32\Drivers\sptd.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: sptd
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Live! Cam Vista IM (VF0420)
|_ Cesta: C:\WINDOWS\system32\DRIVERS\V0420Vid.sys
| |_ Výrobce: Creative Technology Ltd.
| |_ Popis: Video Capture Device Driver
| |_ MD5: E579144C0BFA5720E1DA5A7783058E9A
|
|_ Jméno: V0420VID
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] WinDriver6
|_ Cesta: C:\WINDOWS\system32\drivers\windrvr6.sys
| |_ Výrobce: Jungo
| |_ Popis: WinDriver Device Driver 8.11
| |_ MD5: 097A8291DF541F9B9AF2C500797CDCAA
|
|_ Jméno: WinDriver6
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:


lNetStat
================================================================
Typ: PID Proces Local <-> Remote Status
-----------------------------------------------------------------------------------------
TCP (2796) tcpsvcs.exe 0.0.0.0:7 LISTENING
TCP (2796) tcpsvcs.exe 0.0.0.0:9 LISTENING
TCP (2796) tcpsvcs.exe 0.0.0.0:13 LISTENING
TCP (2796) tcpsvcs.exe 0.0.0.0:17 LISTENING
TCP (2796) tcpsvcs.exe 0.0.0.0:19 LISTENING
TCP (1128) svchost.exe 0.0.0.0:135 LISTENING
TCP (4) Systém 0.0.0.0:445 LISTENING
TCP (3880) kpf4gui.exe 0.0.0.0:1183 LISTENING
TCP (3116) kpf4gui.exe 0.0.0.0:1201 LISTENING
TCP (660) Skype.exe 0.0.0.0:16900 LISTENING
TCP (2848) kpf4ss.exe 0.0.0.0:44334 LISTENING
TCP (2848) kpf4ss.exe 0.0.0.0:44501 LISTENING
TCP (3880) kpf4gui.exe 127.0.0.1:1181 <-> 127.0.0.1:44334 ESTABLISHED
TCP (3880) kpf4gui.exe 127.0.0.1:1183 <-> 127.0.0.1:1189 ESTABLISHED
TCP (2848) kpf4ss.exe 127.0.0.1:1189 <-> 127.0.0.1:1183 ESTABLISHED
TCP (3116) kpf4gui.exe 127.0.0.1:1199 <-> 127.0.0.1:44334 ESTABLISHED
TCP (3116) kpf4gui.exe 127.0.0.1:1201 <-> 127.0.0.1:1203 ESTABLISHED
TCP (2848) kpf4ss.exe 127.0.0.1:1203 <-> 127.0.0.1:1201 ESTABLISHED
TCP (2916) firefox.exe 127.0.0.1:1882 <-> 127.0.0.1:1883 ESTABLISHED
TCP (2916) firefox.exe 127.0.0.1:1883 <-> 127.0.0.1:1882 ESTABLISHED
TCP (2916) firefox.exe 127.0.0.1:1884 <-> 127.0.0.1:1885 ESTABLISHED
TCP (2916) firefox.exe 127.0.0.1:1885 <-> 127.0.0.1:1884 ESTABLISHED
TCP (3660) thebat.exe 127.0.0.1:3406 <-> 127.0.0.1:12993 ESTABLISHED
TCP (3660) thebat.exe 127.0.0.1:3407 <-> 127.0.0.1:12993 ESTABLISHED
TCP (3660) thebat.exe 127.0.0.1:3408 <-> 127.0.0.1:12993 ESTABLISHED
TCP (3660) thebat.exe 127.0.0.1:3409 <-> 127.0.0.1:12993 ESTABLISHED
TCP (0) 127.0.0.1:3427 TIME_WAIT
TCP (0) 127.0.0.1:3428 TIME_WAIT
TCP (2524) mDNSResponder.exe 127.0.0.1:5354 LISTENING
TCP (1644) AvastSvc.exe 127.0.0.1:12080 LISTENING
TCP (1644) AvastSvc.exe 127.0.0.1:12110 LISTENING
TCP (1644) AvastSvc.exe 127.0.0.1:12119 LISTENING
TCP (1644) AvastSvc.exe 127.0.0.1:12143 LISTENING
TCP (1644) AvastSvc.exe 127.0.0.1:12563 LISTENING
TCP (1644) AvastSvc.exe 127.0.0.1:12993 LISTENING
TCP (1644) AvastSvc.exe 127.0.0.1:12993 <-> 127.0.0.1:3406 ESTABLISHED
TCP (1644) AvastSvc.exe 127.0.0.1:12993 <-> 127.0.0.1:3407 ESTABLISHED
TCP (1644) AvastSvc.exe 127.0.0.1:12993 <-> 127.0.0.1:3408 ESTABLISHED
TCP (1644) AvastSvc.exe 127.0.0.1:12993 <-> 127.0.0.1:3409 ESTABLISHED
TCP (1644) AvastSvc.exe 127.0.0.1:12995 LISTENING
TCP (2848) kpf4ss.exe 127.0.0.1:44334 <-> 127.0.0.1:1181 ESTABLISHED
TCP (2848) kpf4ss.exe 127.0.0.1:44334 <-> 127.0.0.1:1199 ESTABLISHED
TCP (4) Systém 172.21.0.40:139 LISTENING
TCP (660) Skype.exe 172.21.0.40:1609 <-> 77.236.161.204:443 ESTABLISHED
TCP (776) plugin-container.exe172.21.0.40:2837 <-> 195.250.146.99:80 ESTABLISHED
TCP (660) Skype.exe 172.21.0.40:3133 <-> 213.146.189.203:443 ESTABLISHED
TCP (0) 172.21.0.40:3382 TIME_WAIT
TCP (1644) AvastSvc.exe 172.21.0.40:3410 <-> 195.113.118.11:993 ESTABLISHED
TCP (1644) AvastSvc.exe 172.21.0.40:3411 <-> 74.125.79.109:993 ESTABLISHED
TCP (1644) AvastSvc.exe 172.21.0.40:3412 <-> 74.125.79.109:993 ESTABLISHED
TCP (1644) AvastSvc.exe 172.21.0.40:3413 <-> 91.207.188.82:993 ESTABLISHED
TCP (0) 172.21.0.40:3422 TIME_WAIT
TCP (0) 172.21.0.40:3424 TIME_WAIT
TCP (3012) UPM.exe 172.21.0.40:3425 CLOSE_WAIT
TCP (0) 172.21.0.40:3426 TIME_WAIT
TCP (0) 172.21.0.40:3431 TIME_WAIT
TCP (0) 172.21.0.40:3432 TIME_WAIT
TCP (2916) firefox.exe 172.21.0.40:3433 <-> 66.102.13.189:443 ESTABLISHED
TCP (3012) UPM.exe 172.21.0.40:3435 <-> 199.7.52.190:80 ESTABLISHED
TCP (3012) UPM.exe 172.21.0.40:3436 <-> 199.7.52.190:80 ESTABLISHED
TCP (3012) UPM.exe 172.21.0.40:3437 <-> 192.204.196.69:80 ESTABLISHED
TCP (3012) UPM.exe 172.21.0.40:3438 <-> 192.204.196.69:80 ESTABLISHED
TCP (2916) firefox.exe 172.21.0.40:3439 <-> 66.102.13.189:443 ESTABLISHED
TCP (3012) UPM.exe 172.21.0.40:3440 <-> 199.7.52.190:80 ESTABLISHED
TCP (3012) UPM.exe 172.21.0.40:3441 <-> 199.7.51.190:80 ESTABLISHED
TCP (3012) UPM.exe 172.21.0.40:3442 <-> 195.113.232.75:80 ESTABLISHED
UDP (2796) tcpsvcs.exe 0.0.0.0:7 <-> 199.7.48.190:80 ESTABLISHED
UDP (2796) tcpsvcs.exe 0.0.0.0:9
UDP (2796) tcpsvcs.exe 0.0.0.0:13
UDP (2796) tcpsvcs.exe 0.0.0.0:17
UDP (2796) tcpsvcs.exe 0.0.0.0:19
UDP (4) Systém 0.0.0.0:445
UDP (888) lsass.exe 0.0.0.0:500
UDP (2524) mDNSResponder.exe 0.0.0.0:1172
UDP (3880) kpf4gui.exe 0.0.0.0:1182
UDP (3880) kpf4gui.exe 0.0.0.0:1184
UDP (3116) kpf4gui.exe 0.0.0.0:1200
UDP (3116) kpf4gui.exe 0.0.0.0:1202
UDP (3116) kpf4gui.exe 0.0.0.0:1294
UDP (888) lsass.exe 0.0.0.0:4500
UDP (660) Skype.exe 0.0.0.0:16900
UDP (2848) kpf4ss.exe 0.0.0.0:44334
UDP (1244) svchost.exe 127.0.0.1:123
UDP (660) Skype.exe 127.0.0.1:1027
UDP (660) Skype.exe 127.0.0.1:1034
UDP (1540) svchost.exe 127.0.0.1:1900
UDP (776) plugin-container.exe127.0.0.1:2617
UDP (1244) svchost.exe 172.21.0.40:123
UDP (4) Systém 172.21.0.40:137
UDP (4) Systém 172.21.0.40:138
UDP (1540) svchost.exe 172.21.0.40:1900
UDP (2524) mDNSResponder.exe 172.21.0.40:5353

