Zpomalení počítače

Zpráva

petredgar · #1 Příspěvek od **petredgar** » 23 srp 2011 23:27

Zdravím!
Pozoruju na svém noťasu nějaké zpomalení. Hry, které dřív běžely v pohodě, se teď občas sekají. Nevím, jestli je to postupným opotřebením noťasu nebo nějakou havětí. Tak prosím o kontrolu.
Log zde:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Petr at 2011-08-24 00:23:12
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 10 GB (4%) free of 228 GB
Total RAM: 1788 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:24:36, on 24.8.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\QIP\qip.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Warcraft III\invent\wc3isk2.exe
C:\Program Files\CPUID\HWMonitor\HWMonitor.exe
C:\windows\system32\taskmgr.exe
C:\Program Files\Totalcmd\TOTALCMD.EXE
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\rundll32.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = wifi.vkol.cz:3128
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O3 - Toolbar: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... b?3,14,8,0
O17 - HKLM\System\CCS\Services\Tcpip\..\{CC36B031-5B34-4AF9-BA0D-E74C7FCFC38D}: NameServer = 10.12.0.1,10.6.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{CC36B031-5B34-4AF9-BA0D-E74C7FCFC38D}: NameServer = 10.12.0.1,10.6.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll
O20 - AppInit_DLLs: C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll APSHook.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Update Service (gupdate1c99f0fa0068f00) (gupdate1c99f0fa0068f00) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 7608 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-79991764-2708180305-948282052-1004Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-79991764-2708180305-948282052-1004UA.job
C:\windows\tasks\User_Feed_Synchronization-{FCFE04A7-757E-48F5-AE5E-12D4B50CAB92}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{043C5167-00BB-4324-AF7E-62013FAEDACF}]
vShare Toolbar - C:\Program Files\vShare\vshare_toolbar.dll [2011-01-25 482360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{043C5167-00BB-4324-AF7E-62013FAEDACF} - vShare Toolbar - C:\Program Files\vShare\vshare_toolbar.dll [2011-01-25 482360]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1045800]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2008-03-19 3842048]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1314816]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-08-02 281768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"Google Update"=C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-25 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\accrdsub]
c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2007-05-16 293168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]
c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2008-05-21 24848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-18 2289664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPAP]
C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe [2010-04-06 185800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster]
C:\Program Files\Uniblue\RegistryBooster\launcher.exe delay 20000 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-02-24 202256]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll APSHook.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\kkvrahnb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\kkvrahnb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Users\Petr\AppData\Roaming\Microsoft\soucymawyz.exe"="C:\Users\Petr\AppData\Roaming\Microsoft\soucymawyz.exe:*:Enabled:tely32"
"C:\Users\Petr\AppData\Roaming\Microsoft\humouzyquet.exe"="C:\Users\Petr\AppData\Roaming\Microsoft\humouzyquet.exe:*:Enabled:tely32"
"C:\Users\Petr\AppData\Roaming\Microsoft\ceju.exe"="C:\Users\Petr\AppData\Roaming\Microsoft\ceju.exe:*:Enabled:tely32"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{009f49ba-971b-11dd-8130-0021868e50a8}]
shell\AutoRun\command - I:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1a3b7d08-96c0-11dd-9781-0022644e8c12}]
shell\AutoRun\command - G:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2cef2851-fc5a-11de-aebf-0022644e8c12}]
shell\AutoRun\command - G:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5a2914c5-a770-11dd-8c29-0022644e8c12}]
shell\AutoRun\command - I:\autorun.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c43719a2-5bf9-11df-8e09-0022644e8c12}]
shell\AutoRun\command - H:\PRIKAZE//netrazis.exe
shell\open\command - H:\PRIKAZE//netrazis.exe

======File associations======

.txt - open - "C:\Program Files\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 months======

2011-08-19 13:21:43 ----D---- C:\Users\Petr\AppData\Roaming\602XML
2011-08-19 13:20:55 ----D---- C:\Users\Petr\AppData\Roaming\602Installer
2011-08-19 13:20:22 ----D---- C:\Program Files\Common Files\soft602
2011-08-19 13:20:09 ----D---- C:\Program Files\Common Files\Freedom Scientific
2011-08-18 17:47:09 ----D---- C:\Program Files\Common Files\Steam
2011-08-18 17:46:59 ----D---- C:\Program Files\Steam
2011-08-06 02:40:12 ----D---- C:\Users\Petr\AppData\Roaming\DivX

======List of files/folders modified in the last 1 months======

2011-08-24 00:23:16 ----D---- C:\Program Files\trend micro
2011-08-24 00:23:10 ----AD---- C:\windows\Temp
2011-08-24 00:13:38 ----D---- C:\Program Files\Warcraft III
2011-08-23 23:45:58 ----D---- C:\Program Files\mIRC
2011-08-23 20:11:29 ----D---- C:\Program Files\Garena
2011-08-23 20:06:37 ----A---- C:\windows\ScrAntic.ini
2011-08-23 14:50:33 ----D---- C:\ProgramData\hpqLog
2011-08-19 13:35:23 ----SHD---- C:\System Volume Information
2011-08-19 13:21:56 ----SHD---- C:\windows\Installer
2011-08-19 13:21:52 ----D---- C:\windows\inf
2011-08-19 13:21:52 ----D---- C:\Windows
2011-08-19 13:20:25 ----D---- C:\windows\System32
2011-08-19 13:20:22 ----D---- C:\Program Files\Common Files
2011-08-18 17:46:59 ----RD---- C:\Program Files
2011-08-18 17:46:48 ----D---- C:\windows\system32\catroot2
2011-08-16 22:02:28 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-08-15 15:35:55 ----D---- C:\Program Files\TeamSpeak 3 Client
2011-08-15 12:01:31 ----D---- C:\windows\system32\WDI
2011-08-13 20:40:03 ----D---- C:\windows\system32\drivers
2011-08-08 00:14:58 ----D---- C:\Program Files\Mozilla Firefox
2011-07-29 01:57:22 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2011-07-27 00:01:11 ----D---- C:\Users\Petr\AppData\Roaming\BitTorrent
2011-07-25 21:03:15 ----D---- C:\Users\Petr\AppData\Roaming\IrfanView