Moduly (Zobraz i bezpečné DLL: False, Jen bez výrobce: True, Zobraz registrované: False)
================================================================
[?] mdnsnsp.dll
|_ Cesta: C:\Program Files\Bonjour\mdnsNSP.dll
|_ MD5: 1F5A570AD942DFCFE4500326ABDD72B2
|_ Výrobce: Apple Computer, Inc.
|_ Procesy
|_ svchost.exe (1128)
|_ svchost.exe (1244)
|_ AvastSvc.exe (1644)
|_ Skype.exe (660)
|_ spoolsv.exe (2092)
|_ tcpsvcs.exe (2796)
|_ kpf4ss.exe (2848)
|_ kpf4gui.exe (3116)
|_ firefox.exe (2916)
|_ plugin-container.exe (1340)
|_ plugin-container.exe (776)
|_ thebat.exe (3660)
|_ UPM.exe (3012)

[?] setiface.dll
|_ Cesta: C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll
|_ MD5: B4A321FCD7732962C20BADC610DD6347
|_ Výrobce:
|_ Procesy
|_ AvastSvc.exe (1644)

[?] pfctoc.dll
|_ Cesta: C:\Program Files\DAEMON Tools\pfctoc.dll
|_ MD5: 2E7E20E0F64D2EAEA2F52E94430BFD30
|_ Výrobce: Padus(R), Inc.
|_ Procesy
|_ daemon.exe (600)

[?] bw5mount.dll
|_ Cesta: C:\Program Files\DAEMON Tools\Plugins\Images\bw5mount.dll
|_ MD5: 81CD44F4E25A9BA74BB52F6A7C7DBA83
|_ Výrobce: ?
|_ Procesy
|_ daemon.exe (600)

[?] ccdmount.dll
|_ Cesta: C:\Program Files\DAEMON Tools\Plugins\Images\ccdmount.dll
|_ MD5: 147DBCBD0D724F12AF481C35719063C2
|_ Výrobce: GENERIC
|_ Procesy
|_ daemon.exe (600)

[?] cuemount.dll
|_ Cesta: C:\Program Files\DAEMON Tools\Plugins\Images\cuemount.dll
|_ MD5: FE1A0E889E9C11D650913995CD7EC409
|_ Výrobce: DT Soft Ltd.
|_ Procesy
|_ daemon.exe (600)

[?] mdsmount.dll
|_ Cesta: C:\Program Files\DAEMON Tools\Plugins\Images\mdsmount.dll
|_ MD5: 0B556894A19B57B783DE27AA5D9F27A3
|_ Výrobce: DT Soft Ltd.
|_ Procesy
|_ daemon.exe (600)

[?] nrgmount.dll
|_ Cesta: C:\Program Files\DAEMON Tools\Plugins\Images\nrgmount.dll
|_ MD5: E6D294B817A051FF4D932B6177B8853C
|_ Výrobce: DT Soft Ltd.
|_ Procesy
|_ daemon.exe (600)

[?] pdimount.dll
|_ Cesta: C:\Program Files\DAEMON Tools\Plugins\Images\pdimount.dll
|_ MD5: 8C88A71F87621579D7F68997386A35FF
|_ Výrobce: GENERIC
|_ Procesy
|_ daemon.exe (600)

[?] libeay32.dll
|_ Cesta: C:\Program Files\Rainlendar2\libeay32.dll
|_ MD5: B15BAF8231D5952F2A575AB8D85CFF10
|_ Výrobce: The OpenSSL Project, http://www.openssl.org/
|_ Procesy
|_ Rainlendar2.exe (640)
|_ kpf4ss.exe (2848)
|_ kpf4gui.exe (3880)
|_ kpf4gui.exe (3116)

[?] lua51.dll
|_ Cesta: C:\Program Files\Rainlendar2\lua51.dll
|_ MD5: 0B3BA3D9E40BE6B6BF11A32EA3389B74
|_ Výrobce:
|_ Procesy
|_ Rainlendar2.exe (640)

[?] wxbase28u_vc_rny.dll
|_ Cesta: C:\Program Files\Rainlendar2\wxbase28u_vc_rny.dll
|_ MD5: D9BFEB291E0401BD95D22C35D2BBBB15
|_ Výrobce:
|_ Procesy
|_ Rainlendar2.exe (640)

[?] wxbase28u_xml_vc_rny.dll
|_ Cesta: C:\Program Files\Rainlendar2\wxbase28u_xml_vc_rny.dll
|_ MD5: 0A5635F19B34C8040063B8E62B052EA3
|_ Výrobce:
|_ Procesy
|_ Rainlendar2.exe (640)

[?] wxmsw28u_adv_vc_rny.dll
|_ Cesta: C:\Program Files\Rainlendar2\wxmsw28u_adv_vc_rny.dll
|_ MD5: 5FC28BC735B39BFCEBB6BD6CDFC227CC
|_ Výrobce:
|_ Procesy
|_ Rainlendar2.exe (640)

[?] wxmsw28u_core_vc_rny.dll
|_ Cesta: C:\Program Files\Rainlendar2\wxmsw28u_core_vc_rny.dll
|_ MD5: 8BFE1BA1B54ABD5F3FC5564604F78F0D
|_ Výrobce:
|_ Procesy
|_ Rainlendar2.exe (640)

[?] wxmsw28u_html_vc_rny.dll
|_ Cesta: C:\Program Files\Rainlendar2\wxmsw28u_html_vc_rny.dll
|_ MD5: 0DE1ADAA7B175B8D11DCC6977DEC0DE3
|_ Výrobce:
|_ Procesy
|_ Rainlendar2.exe (640)

[?] wxmsw28u_xrc_vc_rny.dll
|_ Cesta: C:\Program Files\Rainlendar2\wxmsw28u_xrc_vc_rny.dll
|_ MD5: BD6268E42268FC43B9BB2639C899CFDA
|_ Výrobce:
|_ Procesy
|_ Rainlendar2.exe (640)

[?] icalendarplugin.dll
|_ Cesta: C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
|_ MD5: FE915EA80FD64072AED3642B6F24AFFD
|_ Výrobce:
|_ Procesy
|_ Rainlendar2.exe (640)

[?] lfs.dll
|_ Cesta: C:\Program Files\Rainlendar2\lfs.dll
|_ MD5: A7CA7070080205C268B8D116FBE03A71
|_ Výrobce:
|_ Procesy
|_ Rainlendar2.exe (640)

[?] libcurl.dll
|_ Cesta: C:\Program Files\Rainlendar2\libcurl.dll
|_ MD5: 68709BE271296D03C4515C96A620CF01
|_ Výrobce: The cURL library, http://curl.haxx.se/
|_ Procesy
|_ Rainlendar2.exe (640)

[?] mscorwks.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
|_ MD5: A9E2FADC84C59E3AA8FE9B3CE8A46E89
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ Skype.exe (660)

[?] aspnet_perf.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
|_ MD5: E7D97E60E8C3A0C47244D6BDCB5AE68B
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ Skype.exe (660)

[?] corperfmonext.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
|_ MD5: C2DF51BA429C28BCC4457CAC0B7936C3
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ Skype.exe (660)

[?] perfcounter.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
|_ MD5: FF686302948B92CAA2358EBE27D3B96B
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ Skype.exe (660)

[?] mscoree.dll
|_ Cesta: C:\WINDOWS\system32\mscoree.dll
|_ MD5: 4064036DD3CC18F3AB487A953AF973B1
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ Skype.exe (660)

[?] l3codecp.acm
|_ Cesta: C:\WINDOWS\system32\l3codecp.acm
|_ MD5: 606FFF15AF1DAF3A017D0DF9E64424C1
|_ Výrobce: Fraunhofer Institut Integrierte Schaltungen IIS
|_ Procesy
|_ Pamela.exe (452)

[?] crashrpt.dll
|_ Cesta: C:\Program Files\Pamela\crashrpt.dll
|_ MD5: CCDAB21C1A280EA0696731DB958FCCBD
|_ Výrobce: Scendix Software GmbH
|_ Procesy
|_ Pamela.exe (452)

[?] lng.dll
|_ Cesta: C:\Program Files\Pamela\lng.dll
|_ MD5: D629B803498DC38BF739A29794B60DC1
|_ Výrobce: Scendix Software GmbH
|_ Procesy
|_ Pamela.exe (452)

[?] zlib.dll
|_ Cesta: C:\Program Files\Pamela\zlib.dll
|_ MD5: 87EDDCEB9D22C129E386E652C5CDA521
|_ Výrobce: ?
|_ Procesy
|_ Pamela.exe (452)

[X] msaud32_divx.acm
|_ Cesta: C:\WINDOWS\system32\msaud32_divx.acm
|_ MD5: 71EA3DCE8B998B6730A942469D15ED44
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ Pamela.exe (452)

[?] dbghelp.dll
|_ Cesta: C:\Program Files\Pamela\dbghelp.dll
|_ MD5: E458D88C71990F545EF941CD16080BAD
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ Pamela.exe (452)
|_ firefox.exe (2916)
|_ UPM.exe (3012)

[?] hptcpmui.dll
|_ Cesta: C:\WINDOWS\system32\HPTcpMUI.dll
|_ MD5: EAB45B0DEDE0670F5029F804DFA7CE9E
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ spoolsv.exe (2092)

[?] hptcpmib.dll
|_ Cesta: C:\WINDOWS\system32\HPTcpMib.dll
|_ MD5: ADBB61BF0B9C97DE818090738EC71E57
|_ Výrobce: Hewlett Packard
|_ Procesy
|_ spoolsv.exe (2092)

[?] hptcpmon.dll
|_ Cesta: C:\WINDOWS\system32\HPTcpMon.dll
|_ MD5: 4E460240CB29778F5F8C1FEB38806679
|_ Výrobce: Hewlett Packard
|_ Procesy
|_ spoolsv.exe (2092)

[?] lms2145.dll
|_ Cesta: C:\WINDOWS\system32\LMS2145.DLL
|_ MD5: CF926734A4F96DFA2B6FB7C158604765
|_ Výrobce: SHINKO ELECTRIC CO.,LTD.
|_ Procesy
|_ spoolsv.exe (2092)

[?] curllib.dll
|_ Cesta: C:\Program Files\Sunbelt Software\Personal Firewall\curllib.dll
|_ MD5: A019D3B990AAFA370BA360E2886645AC
|_ Výrobce: The cURL library, http://curl.haxx.se/
|_ Procesy
|_ kpf4ss.exe (2848)

[?] nstidy.dll
|_ Cesta: C:\Documents and Settings\Tomáš\Data aplikací\Mozilla\Firefox\Profiles\6ich4ibh.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
|_ MD5: 046C0876EB1DEEE350F129330759CE78
|_ Výrobce: Mozilla Foundation
|_ Procesy
|_ firefox.exe (2916)

[?] bib.dll
|_ Cesta: C:\Program Files\Adobe\Reader 9.0\Reader\BIB.dll
|_ MD5: 3C0F5A7FA9908C1DD25E7BB97DF22295
|_ Výrobce: Adobe Systems Incorporated
|_ Procesy
|_ plugin-container.exe (1340)
|_ plugin-container.exe (1340)

[?] sqlite.dll
|_ Cesta: C:\Program Files\Adobe\Reader 9.0\Reader\sqlite.dll
|_ MD5: FAEF2D2F360416F01297AD16A88BFF5E
|_ Výrobce: ?
|_ Procesy
|_ plugin-container.exe (1340)

[?] ace.dll
|_ Cesta: C:\Program Files\Adobe\Reader 9.0\Reader\ACE.dll
|_ MD5: B57F5A65C07E71702EA190062457271F
|_ Výrobce: Adobe Systems Incorporated
|_ Procesy
|_ plugin-container.exe (1340)

[?] agm.dll
|_ Cesta: C:\Program Files\Adobe\Reader 9.0\Reader\AGM.dll
|_ MD5: 8EED577A749C96CE8D8F441E1607C723
|_ Výrobce: Adobe Systems Incorporated
|_ Procesy
|_ plugin-container.exe (1340)

[?] cooltype.dll
|_ Cesta: C:\Program Files\Adobe\Reader 9.0\Reader\CoolType.dll
|_ MD5: 66835E4DC83ADAA1A6B8AEE0D91B10A0
|_ Výrobce: Adobe Systems Incorporated
|_ Procesy
|_ plugin-container.exe (1340)

[?] annots.api
|_ Cesta: C:\Program Files\Adobe\Reader 9.0\Reader\plug_ins\Annots.api
|_ MD5: 2062A8266F563CECB3A7E8F071FBB625
|_ Výrobce: Adobe Systems Incorporated
|_ Procesy
|_ plugin-container.exe (1340)

[?] escript.api
|_ Cesta: C:\Program Files\Adobe\Reader 9.0\Reader\plug_ins\EScript.api
|_ MD5: F6200C75417843A56F3F09C184C8AA0F
|_ Výrobce: Adobe Systems Incorporated
|_ Procesy
|_ plugin-container.exe (1340)

[?] updater.api
|_ Cesta: C:\Program Files\Adobe\Reader 9.0\Reader\plug_ins\Updater.api
|_ MD5: E05724EDC152BB57B8F8A3489269E033
|_ Výrobce: Adobe Systems Incorporated
|_ Procesy
|_ plugin-container.exe (1340)