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2011-07-06 138192]
R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2008-07-14 207688]
R1 mfetdik;McAfee Inc. mfetdik; C:\windows\system32\drivers\mfetdik.sys [2008-07-14 55176]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2008-05-30 12496]
R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 ACEDRV07;ACEDRV07; \??\C:\windows\system32\drivers\ACEDRV07.sys [2011-01-09 101376]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2011-07-06 66616]
R2 cpuz135;cpuz135; \??\C:\windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2008-04-07 34664]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2008-04-11 382464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2008-05-21 3552768]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
R3 HBtnKey;HBtnKey; C:\windows\system32\DRIVERS\cpqbttn.sys [2008-04-14 9344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2008-04-10 1804160]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2008-03-27 199472]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\windows\system32\DRIVERS\yk60x86.sys [2010-09-23 313632]
S3 a82ehsng;a82ehsng; C:\windows\system32\drivers\a82ehsng.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2009-02-14 1331192]
S3 BthEnum;Služba Bluetooth Enumerator; C:\windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2008-05-28 80424]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2008-05-28 81960]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2008-05-28 16168]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\Petr\AppData\Local\Temp\FZW3559.tmp []
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MfeAVFK;McAfee Inc. MfeAVFK; C:\windows\system32\drivers\MfeAVFK.sys [2008-07-14 79240]
S3 MfeBOPK;McAfee Inc. MfeBOPK; C:\windows\system32\drivers\MfeBOPK.sys [2008-07-14 35240]
S3 MfeRKDK;McAfee Inc. MfeRKDK; C:\windows\system32\drivers\MfeRKDK.sys [2008-07-14 34152]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-03-14 84520]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-07-06 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-06-02 18944]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-30 256512]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c99f0fa0068f00;Google Update Service (gupdate1c99f0fa0068f00); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-07 133104]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2008-01-21 21504]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-07 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WPFFontCache_v0400;@C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 accoca;ActivClient Middleware Service; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-16 182576]
S4 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2007-10-19 86016]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S4 Ati External Event Utility;Ati External Event Utility; C:\windows\system32\Ati2evxx.exe [2008-05-21 671744]
S4 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S4 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
S4 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-04-16 165192]
S4 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2008-04-07 24936]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-18 73728]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2010-04-25 66872]
S4 PnkBstrB;PnkBstrB; C:\windows\system32\PnkBstrB.exe [2009-01-15 202040]

-----------------EOF-----------------

#2 Příspěvek od **Caroprd111** » 24 srp 2011 13:21

Zdravím a vítám vás na našem bezpečnostním fóru viry.cz

Můj nick je Caroprd111. Budu se vám v tomto topicu věnovat a snažit se odstranit všechny vaše problémy s počítačem.

Než začneme, přečtěte si prosím následující poznámky.

Pokud nemáte, zálohujte si všechna důležitá data. Infikovaný počítač je nevyzpytatelný.
Důsledně a pečlivě si přečtěte celý postup, poté pokračujte po jednotlivých krocích.
Prosím, nespouštějte žádné další programy na vlastní pěst, zejména ComboFix. Zbytečně tím můžete zkomplikovat odvirování, dokonce i znefunkčnit systém.
Absence příznaků nemusí vždy znamenat, že je počítač čistý, proto vždy spolupracujte až do doby, než vám napíšu, že je počítač v pořádku.
V případě, že něčemu nerozumíte nebo si nejste jist, neváhejte se mě zeptat.
Pokud bude log dlouhý a nevejde se do jednoho příspěvku, rozdělte jej do více příspěvků.

H:\PRIKAZE//netrazis.exe Tohle znáte?

Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu

Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 
safebootminimal 
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
*crack* /s
*keygen* /s
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c

Označte položku Pro všechny uživatele.
Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikněte na tlačítko Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

petredgar · #3 Příspěvek od **petredgar** » 24 srp 2011 20:58

Omlouvám se za zpoždění, byl jsem pryč.

Caroprd111 píše: H:\PRIKAZE//netrazis.exe Tohle znáte?

Neznám, teď po zapnutí počítače ani nemám mechaniku H:
Určitě to bude zbytné...