[?] msvbvm60.dll
|_ Cesta: C:\WINDOWS\system32\MSVBVM60.DLL
|_ MD5: 5343A19C618BC515CEB1695586C6C137
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ UPM.exe (3012)


Výpis souborů
================================================================
\System32:
[?] CapabilityTable.exe CAPABI~1.EXE 7 no vrfy, {EDD851B5}
[?] cdintf450.dll CDINTF~1.DLL 7 no vrfy, {9F23C574}
[?] ChCfg.exe 12 ncmpny, {28268AF0}
[?] CmdLineExt.dll CMDLIN~1.DLL 7 no vrfy, {FD3D70FF}
[?] CoreAAC.ax 12 ncmpny, {DDA10ABF}
[?] dxtmsft3.dll 12 ncmpny, {7A88D451}
[?] hlinkprx.dll 12 ncmpny, {B6F03BD8}
[?] HPTcpMib.dll 7 no vrfy, {AC475ECB}
[?] HPTcpMon.dll 7 no vrfy, {DA2F465D}
[?] HPTcpMUI.dll 25 ncmpny, {E586A171}
[?] hpzjrd01.dll 7 no vrfy, {A3241324}
[?] INLOADER.DLL 12 ncmpny, {2C8DBA33}
[?] javacpl.cpl 14 no vrfy, {CFB389E8}
[?] keystone.exe 12 ncmpny, {F5E2E8AF}
[?] l3codecp.acm 7 no vrfy, {BE4AEC72}
[?] libmfxhw32.dll LIBMFX~1.DLL 7 no vrfy, {D9379EA0}
[?] libmfxsw32.dll LIBMFX~2.DLL 7 no vrfy, {9419B0E3}
[?] libmp3lame-0.dll LIBMP3~1.DLL 12 ncmpny, {C001E2F1}
[?] LMRTREND.dll 12 ncmpny, {AE368A67}
[?] LMS2145.DLL 7 no vrfy, {CB530ECD}
[?] mindex.dll 12 ncmpny, {72D4076D}
[X] msaud32_divx.acm MSAUD3~1.ACM 100 ncmpny, cx (.pecEL32)?, {67255C89}
[?] mscoree.dll 12 ncmpny, {0C25BB3C}
[?] msisam11.dll 12 ncmpny, {B57F49F3}
[?] msuni11.dll 12 ncmpny, {00FFAD00}
[?] MSVBVM60.DLL 12 ncmpny, {5DAD5DE2}
[?] Msvcrt10.dll 12 ncmpny, {706488A9}
[?] nvapi9x.dll 7 no vrfy, {21D033C3}
[?] nvappbar.exe 25 ncmpny, {90C9B27E}
[?] nvcolor.exe 7 no vrfy, {1B2D3F26}
[?] nvcpl.cpl 7 no vrfy, {F055206D}
[?] nvcplui.exe 7 no vrfy, {7B7F33D1}
[?] nvdspsch.exe 25 ncmpny, {A1F98725}
[?] nvexpbar.dll 7 no vrfy, {225BA98A}
[?] nvgpio.dll 7 no vrfy, {94E9811F}
[?] nview.dll 12 ncmpny, {E5B87923}
[?] nvshell.dll 25 ncmpny, {1B1765A7}
[?] nvudisp.exe 14 no vrfy, {F26F1499}
[?] nvuide.exe 14 no vrfy, {F245CE65}
[?] NVUNINST.EXE 14 no vrfy, {F26F1499}
[?] nvunrm.exe 14 no vrfy, {F26608E0}
[?] nvwdmcpl.dll 25 ncmpny, {3325299C}
[?] nwiz.exe 25 ncmpny, {F95A2FCB}
[?] OOD2000.exe 7 no vrfy, {2D09091A}
[?] OOD2KBS.exe 12 ncmpny, {07B13AD9}
[?] OODCSPRO.dll 12 ncmpny, {6A43B904}
[?] PhDi2.sys 7 no vrfy, {58FCA5C6}
[?] PS2DMiniDrv.dll PS2DMI~1.DLL 7 no vrfy, {92484DD1}
[?] qcut.dll 12 ncmpny, {7E75E009}
[?] QuickTime.qts QUICKT~1.QTS 7 no vrfy, {294DE661}
[?] QuickTimeVR.qtx QUICKT~1.QTX 7 no vrfy, {2B5FEF82}
[?] tm20dec.ax 7 no vrfy, {64C154EF}
[?] tsccvid.dll 7 no vrfy, {756B0559}
[?] unam4ie.exe 25 ncmpny, {5CA941F1}
[?] w95inf32.dll 25 ncmpny, {959D4F81}
[?] wmidx.ocx 12 ncmpny, {E344779A}
[?] xvidcore.dll 12 ncmpny, {4E662AD4}

\Drivers:
[?] cdrbsdrv.sys 14 no vrfy, {70C10647}
[!] direci2c.dll 63 no vrfy, cx (.pdi)?, {532625B9}
[?] gt680x.sys 7 no vrfy, {A96166F8}
[?] i1display.sys I1DISP~1.SYS 25 ncmpny, {80D32041}
[?] MTiCtwl.sys 12 ncmpny, {4978043B}
[?] nvtcp.sys 14 no vrfy, {829E096E}
[?] pdihwctl.sys 14 no vrfy, {956AC324}


================================================================
Ultimate Process Manager v4.1.3 - [ Lodus Software ]

Re: Log z UPM

Napsal: 18 zář 2011 16:52
od Rudy
Log vypadá OK. Nějaký problém?

Re: Log z UPM

Napsal: 18 zář 2011 17:36
od tomasr
No vec se ma takhle. Po restartu mi naskoci modra smrt. Zjistil jsem, ze za to muze nejspis avast, protoze pokud provedu obnoveni pomoci bodu obnoveni, tak win normalne najedou, akorat je avast zastaven a chce po me opravu. Pokud opravim, tak po restartu opet modra smrt (spustit lze zas jen pres obnovu v nouzovym rezimu), pokud neopravim, tak po restartu avast normalne funguje a po dalsim restartu opet modra smrt (nouzovy rezim a obnova). Avast jsem tedy odstranil pomoci msconfig ze sekce "po spusteni" a diky tomu mi po kazdem restartu win nabehnou bez problemu. Nemyslim si vsak, ze avast je nejaky spatny, pouzivam ho 6 let bez jakyhkoliv problemu. Napadl me tedy vir, ktery se nejak na avast nalepil a pokud je spusten avast je funkcni i vir (ostatne hijackthis mi doporucil smazat neco ze slozky, kde je avast). Zni to logicky, ucelem viru mohla byt snaha o dobrovolne vypnuti antiviru uzivatelem, a tim otevrenim pocitace dalsim hrozbam.
Vzhledem k chovani v zavislosti na zapnuti ci vypnuti avastu jsem vyloucil pricinu v poruse hradwaru.

Avast sam neni schopny v soucasnosti hrozbu detekovat, tak zkousim ruzne jine nastroje.
Co si myslite vy?

Re: Log z UPM

Napsal: 18 zář 2011 18:19
od Rudy
Je možné, že se Avast s něčím, co v PC máte, bije. Na BSOD bývá uveden soubor, který je v kolizi. Co jste instaloval těsně před tím, než se problém objevil?

Re: Log z UPM

Napsal: 18 zář 2011 19:06
od tomasr
Soubor tam uveden prave nebyl. Byla Tam jen Chyba 0x0000D1 a pak ty 4 adresy v zavorce jejichz vyznam jsem na googlu neobjevil.

Nic jsem neinstaloval, alespoň si nic nevybavuju.

Re: Log z UPM

Napsal: 18 zář 2011 19:45
od Rudy
Nic jsem neinstaloval, alespoň si nic nevybavuju.
Ani aktualizace systému? Zkuste Avast reinstalovat tak, že ho kompletně odinstalujete pomocí Avast uninstalleru: http://www.avast.com/cs-cz/uninstall-utility . Pak ho nainstalujte zpět a vyzkoušejte, jak se bude PC chovat.

Re: Log z UPM

Napsal: 19 zář 2011 19:43
od tomasr
Tak po znovunainstalovani avastu opet BSoD. Po jeho odinstalovani problem zmizel. Co se stalo, ze najednou beh avastu je neslucitelny s behem pc?

Re: Log z UPM

Napsal: 19 zář 2011 20:02
od Rudy
Dejte log z RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 . Je to sice něco netypického, snad ale na něco přijdeme.

Re: Log z UPM

Napsal: 19 zář 2011 22:03
od tomasr
Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomáš at 2011-09-19 23:01:47
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (4%) free of 25 GB
Total RAM: 959 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:02:24, on 19.9.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\The Bat!\thebat.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Pamela\pamela.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
D:\Apache\xampp\apache\bin\httpd.exe
D:\Apache\xampp\apache\bin\httpd.exe
D:\Apache\xampp\mysql\bin\mysqld.exe
C:\Program Files\Totalcmd\TOTALCMD.EXE
D:\Stáhnout\RSIT.exe
C:\Program Files\trend micro\Tomáš.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.parlamentnilisty.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DebugBar BHO - {69FC0024-10EB-480A-BBF2-3BF4E78E17B1} - C:\Program Files\Core Services\DebugBar\DebugInfoBar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: IE Developer Toolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O3 - Toolbar: DebugBar - {3E1201F4-1707-409F-BB45-A5F192381DA0} - C:\Program Files\Core Services\DebugBar\DebugToolBar.dll
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [thebat_startup] C:\Program Files\The Bat!\thebat.exe /minimize
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [pamela.exe] "C:\Program Files\Pamela\pamela.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Zend Studio - Debug current page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugCurrent.html
O8 - Extra context menu item: Zend Studio - Debug next page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugNext.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Zend Studio Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O9 - Extra 'Tools' menuitem: Zend Studio - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5144758031
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5145457718
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Apache2.2 - Apache Software Foundation - D:\Apache\xampp\apache\bin\httpd.exe
O23 - Service: MySQL - MySQL AB - D:\Apache\xampp\mysql\bin\mysqld.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

--
End of file - 7895 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
C:\WINDOWS\tasks\Spybot - Search & Destroy Updater - Scheduled Task.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Tomáš\Data aplikací\Mozilla\Firefox\Profiles\6ich4ibh.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.parlamentnilisty.cz"
prefs.js - "extensions.enabledItems" - "cs@dictionaries.addons.mozilla.org:1.0.2, firebug@software.joehewitt.com:1.6.2, {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.6.1, {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9, {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2, {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.50, {59d42255-7f9c-49e5-8e68-a5fd16d06d76}:1.0.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Tomáš\Data aplikací\Mozilla\Firefox\Profiles\6ich4ibh.default\extensions\
cs@dictionaries.addons.mozilla.org
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}(2)
{77b819fa-95ad-4f2c-ac7c-486b356188a9}(2)
{c45c406e-ab73-11d8-be73-000a95be3b12}

C:\Documents and Settings\Tomáš\Data aplikací\Mozilla\Firefox\Profiles\6ich4ibh.default\searchplugins\
askcom.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69FC0024-10EB-480A-BBF2-3BF4E78E17B1}]
DebugBar BHO - C:\Program Files\Core Services\DebugBar\DebugInfoBar.dll [2010-03-15 1134080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC7E636D-39AA-49b6-B511-65413DA137A1}]
IE Developer Toolbar BHO - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll [2007-03-01 623992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-31 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-31 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95188727-288F-4581-A48D-EAB3BD027314} - Zend Studio - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL [2006-11-29 188416]
{3E1201F4-1707-409F-BB45-A5F192381DA0} - DebugBar - C:\Program Files\Core Services\DebugBar\DebugToolBar.dll [2010-03-15 755200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2006-11-12 157592]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-08-16 7630848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"thebat_startup"=C:\Program Files\The Bat!\thebat.exe [2010-04-20 13797296]
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2011-01-06 2342400]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-05-26 15147400]
"pamela.exe"=C:\Program Files\Pamela\pamela.exe [2011-01-04 8781312]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast5]
C:\Program Files\Alwil Software\Avast5\avastUI.exe /nogui []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InterWrite Device Manager SysTray]
C:\Program Files\Interwrite Learning\Interwrite Workspace\IWDMSystemTray.exe [2008-06-19 688128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2006-08-16 7630848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2010-12-03 141368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2010-09-08 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-06-01 16208384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-05-26 15147400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-31 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\V0420Mon.exe]
C:\WINDOWS\V0420Mon.exe [2007-04-30 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2006-11-21 35328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Color Calibration.lnk]
C:\PROGRA~1\MAGICT~1.5_C\GAMMAT~1.EXE [2004-07-03 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^eInstruction Device Manager.lnk]
C:\PROGRA~1\EINSTR~1\DEVICE~1\Launch.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2006-02-19 288472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech SetPoint.lnk]
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2005-03-31 438272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logo Calibration Loader.lnk]
C:\PROGRA~1\GRETAG~1\i1\EYE-ON~1\CALIBR~1\CALIBR~1.EXE [2007-07-03 708608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^MagicTune 3.5.lnk]
C:\PROGRA~1\MAGICT~1.5_C\MAGICT~2.EXE [2004-10-08 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^PHOTOfunSTUDIO HD Edition.lnk]
C:\PROGRA~1\PANASO~1\PHOTOF~1\PHAUTO~1.EXE [2009-01-30 44176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ProfileReminder.lnk]
C:\PROGRA~1\GRETAG~1\i1\EYE-ON~1\PROFIL~1.EXE [2007-07-03 954368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
C:\PROGRA~1\WINDOW~2\WINDOW~1.EXE /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomáš^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomáš^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Microsoft Office Groove Audit Service"=3
"JavaQuickStarterService"=2
"XAMPP"=2
"wscsvc"=2
"TapiSrv"=3
"Schedule"=2
"RasMan"=3
"odserv"=3
"mysql"=2
"mnmsrvc"=3
"Irmon"=2
"Imapi Helper"=3
"COMSysApp"=3
"clr_optimization_v2.0.50727_32"=3
"ClipSrv"=3
"cisvc"=3
"Browser"=2
"bgsvcgen"=2
"aspnet_state"=3
"AppMgmt"=3
"Apache2.2"=2
"ALG"=3
"Adobe LM Service"=3
"602XML Updater"=2
"SharedAccess"=2
"OOD2000"=2
"Bonjour Service"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=1
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoRecentDocsNetHood"=0
"NoSimpleStartMenu"=1
"NoInstrumentation"=0
"NoDesktopCleanupWizard"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\DC++\DCPlusPlus.exe"="C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. The whole world can talk for free."
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Totalcmd\TOTALCMD.EXE"="C:\Program Files\Totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"D:\Apache\xampp\mysql\bin\mysqld.exe"="D:\Apache\xampp\mysql\bin\mysqld.exe:*:Enabled:mysqld"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\System32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecp.acm
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"msacm.divxa32"=msaud32_divx.acm