OTL.txt:
OTL logfile created on: 24.8.2011 14:57:06 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Petr\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,75 Gb Total Physical Memory | 0,86 Gb Available Physical Memory | 49,45% Memory free
3,74 Gb Paging File | 2,72 Gb Available in Paging File | 72,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,88 Gb Total Space | 7,06 Gb Free Space | 3,17% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 2,01 Gb Free Space | 22,29% Space Free | Partition Type: NTFS
Drive F: | 1021,00 Mb Total Space | 1018,74 Mb Free Space | 99,78% Space Free | Partition Type: FAT32

Computer Name: NOTEBOOK | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.08.24 14:56:04 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
PRC - [2011.07.06 11:24:35 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.27 11:17:40 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.14 10:59:40 | 000,084,520 | ---- | M] (Software602 a.s.) -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2010.08.02 17:09:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.01.14 23:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.10.30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.08.08 07:04:10 | 001,091,768 | ---- | M] (C. Ghisler & Co.) -- C:\Program Files\Totalcmd\TOTALCMD.EXE
PRC - [2008.06.02 19:32:16 | 000,018,944 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
PRC - [2008.05.30 18:36:20 | 000,256,512 | ---- | M] (SafeBoot International) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2008.05.21 02:47:18 | 000,065,296 | ---- | M] (Bioscrypt Inc.) -- c:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
PRC - [2008.05.13 11:47:28 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.05.12 15:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
PRC - [2007.12.11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007.01.05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

========== Modules (No Company Name) ==========

MOD - [2011.08.06 04:21:25 | 000,400,440 | ---- | M] () -- C:\Users\Petr\AppData\Local\Google\Chrome\Application\13.0.782.112\ppgooglenaclpluginchrome.dll
MOD - [2011.08.06 04:21:24 | 004,118,072 | ---- | M] () -- C:\Users\Petr\AppData\Local\Google\Chrome\Application\13.0.782.112\pdf.dll
MOD - [2011.08.06 04:19:58 | 000,104,520 | ---- | M] () -- C:\Users\Petr\AppData\Local\Google\Chrome\Application\13.0.782.112\avutil-50.dll
MOD - [2011.08.06 04:19:56 | 000,203,848 | ---- | M] () -- C:\Users\Petr\AppData\Local\Google\Chrome\Application\13.0.782.112\avformat-52.dll
MOD - [2011.08.06 04:19:55 | 001,846,344 | ---- | M] () -- C:\Users\Petr\AppData\Local\Google\Chrome\Application\13.0.782.112\avcodec-52.dll
MOD - [2011.08.06 02:29:30 | 006,338,720 | ---- | M] () -- C:\Users\Petr\AppData\Local\Google\Chrome\Application\13.0.782.112\gcswf32.dll
MOD - [2008.10.11 23:18:46 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.09.16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.05.21 11:38:12 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.05.13 11:40:50 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll

========== Win32 Services (SafeList) ==========

SRV - [2011.07.06 11:24:35 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.27 11:17:40 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.03.14 10:59:40 | 000,084,520 | ---- | M] (Software602 a.s.) [Auto | Running] -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2010.06.14 16:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.06.02 19:32:16 | 000,018,944 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2008.05.30 18:36:20 | 000,256,512 | ---- | M] (SafeBoot International) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2008.05.21 02:42:40 | 000,111,888 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2008.05.21 02:42:34 | 000,137,488 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel)
SRV - [2008.05.12 15:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2008.01.21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007.10.19 09:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Disabled | Stopped] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2007.05.16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Disabled | Stopped] -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2007.01.05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

========== Driver Services (SafeList) ==========

DRV - [2011.07.06 11:24:36 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.06 11:24:36 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.01.09 21:49:41 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV07.sys -- (ACEDRV07)
DRV - [2010.11.09 15:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2010.06.17 16:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.02.26 15:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 15:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 15:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 15:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.01.05 15:02:40 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.09.23 10:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.02.13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.08.26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.14 11:22:40 | 000,055,176 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2008.07.14 11:22:20 | 000,034,152 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MfeRKDK.sys -- (MfeRKDK)
DRV - [2008.07.14 11:21:50 | 000,207,688 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2008.07.14 11:21:34 | 000,035,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MfeBOPK.sys -- (MfeBOPK)
DRV - [2008.07.14 11:21:28 | 000,079,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MfeAVFK.sys -- (MfeAVFK)
DRV - [2008.05.30 18:37:06 | 000,051,376 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2008.05.30 18:37:02 | 000,012,928 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2008.05.30 18:37:00 | 000,012,496 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2008.05.30 18:36:58 | 000,108,752 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2008.05.21 12:35:06 | 003,552,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.04.28 11:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008.04.14 23:39:06 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008.04.10 17:27:34 | 001,804,160 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008.04.07 20:13:46 | 000,025,448 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008.04.07 20:13:42 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.02.29 18:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.01.21 04:32:52 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2007.06.19 02:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2005.08.10 16:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\system32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-79991764-2708180305-948282052-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
IE - HKU\S-1-5-21-79991764-2708180305-948282052-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
IE - HKU\S-1-5-21-79991764-2708180305-948282052-1004\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-79991764-2708180305-948282052-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-79991764-2708180305-948282052-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = wifi.vkol.cz:3128

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.3.0.7280
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@parallelgraphics.com/Cortona: C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll (ParallelGraphics)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.688: C:\Program Files\real player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.688: C:\Program Files\real player\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.688: C:\Program Files\real player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Petr\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Petr\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.06.20 21:29:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.02.08 00:35:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.02.08 00:35:35 | 000,000,000 | ---D | M]