======List of files/folders created in the last 1 month======

2011-09-19 23:01:50 ----D---- C:\Program Files\trend micro
2011-09-19 23:01:47 ----D---- C:\rsit
2011-09-19 20:07:07 ----ASH---- C:\hiberfil.sys
2011-09-19 19:33:15 ----D---- C:\Documents and Settings\Tomáš\Data aplikací\SUPERAntiSpyware.com
2011-09-19 19:32:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\!SASCORE
2011-09-19 19:32:11 ----D---- C:\Program Files\SUPERAntiSpyware
2011-09-19 19:32:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-09-19 19:05:08 ----D---- C:\Program Files\AVAST Software
2011-09-19 19:05:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-09-19 19:00:29 ----SHD---- C:\RECYCLER
2011-09-19 18:59:58 ----D---- C:\Program Files\Unlocker
2011-09-18 20:00:49 ----D---- C:\WINDOWS\temp
2011-09-18 15:05:48 ----D---- C:\Program Files\UPM
2011-09-18 13:45:33 ----A---- C:\Boot.bak
2011-09-18 13:45:19 ----RASHD---- C:\cmdcons
2011-09-18 13:40:43 ----A---- C:\WINDOWS\NIRCMD.exe
2011-09-18 13:40:43 ----A---- C:\WINDOWS\MBR.exe
2011-09-18 13:40:41 ----A---- C:\WINDOWS\zip.exe
2011-09-18 13:40:41 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-09-18 13:40:41 ----A---- C:\WINDOWS\SWSC.exe
2011-09-18 13:40:41 ----A---- C:\WINDOWS\SWREG.exe
2011-09-18 13:40:41 ----A---- C:\WINDOWS\sed.exe
2011-09-18 13:40:41 ----A---- C:\WINDOWS\PEV.exe
2011-09-18 13:40:41 ----A---- C:\WINDOWS\grep.exe
2011-09-18 13:39:26 ----D---- C:\WINDOWS\ERDNT
2011-09-18 10:48:44 ----A---- C:\WINDOWS\ntbtlog.txt
2011-09-18 10:43:19 ----ASH---- C:\pagefile.sys
2011-09-15 00:00:43 ----DC---- C:\WINDOWS\$NtUninstallKB2616676$
2011-09-15 00:00:31 ----DC---- C:\WINDOWS\$NtUninstallKB2570947$
2011-09-09 12:12:45 ----D---- C:\Program Files\Google
2011-09-08 01:11:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2607712$
2011-09-06 23:46:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2570791$
2011-09-06 23:46:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-09-06 23:46:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-09-06 23:46:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-09-06 23:46:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-09-06 23:46:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2559049$
2011-09-06 23:45:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-09-06 23:45:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-09-06 23:45:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$

======List of files/folders modified in the last 1 month======

2011-09-19 23:01:50 ----D---- C:\Program Files
2011-09-19 22:48:02 ----D---- C:\Documents and Settings\Tomáš\Data aplikací\Skype
2011-09-19 20:54:19 ----AC---- C:\WINDOWS\wincmd.ini
2011-09-19 20:28:43 ----D---- C:\Documents and Settings\Tomáš\Data aplikací\Pamela
2011-09-19 20:23:18 ----D---- C:\WINDOWS\system32\CatRoot2
2011-09-19 19:57:05 ----D---- C:\WINDOWS\system32
2011-09-19 19:57:05 ----D---- C:\WINDOWS
2011-09-19 19:18:51 ----D---- C:\WINDOWS\system32\drivers\etc
2011-09-19 19:08:24 ----D---- C:\WINDOWS\system32\drivers
2011-09-19 19:07:19 ----SHD---- C:\WINDOWS\Installer
2011-09-19 19:07:17 ----D---- C:\WINDOWS\WinSxS
2011-09-18 23:00:55 ----RASH---- C:\boot.ini
2011-09-18 23:00:55 ----AC---- C:\WINDOWS\win.ini
2011-09-18 23:00:55 ----A---- C:\WINDOWS\system.ini
2011-09-18 19:48:02 ----D---- C:\WINDOWS\AppPatch
2011-09-18 19:47:57 ----D---- C:\Program Files\Common Files
2011-09-18 14:43:38 ----D---- C:\WINDOWS\system32\CatRoot
2011-09-18 14:18:46 ----D---- C:\WINDOWS\EHome
2011-09-18 13:02:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype Extras
2011-09-18 12:40:11 ----D---- C:\WINDOWS\system32\config
2011-09-18 12:38:26 ----D---- C:\WINDOWS\system32\wbem
2011-09-18 12:38:19 ----D---- C:\WINDOWS\Registration
2011-09-18 12:32:45 ----HD---- C:\WINDOWS\inf
2011-09-18 12:32:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-09-18 12:04:00 ----D---- C:\Documents and Settings\Tomáš\Data aplikací\skypePM
2011-09-17 21:09:38 ----D---- C:\Documents and Settings\Tomáš\Data aplikací\FileZilla
2011-09-16 23:54:23 ----A---- C:\WINDOWS\imsins.BAK
2011-09-15 00:00:06 ----HD---- C:\WINDOWS\$hf_mig$
2011-09-14 12:31:54 ----AC---- C:\WINDOWS\NeroDigital.ini
2011-09-09 12:13:24 ----HD---- C:\Program Files\InstallShield Installation Information
2011-09-08 01:10:56 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-09-08 00:12:12 ----D---- C:\Program Files\Mozilla Firefox
2011-09-03 12:17:22 ----A---- C:\WINDOWS\system32\crypt32.dll
2011-09-03 12:17:22 ----A---- C:\WINDOWS\system32\crypt32(3)(3).dll
2011-09-03 12:17:22 ----A---- C:\WINDOWS\system32\crypt32(2).dll
2011-09-03 12:17:22 ----A---- C:\WINDOWS\system32\crypt32(2)(2).dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [2006-06-28 105088]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2006-08-25 36528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x); C:\WINDOWS\System32\drivers\sfsync03.sys [2005-12-06 35328]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-02-08 639224]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2006-06-19 43008]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 302000]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 72624]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R2 irda;Protokol IrDA; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R2 PDIHWCTL;PDIHWCTL; \??\C:\WINDOWS\system32\drivers\pdihwctl.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-06 4284928]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2005-03-10 13056]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-08-16 3959712]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2006-07-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2006-07-11 20480]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 V0420VID;Live! Cam Vista IM (VF0420); C:\WINDOWS\system32\DRIVERS\V0420Vid.sys [2007-05-31 99648]
R3 WinDriver6;WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys [2008-04-22 194362]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 akjrdnl8;akjrdnl8; C:\WINDOWS\system32\drivers\akjrdnl8.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\TOM~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GT680x;GrandTechICNameNT; C:\WINDOWS\System32\Drivers\gt680x.sys [2001-11-08 18120]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]
S3 i1display;i1 Display; C:\WINDOWS\System32\Drivers\i1display.sys [2004-10-15 44344]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\System32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\System32\Drivers\L8042mou.sys [2005-03-10 53632]
S3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\System32\Drivers\LMouKE.sys [2005-03-10 69504]
S3 LUsbKbd;Logitech SetPoint USB Filter Driver; C:\WINDOWS\system32\drivers\LUsbKbd.sys [2005-03-10 14592]
S3 MagicTune;MagicTune; C:\WINDOWS\system32\drivers\MTiCtwl.sys [2005-07-11 12569]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vpnva;Cisco AnyConnect VPN Virtual Miniport Adapter for Windows; C:\WINDOWS\system32\DRIVERS\vpnva.sys []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-09-19 116608]
R2 Apache2.2;Apache2.2; D:\Apache\xampp\apache\bin\httpd.exe [2009-12-20 29416]
R2 MySQL;MySQL; D:\Apache\xampp\mysql\bin\mysqld.exe [2009-12-20 6095504]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2006-08-16 155715]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 SimpTcp;Jednoduché služby TCP/IP; C:\WINDOWS\System32\tcpsvcs.exe [2001-10-25 19456]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-04-26 1234480]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\System32\tcpsvcs.exe [2001-10-25 19456]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S4 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-08-04 72704]
S4 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S4 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2007-06-15 145504]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S4 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-31 153376]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S4 OOD2000;O&O Defrag 2000; C:\WINDOWS\system32\OOD2000.exe [2001-04-06 238080]
S4 XAMPP;XAMPP Service; D:\Apache\xampp\service.exe []

-----------------EOF-----------------

Re: Log z UPM

Napsal: 19 zář 2011 22:07
od tomasr
info.txt logfile of random's system information tool 1.09 2011-09-19 23:02:30

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10w_Plugin.exe -maintain plugin
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0405-2E257A25E34D}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 9.4.5 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A94000000001}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1437-443D-B06E-79A00FE45110}
Adresy CR v2-->MsiExec.exe /X{7A11431C-3B45-4932-9D83-2F4A609C18F3}
Aktualizace systému Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Encoder (KB2447961)-->"C:\WINDOWS\$NtUninstallKB2447961_WM9L$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Aktualizace zabezpečení produktu Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2497640)-->"C:\WINDOWS\$NtUninstallKB2497640$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2510581)-->"C:\WINDOWS\$NtUninstallKB2510581$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2530548)-->"C:\WINDOWS\$NtUninstallKB2530548$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2544521)-->"C:\WINDOWS\$NtUninstallKB2544521$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2559049)-->"C:\WINDOWS\$NtUninstallKB2559049$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Aktualizace zabezpečení systému Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Aliens vs. Predator 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EF79591-BF16-4CF8-8FF0-D8AD968228B1}\Setup.exe"
Audacity 1.3.12 (Unicode)-->"C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe"
AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManager\unins000.exe"
AVS Video Converter 8-->"C:\Program Files\AVS4YOU\AVSVideoConverter\unins000.exe"
AVS4YOU Software Navigator 1.4-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Borland Delphi 7-->MsiExec.exe /I{72263053-50D1-4598-9502-51ED64E54C51}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Creative Live! Cam Vista IM Driver (1.00.03.0000)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script VF0420.uns -unsext NT -plugin V0420Pin.dll -pluginres CtCamPin.crl
CuteMAP-->C:\PROGRA~1\CuteMAP\UNWISE32.EXE C:\PROGRA~1\CuteMAP\INSTALL.LOG
CYKLO Czech 2010 NT-->MsiExec.exe /X{3862105D-1AD3-470D-9CE5-94A2DB91D6CC}
DC++ 0.674-->"C:\Program Files\DC++\uninstall.exe"
DebugBar v5.4.1 for Internet Explorer (remove only)-->"C:\Program Files\Core Services\DebugBar\uninstall.exe"
Empires Dawn of the Modern World-->C:\Games\EMPIRE~1\Uninstall\Unwise.exe /u C:\Games\EMPIRE~1\Uninstall\Install.log
Extended Language Support Fonts Package-->MsiExec.exe /I{AC76BA86-7AD7-5676-5A64-E98530000001}
Eye-One Match 3.6.2-->"C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\unins000.exe"
Garmin MapSource-->MsiExec.exe /X{D02220CE-1475-4F0F-9F12-251161999D53}
Garmin USB Drivers-->MsiExec.exe /X{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x5 -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x5 -removeonly
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
ICQ7.2-->"C:\Program Files\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
ImageMagick 6.6.7-10 Q16 (2011-03-01)-->"C:\Program Files\ImageMagick-6.6.7-Q16\unins000.exe"
Internet Explorer Developer Toolbar-->MsiExec.exe /I{E7081891-BC7F-43F9-9CE6-B5DD2F497156}
Interwrite Workspace-->MsiExec.exe /I{B351B0DB-F5A3-485F-8AF6-E79C4F0EB242}
I-Učebnice demo odinstalace-->"C:\Program Files\Fraus\IUcebnice-demo\unins000.exe"
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
KillWinamp 1.50-->"C:\Program Files\KillWinamp\unins000.exe"
LANGMaster Škola DNES-->"C:\Program Files\LANGMaster Škola DNES\unins000.exe"
Logger Lite 1.4-->C:\Program Files\InstallShield Installation Information\{6D67B749-7AA8-4AFF-AD3B-DB785822A505}\setup.exe -runfromtemp -l0x0009 -removeonly
Logitech SetPoint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x9 -removeonly
MagicTune3.5_Client-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1C04D433-2EDF-4AFB-B31B-C0B13065092F}\setup.exe" -l0x9
Maxthon 3-->C:\Program Files\Maxthon3\Bin\Mx3Uninstall.exe
Microsoft .NET Framework 2.0 Language Pack - CSY-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - CSY\install.exe
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B2-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{820B6609-4C97-3A2B-B644-573B06A0F0CC}
Mozilla Firefox 6.0.2 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
MV2Player (remove only)-->C:\Program Files\Mv2Player\uninst.exe
Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Notebook Interactive Viewer-->MsiExec.exe /X{24BA79B5-53F9-475C-9D49-EC4BDE8B09CF}
NVIDIA Drivers-->C:\WINDOWS\System32\nvuide.exe UninstallGUI
O&O Defrag 2000 Freeware Edition-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86E5246-AA7E-11D4-88C9-00105ADBE398}\Setup.exe"
Opera 9.64-->MsiExec.exe /X{E1BBBAC5-2857-4155-82A6-54492CE88620}
Oprava Hotfix systému Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Pamela Basic 4.6-->C:\Program Files\Pamela\Uninst.exe
PHOTOfunSTUDIO HD Edition-->C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\setup.exe -runfromtemp -l0x0009 -z"Uninstall" -removeonly
PINs 4-->"C:\Program Files\PINs\uninstall.exe"
Poedit-->"C:\Program Files\Poedit\unins000.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PSPad editor-->"C:\Program Files\PSPad editor\Uninst\unins000.exe"
QuickTime-->MsiExec.exe /I{E7004147-2CCA-431C-AA05-2AB166B9785D}
Rainlendar2 (remove only)-->"C:\Program Files\Rainlendar2\uninst.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x5 -removeonly
Safari-->MsiExec.exe /X{3E719879-9914-4C56-843E-96D0C3FCC3FB}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB960003)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F04F8702-18D0-458D-921E-146FB7CD38CF}
Security Update for Microsoft Office Excel 2007 (KB959997)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {9EAC3AEC-5C81-4856-A05B-DE9DC236D740}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update pro Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Skype™ 5.3-->MsiExec.exe /X{5335DADB-34BA-4AE8-A519-648D78498846}
Software602 Form Filler-->MsiExec.exe /X{D387C31D-971F-4EEC-8734-382B39AD04F0}
Software602 Print2PDF-->C:\Program Files\InstallShield Installation Information\{32C74893-0243-4235-A6F3-201F0E5D2C03}\setup.exe -runfromtemp -l0x0005 REMOVE
Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
Sunbelt Personal Firewall-->MsiExec.exe /X{BFD080F6-3BF0-40E1-9507-9CA969C35870}
SUPERAntiSpyware-->"C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
The Bat! Professional v4.2.36.4-->MsiExec.exe /I{80C22308-DC4F-4F1E-BE7C-FB903B0AFCF8}
TOPO Czech PRO 2010-->MsiExec.exe /X{48E9E92C-CCBA-43D9-9B7C-FB26DD0C6709}
Total Commander (Remove or Repair)-->C:\Program Files\Totalcmd\tcuninst.exe
TrackMania United DVD Patch 2006-12-15-->"C:\Games\TrackMania United\unins000.exe"
Unlocker 1.9.1-->C:\Program Files\Unlocker\uninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Office 2007 (KB932080)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
Update for Office 2007 (KB934391)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
VLC media player 1.1.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)-->rundll32.exe C:\PROGRA~1\DIFX\15B7F172FC21855D\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\grmnusb_8E661E05CC789A6D1B8ABAA087CF60EDD72AC35D\grmnusb.inf
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinSCP 3.8.2-->"C:\Program Files\WinSCP3\unins000.exe"
Worms Armageddon-->C:\WINDOWS\IsUninst.exe -f"c:\games\Worms Armageddon\Uninst.isu"
ZendStudio-5.5.0-->"C:\Program Files\Zend\ZendStudio-5.5.0\Uninstall ZendStudio-5.5.0\Uninstall ZendStudio-5.5.0.exe"
Zoner Callisto 5 - zkušební verze-->MsiExec.exe /X{4F62B1AE-E778-49E2-9C57-C1C65A122098}