[2008.10.09 18:23:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Extensions
[2011.08.08 00:05:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i5rka2qn.default\extensions
[2011.02.08 00:37:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i5rka2qn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.11.23 20:08:30 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i5rka2qn.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.01.25 12:22:42 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i5rka2qn.default\extensions\vshare@toolbar
[2011.08.08 00:05:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.04.15 00:33:11 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.06.20 21:29:05 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2008.01.08 02:45:16 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2010.12.03 20:08:29 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.12.03 20:08:29 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2010.12.03 20:08:29 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.12.03 20:08:29 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.12.03 20:08:29 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O3 - HKLM\..\Toolbar: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKU\S-1-5-21-79991764-2708180305-948282052-1004\..\Toolbar\WebBrowser: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKU\S-1-5-21-79991764-2708180305-948282052-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedatovaschranka.cz/stati ... b?3,14,8,0 (Active602XMLFiller Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Petr\DOTA-2.jpg
O24 - Desktop BackupWallPaper: C:\Users\Petr\DOTA-2.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{009f49ba-971b-11dd-8130-0021868e50a8}\Shell - "" = AutoRun
O33 - MountPoints2\{009f49ba-971b-11dd-8130-0021868e50a8}\Shell\AutoRun\command - "" = I:\autorun.exe
O33 - MountPoints2\{1a3b7d08-96c0-11dd-9781-0022644e8c12}\Shell - "" = AutoRun
O33 - MountPoints2\{1a3b7d08-96c0-11dd-9781-0022644e8c12}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{2cef2851-fc5a-11de-aebf-0022644e8c12}\Shell - "" = AutoRun
O33 - MountPoints2\{2cef2851-fc5a-11de-aebf-0022644e8c12}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{5a2914c5-a770-11dd-8c29-0022644e8c12}\Shell\AutoRun\command - "" = I:\autorun.bat
O33 - MountPoints2\{c43719a2-5bf9-11df-8e09-0022644e8c12}\Shell\AutoRun\command - "" = H:\PRIKAZE//netrazis.exe
O33 - MountPoints2\{c43719a2-5bf9-11df-8e09-0022644e8c12}\Shell\open\command - "" = H:\PRIKAZE//netrazis.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: kkvrahnb.sys - Driver
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: kkvrahnb.sys - Driver
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vsmon - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.yv12 - C:\windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011.08.24 14:56:02 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
[2011.08.24 11:33:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
[2011.08.24 10:13:28 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2011.08.24 10:13:27 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2011.08.24 10:13:05 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10warp.dll
[2011.08.24 10:13:05 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10.dll
[2011.08.24 10:13:05 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d2d1.dll
[2011.08.24 10:13:05 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1.dll
[2011.08.24 10:13:04 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll
[2011.08.24 10:13:04 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10level9.dll
[2011.08.24 10:13:04 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1core.dll
[2011.08.24 10:13:04 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10core.dll
[2011.08.24 10:13:03 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xpsservices.dll
[2011.08.24 10:13:03 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\OpcServices.dll
[2011.08.24 10:13:03 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll
[2011.08.24 10:12:50 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2011.08.24 10:12:32 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll
[2011.08.24 10:12:32 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2011.08.24 10:12:32 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2011.08.24 10:12:32 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2011.08.24 10:12:31 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2011.08.24 10:12:31 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dll
[2011.08.24 10:12:31 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2011.08.24 10:11:53 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2011.08.24 10:11:47 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll
[2011.08.24 10:11:46 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll
[2011.08.24 10:11:36 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42u.dll
[2011.08.24 10:11:36 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42.dll
[2011.08.24 10:11:28 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dnscacheugc.exe
[2011.08.24 10:11:24 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\csrsrv.dll
[2011.08.21 13:38:40 | 000,000,000 | ---D | C] -- C:\Users\Petr\Documents\petredgar web
[2011.08.19 13:21:43 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\602XML
[2011.08.19 13:20:55 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\602Installer
[2011.08.19 13:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\soft602
[2011.08.19 13:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Freedom Scientific
[2011.08.18 17:47:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2011.08.18 17:47:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.08.18 17:46:59 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2011.08.06 02:40:12 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\DivX
[2008.10.08 14:31:25 | 000,180,224 | ---- | C] ( ) -- C:\windows\System32\rsnp2uvc.dll
[2008.10.08 14:31:24 | 000,176,128 | ---- | C] ( ) -- C:\windows\System32\csnp2uvc.dll
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Petr\AppData\Local\*.tmp files -> C:\Users\Petr\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2078.11.09 14:27:40 | 000,001,242 | ---- | M] () -- C:\Users\Petr\UVT-89-version1-cca_cer.cer
[2011.08.24 15:02:27 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.08.24 14:56:04 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
[2011.08.24 14:53:02 | 000,000,936 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.24 14:52:25 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.24 14:52:24 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.24 14:52:14 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011.08.24 14:51:38 | 1873,698,816 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.24 12:28:44 | 000,000,012 | ---- | M] () -- C:\windows\bthservsdp.dat
[2011.08.24 11:56:16 | 000,665,726 | ---- | M] () -- C:\windows\System32\perfh005.dat
[2011.08.24 11:56:16 | 000,655,904 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011.08.24 11:56:16 | 000,148,864 | ---- | M] () -- C:\windows\System32\perfc005.dat
[2011.08.24 11:56:16 | 000,128,918 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011.08.24 11:37:41 | 000,000,416 | -H-- | M] () -- C:\windows\tasks\User_Feed_Synchronization-{FCFE04A7-757E-48F5-AE5E-12D4B50CAB92}.job
[2011.08.24 11:32:04 | 000,000,958 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-79991764-2708180305-948282052-1004UA.job
[2011.08.24 11:29:02 | 000,000,940 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.24 11:10:06 | 000,410,160 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011.08.24 00:13:59 | 000,050,994 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\room_v3.dat
[2011.08.23 22:32:00 | 000,000,906 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-79991764-2708180305-948282052-1004Core.job
[2011.08.23 20:06:37 | 000,000,213 | ---- | M] () -- C:\windows\ScrAntic.ini
[2011.08.23 12:34:06 | 000,002,697 | ---- | M] () -- C:\Users\Public\Desktop\Counter-Strike Source.lnk
[2011.08.19 13:31:38 | 000,011,530 | ---- | M] () -- C:\Users\Petr\gsview32.ini
[2011.08.19 13:20:45 | 000,000,980 | ---- | M] () -- C:\Users\Public\Desktop\Software602 Form Filler.lnk
[2011.08.18 17:47:17 | 000,000,786 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2011.08.18 10:24:08 | 000,253,066 | ---- | M] () -- C:\Users\Petr\DOTA-2.jpg
[2011.08.13 20:40:03 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2011.08.12 18:51:33 | 000,002,037 | ---- | M] () -- C:\Users\Petr\Desktop\Google Chrome.lnk
[2011.07.29 21:53:06 | 000,002,501 | ---- | M] () -- C:\Users\Public\Desktop\Anti-Vibrate Oscar Editor.lnk
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Petr\AppData\Local\*.tmp files -> C:\Users\Petr\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.08.24 15:02:27 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.08.19 13:20:45 | 000,000,992 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software602 Form Filler.lnk
[2011.08.19 13:20:45 | 000,000,980 | ---- | C] () -- C:\Users\Public\Desktop\Software602 Form Filler.lnk
[2011.08.18 17:47:17 | 000,000,786 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011.08.18 10:24:31 | 000,253,066 | ---- | C] () -- C:\Users\Petr\DOTA-2.jpg
[2011.08.13 20:40:03 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2011.06.20 11:33:14 | 000,000,000 | ---- | C] () -- C:\Users\Petr\AppData\Local\{A28866C1-0D1C-49F0-9888-CE40A154E35E}
[2011.05.26 02:01:31 | 000,050,994 | ---- | C] () -- C:\Users\Petr\AppData\Roaming\room_v3.dat
[2011.03.22 21:48:53 | 000,046,658 | ---- | C] () -- C:\Users\Petr\AppData\Roaming\room.dat
[2011.02.08 12:24:03 | 000,001,204 | ---- | C] () -- C:\windows\ClockNetRadioFree.INI
[2010.10.04 14:55:53 | 000,000,213 | ---- | C] () -- C:\windows\ScrAntic.ini
[2010.08.15 15:01:54 | 000,000,004 | RHS- | C] () -- C:\ProgramData\sysqcl1129139270.dat
[2009.09.11 11:15:39 | 000,107,612 | ---- | C] () -- C:\windows\System32\StructuredQuerySchema.bin
[2009.09.11 11:14:18 | 000,117,248 | ---- | C] () -- C:\windows\System32\EhStorAuthn.dll
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\windows\System32\OGACheckControl.dll
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\windows\System32\OGAEXEC.exe
[2009.05.14 17:34:10 | 000,021,840 | ---- | C] () -- C:\windows\System32\SIntfNT.dll
[2009.05.14 17:34:10 | 000,017,212 | ---- | C] () -- C:\windows\System32\SIntf32.dll
[2009.05.14 17:34:10 | 000,012,067 | ---- | C] () -- C:\windows\System32\SIntf16.dll
[2009.05.14 17:18:28 | 000,035,430 | ---- | C] () -- C:\windows\DIIUnin.dat
[2009.05.06 19:23:59 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.dll
[2009.04.22 14:39:43 | 000,000,680 | ---- | C] () -- C:\Users\Petr\AppData\Local\d3d9caps.dat
[2009.02.14 12:32:49 | 000,006,656 | ---- | C] () -- C:\windows\System32\bcmwlrc.dll
[2009.01.06 17:46:38 | 000,137,688 | ---- | C] () -- C:\windows\System32\drivers\PnkBstrK.sys
[2009.01.06 17:46:38 | 000,022,328 | ---- | C] () -- C:\Users\Petr\AppData\Roaming\PnkBstrK.sys
[2009.01.06 17:46:24 | 000,202,040 | ---- | C] () -- C:\windows\System32\PnkBstrB.exe
[2009.01.06 17:46:14 | 000,066,872 | ---- | C] () -- C:\windows\System32\PnkBstrA.exe
[2009.01.06 17:46:09 | 000,000,319 | ---- | C] () -- C:\windows\game.ini
[2008.12.18 18:53:39 | 000,000,000 | ---- | C] () -- C:\windows\oodcnt.INI
[2008.11.26 22:56:32 | 000,000,056 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
[2008.10.17 09:32:36 | 000,050,176 | ---- | C] () -- C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.13 12:33:00 | 000,005,690 | ---- | C] () -- C:\Users\Petr\AppData\Roaming\gnuplot_history
[2008.10.11 09:33:17 | 000,077,396 | ---- | C] () -- C:\windows\War3Unin.dat
[2008.10.10 18:52:36 | 000,018,904 | ---- | C] () -- C:\windows\System32\StructuredQuerySchemaTrivial.bin
[2008.10.08 23:01:36 | 000,000,012 | ---- | C] () -- C:\windows\bthservsdp.dat
[2008.10.08 14:31:25 | 001,804,160 | ---- | C] () -- C:\windows\System32\drivers\snp2uvc.sys
[2008.10.08 14:31:25 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
[2008.10.08 14:31:24 | 000,028,160 | ---- | C] () -- C:\windows\System32\drivers\sncduvc.sys
[2008.08.04 16:43:08 | 000,204,800 | ---- | C] () -- C:\windows\System32\IVIresizeW7.dll
[2008.08.04 16:43:08 | 000,200,704 | ---- | C] () -- C:\windows\System32\IVIresizeA6.dll
[2008.08.04 16:43:08 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeP6.dll
[2008.08.04 16:43:08 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeM6.dll
[2008.08.04 16:43:08 | 000,188,416 | ---- | C] () -- C:\windows\System32\IVIresizePX.dll
[2008.08.04 16:43:08 | 000,020,480 | ---- | C] () -- C:\windows\System32\IVIresize.dll
[2008.08.04 16:16:55 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI
[2008.08.04 15:28:46 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2008.05.30 18:36:58 | 000,108,752 | ---- | C] () -- C:\windows\System32\drivers\SafeBoot.sys
[2008.05.22 17:16:58 | 000,003,584 | ---- | C] () -- C:\windows\System32\wceprv.dll
[2008.05.21 11:38:12 | 000,159,744 | ---- | C] () -- C:\windows\System32\atitmmxx.dll
[2008.05.21 11:09:24 | 003,107,788 | ---- | C] () -- C:\windows\System32\atiumdva.dat
[2008.04.17 12:02:10 | 000,665,726 | ---- | C] () -- C:\windows\System32\perfh005.dat
[2008.04.17 12:02:10 | 000,286,912 | ---- | C] () -- C:\windows\System32\perfi005.dat
[2008.04.17 12:02:10 | 000,148,864 | ---- | C] () -- C:\windows\System32\perfc005.dat
[2008.04.17 12:02:10 | 000,034,724 | ---- | C] () -- C:\windows\System32\perfd005.dat
[2008.03.06 12:40:54 | 000,168,883 | ---- | C] () -- C:\windows\System32\atiicdxx.dat
[2008.03.04 21:02:00 | 000,090,112 | ---- | C] () -- C:\windows\System32\atibrtmon.exe
[2006.11.02 14:53:49 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2006.11.02 14:44:53 | 000,410,160 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2006.11.02 12:33:01 | 000,655,904 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,128,918 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2006.03.09 11:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll
[2005.04.04 00:30:00 | 000,110,592 | ---- | C] () -- C:\windows\System32\scardsyn.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\windows\System32\lcppn21.dll
[1998.05.07 05:10:00 | 000,069,632 | ---- | C] () -- C:\windows\System32\ODMA32.dll
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\windows\System32\giveio.sys

========== LOP Check ==========

[2011.03.31 15:19:03 | 000,000,000 | -HSD | M] -- C:\Users\Petr\AppData\Roaming\.#
[2010.11.02 22:34:15 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\.minecraft
[2011.08.19 13:20:56 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\602Installer
[2011.08.19 13:28:31 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\602XML
[2011.06.27 23:37:38 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Ashampoo
[2010.02.12 19:11:15 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\BatteryCare
[2011.07.27 00:01:11 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\BitTorrent
[2008.10.09 18:59:10 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DAEMON Tools
[2010.02.25 13:48:11 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
[2008.10.19 23:15:53 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DNA
[2010.11.23 20:08:29 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.02.22 23:55:24 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Dyyno
[2010.11.25 05:10:58 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GHISLER
[2011.01.13 22:03:50 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Golly
[2010.10.07 11:52:02 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Helios
[2008.10.17 09:45:00 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\InterVideo
[2011.07.25 21:03:15 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\IrfanView
[2009.08.24 18:05:31 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Leadertech
[2011.03.22 11:18:10 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\LOVE
[2010.02.09 16:29:53 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Mp3 Editor for Free
[2011.04.04 18:23:40 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\My Games
[2010.11.23 20:49:20 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Nokia
[2010.11.23 20:49:21 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\PC Suite
[2011.07.04 15:12:06 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\PPlive
[2010.07.21 15:14:14 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Propellerhead Software
[2009.11.25 11:49:08 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Publish Providers
[2009.12.15 01:13:41 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Sony
[2009.04.09 10:00:52 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Sports Interactive
[2011.06.07 22:22:12 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\TS3Client
[2011.02.03 13:50:12 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Uniblue
[2011.01.16 20:47:23 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\WebcamMax
[2010.10.07 11:54:59 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\WinEdt
[2010.10.07 11:37:18 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\WinShell
[2010.10.04 14:57:54 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\XemiComputers
[2010.10.07 22:55:12 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\xm1
[2011.08.24 12:28:48 | 000,032,554 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2011.08.24 11:37:41 | 000,000,416 | -H-- | M] () -- C:\windows\Tasks\User_Feed_Synchronization-{FCFE04A7-757E-48F5-AE5E-12D4B50CAB92}.job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2009.10.30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd)
"Google Update" = "C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2008.11.25 12:17:05 | 000,133,104 | ---- | M] (Google Inc.)

< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 04:34:33 | 000,642,560 | ---- | M] () MD5=41D968409C9846B49BC5F20137C72241 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CSRSS.EXE >
[2008.01.21 04:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\System32\csrss.exe
[2008.01.21 04:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: LSASS.EXE >
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.21 04:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.21 04:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.21 04:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008.01.21 04:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[2008.02.08 06:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_a845f8a63534c8d3\ndis.sys
[2008.02.08 06:22:00 | 000,503,352 | ---- | M] (Microsoft Corporation) MD5=E50187F20ED749F57C97836FEDE14BD6 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_a631acb4382f8e4f\ndis.sys

< MD5 for: NTFS.SYS >
[2009.04.11 08:32:49 | 001,083,880 | ---- | M] (Společnost Microsoft) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\System32\drivers\ntfs.sys
[2009.04.11 08:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[2008.01.21 04:33:23 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A9681108492D -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys

< MD5 for: SCECLI.DLL >
[2008.01.21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SERVICES.EXE >
[2008.01.21 04:34:36 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009.04.11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009.04.11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

< MD5 for: SMSS.EXE >
[2008.01.21 04:33:22 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010.08.17 15:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[2009.04.11 08:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[2008.01.21 04:34:33 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[2010.08.17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe
[2010.08.17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[2010.08.17 16:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[2010.08.17 15:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008.01.21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\System32\drivers\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2008.08.04 16:08:34 | 000,890,936 | ---- | M] (Microsoft Corporation) MD5=9081EBA4184E7EB87C55E18C089283A5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22144_none_b38070957fa0b5e0\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.21 04:34:55 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.03.11 00:30:24 | 000,273,408 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\hpcpp081.dll
[2008.01.21 04:32:37 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
[2006.10.26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
[2008.04.17 11:49:59 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\cs-CZ\LMPRTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2008.10.08 14:24:44 | 000,000,000 | RHS- | M] () -- C:\windows\system32\drivers\103C_HP_bNB_6735s_Y5336AN_0U_QCNU83811MZ_E480127-021_4A_I30E4_SHP_V94.1C_68GPP F.03_T080702_WV2-1_L405_M1789_J250_7AMD_8F31_91.90_#080804_N_(FU374ES#AKB)_XMOBILE_CN10_Z_2F.03_G10029612.MRK
[2008.05.21 10:47:22 | 000,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\windows\system32\drivers\ati2erec.dll
[2006.08.23 19:26:58 | 000,328,162 | ---- | M] () -- C:\windows\system32\drivers\ativcaxx.cpa
[2006.08.23 19:26:58 | 000,000,929 | ---- | M] () -- C:\windows\system32\drivers\ativcaxx.vp
[2007.04.18 10:19:50 | 000,002,096 | ---- | M] () -- C:\windows\system32\drivers\ativdkxx.vp
[2007.05.30 13:37:38 | 000,002,096 | ---- | M] () -- C:\windows\system32\drivers\ativokxx.vp
[2007.05.30 13:37:38 | 000,002,096 | ---- | M] () -- C:\windows\system32\drivers\ativpkxx.vp
[2007.09.09 00:37:08 | 000,052,400 | ---- | M] () -- C:\windows\system32\drivers\ativvpxx.vp
[2006.09.18 23:26:46 | 003,440,660 | ---- | M] () -- C:\windows\system32\drivers\gm.dls
[2006.09.18 23:26:46 | 000,000,646 | ---- | M] () -- C:\windows\system32\drivers\gmreadme.txt
[2010.12.08 15:34:17 | 000,000,000 | -H-- | M] () -- C:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2009.07.14 19:45:07 | 000,000,003 | ---- | M] () -- C:\windows\system32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010.12.08 15:34:19 | 000,000,000 | -H-- | M] () -- C:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2008.08.04 16:30:35 | 000,000,000 | -H-- | M] () -- C:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2010.12.08 18:57:08 | 000,000,000 | -H-- | M] () -- C:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2008.08.01 01:46:57 | 000,000,000 | -H-- | M] () -- C:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2009.12.11 02:58:43 | 000,000,000 | -H-- | M] () -- C:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011.08.13 20:40:03 | 000,000,000 | -H-- | M] () -- C:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2006.11.02 16:09:50 | 001,419,232 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\drivers\wdfcoinstaller01005.dll

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.05.30 18:36:58 | 000,108,752 | ---- | M] () Unable to obtain MD5 -- C:\windows\system32\drivers\SafeBoot.sys
[2010.01.05 15:02:40 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\windows\system32\drivers\sptd.sys

< %systemroot%\system32\*.* /5 >
[2011.08.24 14:52:24 | 000,003,216 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.24 14:52:25 | 000,003,216 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.24 11:10:06 | 000,410,160 | ---- | M] () -- C:\windows\system32\FNTCACHE.DAT
[2011.08.24 11:56:16 | 000,148,864 | ---- | M] () -- C:\windows\system32\perfc005.dat
[2011.08.24 11:56:16 | 000,128,918 | ---- | M] () -- C:\windows\system32\perfc009.dat
[2011.08.24 11:56:16 | 000,665,726 | ---- | M] () -- C:\windows\system32\perfh005.dat
[2011.08.24 11:56:16 | 000,655,904 | ---- | M] () -- C:\windows\system32\perfh009.dat
[2011.08.24 11:56:16 | 001,596,068 | ---- | M] () -- C:\windows\system32\PerfStringBackup.INI

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\config\*.sav >
[2008.01.21 05:31:11 | 015,716,352 | ---- | M] () -- C:\windows\system32\config\COMPONENTS.SAV
[2008.01.21 05:31:01 | 000,102,400 | ---- | M] () -- C:\windows\system32\config\DEFAULT.SAV
[2008.01.21 05:31:12 | 000,020,480 | ---- | M] () -- C:\windows\system32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\windows\system32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\windows\system32\config\SYSTEM.SAV

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[12 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\54a5aae0a97060e674b603a046171bbe\*.tmp files -> C:\windows\SoftwareDistribution\Download\54a5aae0a97060e674b603a046171bbe\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\e6eb2e5df3dbaf1a96bcd6161c8267df\*.tmp files -> C:\windows\SoftwareDistribution\Download\e6eb2e5df3dbaf1a96bcd6161c8267df\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

petredgar · #4 Příspěvek od **petredgar** » 24 srp 2011 20:58

< %APPDATA%\*. >
[2011.03.31 15:19:03 | 000,000,000 | -HSD | M] -- C:\Users\Petr\AppData\Roaming\.#
[2010.11.02 22:34:15 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\.minecraft
[2011.08.19 13:20:56 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\602Installer
[2011.08.19 13:28:31 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\602XML
[2008.10.08 14:35:38 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Adobe
[2011.06.27 23:37:38 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Ashampoo
[2008.10.08 14:39:01 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\ATI
[2010.11.24 21:45:02 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Avira
[2010.02.12 19:11:15 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\BatteryCare
[2011.07.27 00:01:11 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\BitTorrent
[2008.10.09 18:59:10 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DAEMON Tools
[2010.02.25 13:48:11 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
[2011.08.06 02:40:12 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DivX
[2008.10.19 23:15:53 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DNA
[2011.05.11 13:20:19 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\dvdcss
[2010.11.23 20:08:29 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.02.22 23:55:24 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Dyyno
[2010.11.25 05:10:58 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GHISLER
[2011.01.13 22:03:50 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Golly
[2010.01.21 22:08:01 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Hamachi
[2010.10.07 11:52:02 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Helios
[2009.02.14 12:39:00 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Hewlett-Packard
[2008.10.09 15:59:30 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\HPQLOG
[2008.10.08 14:38:11 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Identities
[2008.10.08 14:24:55 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\InstallShield
[2008.10.17 09:45:00 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\InterVideo
[2011.07.25 21:03:15 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\IrfanView
[2009.08.24 18:05:31 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Leadertech
[2011.03.22 11:18:10 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\LOVE
[2008.10.08 14:35:54 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Macromedia
[2009.12.14 01:34:41 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Malwarebytes
[2008.10.15 15:52:30 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Mathematica
[2009.03.30 11:34:06 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\MathematicaPlayer
[2010.11.24 22:53:27 | 000,000,000 | --SD | M] -- C:\Users\Petr\AppData\Roaming\Microsoft
[2008.12.02 12:45:14 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\mIRC
[2008.10.09 18:23:17 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Mozilla
[2010.02.09 16:29:53 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Mp3 Editor for Free
[2011.04.04 18:23:40 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\My Games
[2010.11.23 20:49:20 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Nokia
[2010.11.23 20:49:21 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\PC Suite
[2011.07.04 15:12:06 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\PPlive
[2010.07.21 15:14:14 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Propellerhead Software
[2010.09.30 13:52:43 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\PSpad
[2009.11.25 11:49:08 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Publish Providers
[2010.03.30 12:17:46 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Real
[2008.10.11 01:04:18 | 000,000,000 | RH-D | M] -- C:\Users\Petr\AppData\Roaming\SecuROM
[2011.07.04 15:01:25 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Skype
[2011.07.04 14:35:04 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\skypePM
[2009.12.15 01:13:41 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Sony
[2009.04.09 10:00:52 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Sports Interactive
[2010.01.05 15:13:36 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\teamspeak2
[2011.06.07 22:22:12 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\TS3Client
[2011.02.03 13:50:12 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Uniblue
[2010.11.25 05:10:59 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Ventrilo
[2011.08.24 01:05:55 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\vlc
[2011.01.16 20:47:23 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\WebcamMax
[2010.10.07 11:54:59 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\WinEdt
[2009.01.21 23:17:26 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\WinRAR
[2010.10.07 11:37:18 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\WinShell
[2010.10.04 14:57:54 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\XemiComputers
[2010.10.07 22:55:12 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\xm1
< *crack* /s >
[2009.12.19 13:45:08 | 000,003,460 | ---- | M] () -- \Program Files\Game_Maker8\Sprites\Maze - Platform\wall_block_cracked1.png
[2009.12.19 13:45:08 | 000,003,675 | ---- | M] () -- \Program Files\Game_Maker8\Sprites\Maze - Platform\wall_block_cracked2.png
[2009.12.19 13:45:08 | 000,004,107 | ---- | M] () -- \Program Files\Game_Maker8\Sprites\Maze - Platform\wall_block_cracked3.png
[2009.12.19 13:45:08 | 000,003,529 | ---- | M] () -- \Program Files\Game_Maker8\Sprites\Maze - Platform\wall_block_cracked4.png
[2009.03.08 10:59:14 | 000,163,840 | ---- | M] () -- \Program Files\Garena\plugins