======Hosts File======

127.0.0.1 solutac.localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com

======Security center information======

FW: Sunbelt Personal Firewall

======System event log======

Computer Name: TOM-P30969VCMNK
Event Code: 19
Message: Instalace dokončena: Instalace následující aktualizace byla dokončena úspěšně: Aktualizace zabezpečení systému Microsoft Office 2007 (KB951550)

Record Number: 30772
Source Name: Windows Update Agent
Time Written: 20110512151323.000000+120
Event Type: Informace
User:

Computer Name: TOM-P30969VCMNK
Event Code: 19
Message: Instalace dokončena: Instalace následující aktualizace byla dokončena úspěšně: Aktualizace zabezpečení pro systém Microsoft Office 2007 (KB951944)

Record Number: 30771
Source Name: Windows Update Agent
Time Written: 20110512151251.000000+120
Event Type: Informace
User:

Computer Name: TOM-P30969VCMNK
Event Code: 19
Message: Instalace dokončena: Instalace následující aktualizace byla dokončena úspěšně: Aktualizace zabezpečení systému Windows XP (KB969059)

Record Number: 30770
Source Name: Windows Update Agent
Time Written: 20110512151204.000000+120
Event Type: Informace
User:

Computer Name: TOM-P30969VCMNK
Event Code: 4377
Message: Windows XP oprava hotfix KB969059 byla nainstalována.

Record Number: 30769
Source Name: NtServicePack
Time Written: 20110512151159.000000+120
Event Type: Informace
User: TOM-P30969VCMNK\Tomáš

Computer Name: TOM-P30969VCMNK
Event Code: 19
Message: Instalace dokončena: Instalace následující aktualizace byla dokončena úspěšně: Aktualizace zabezpečení systému Windows XP (KB974112)

Record Number: 30768
Source Name: Windows Update Agent
Time Written: 20110512151156.000000+120
Event Type: Informace
User:

=====Application event log=====

Computer Name: TOM-P30969VCMNK
Event Code: 1015
Message: Připojení k serveru se nezdařilo. Chyba: 0x800401F0

Record Number: 1978
Source Name: MsiInstaller
Time Written: 20091006164325.000000+120
Event Type: Upozornění
User: TOM-P30969VCMNK\Tomáš

Computer Name: TOM-P30969VCMNK
Event Code: 11707
Message: Produkt: Destinations - Instalace byla úspěšně dokončena.

Record Number: 1977
Source Name: MsiInstaller
Time Written: 20091006164325.000000+120
Event Type: Informace
User: TOM-P30969VCMNK\Tomáš

Computer Name: TOM-P30969VCMNK
Event Code: 1015
Message: Připojení k serveru se nezdařilo. Chyba: 0x800401F0

Record Number: 1976
Source Name: MsiInstaller
Time Written: 20091006164316.000000+120
Event Type: Upozornění
User: TOM-P30969VCMNK\Tomáš

Computer Name: TOM-P30969VCMNK
Event Code: 11707
Message: Product: DeviceManagementQFolder -- Installation operation completed successfully.

Record Number: 1975
Source Name: MsiInstaller
Time Written: 20091006164316.000000+120
Event Type: Informace
User: TOM-P30969VCMNK\Tomáš

Computer Name: TOM-P30969VCMNK
Event Code: 1015
Message: Připojení k serveru se nezdařilo. Chyba: 0x800401F0

Record Number: 1974
Source Name: MsiInstaller
Time Written: 20091006164314.000000+120
Event Type: Upozornění
User: TOM-P30969VCMNK\Tomáš

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\ImageMagick-6.6.7-Q16;C:\Program Files\ImageMagick-6.6.7-Q8;C:\Program Files\Borland\Delphi7\Bin;C:\Program Files\Borland\Delphi7\Projects\Bpl;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 79 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Re: Log z UPM

Napsal: 20 zář 2011 17:45
od Rudy
Toto je OK. Zkuste ještě sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Dejte log.

Re: Log z UPM

Napsal: 21 zář 2011 14:34
od tomasr
Omlouvám se, že jsem založil 2 témata. Neměl jsem úmysl porušovat pravidla.
Tak jsem test udělal, měl původně trvat 3 dny, i když jsem vypnul obnovu a vymazal dočasná data. Nakonec se to stihlo dřív.
Nemůžu ho se ale nakopírovat, ani nahrát soubor (70MB), a to ani zazipovanej (3MB).
Hlásilo to 2 infekce, ale v té změti jsem je nenašel.

Re: Log z UPM

Napsal: 21 zář 2011 17:21
od Rudy
Hlásilo to 2 infekce, ale v té změti jsem je nenašel.
Podstatné je, zda byly smazány.

Re: Log z UPM

Napsal: 21 zář 2011 17:53
od tomasr
Asi ne to se musi udelat rucne...ted sem na to koukal a jsou to naky soubory z instalace jedny hry, kterou mam napocitaci tri roky...ty soubory jsou nutny a antiviry je obcas detekujou jako viry

Resume je takovy, ze pocitac zavirovany dle me neni...presto avast uz bez nove instalace systemu znovu nainstalovat nemuzu...zajimavy stripek do sbirky:)

Re: Log z UPM

Napsal: 21 zář 2011 19:18
od Rudy
Asi ne to se musi udelat rucne...ted sem na to koukal a jsou to naky soubory z instalace jedny hry, kterou mam napocitaci tri roky...ty soubory jsou nutny a antiviry je obcas detekujou jako viry.
AVP maže automaticky většinu souborů. Pokud se jedná o cracky, mohu vás ubezpečit, že i ty obsahují vir jako bonus. My je tu netrpíme z těchto důvodů a také proto, že jejich užití je nelegální.
Resume je takovy, ze pocitac zavirovany dle me neni...presto avast uz bez nove instalace systemu znovu nainstalovat nemuzu...zajimavy stripek do sbirky:)
Já tohle také vidím poprvé. Může být poškozený systém, ale také to může být i jiná příčina. V tétochvíli mohu poradit jen to, abyste pomocí uninstall utility odinstaloval veškeré zbytky Avastu: http://www.avast.com/cs-cz/uninstall-utility a zkusil jej znovu nainstalovat. Pokud se to nezdaří, nainstalujte prozatím jiný AV: http://www.viry.cz/forum/viewforum.php?f=29 abyste byl chráněn a obraťte se na podporu Avastu.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz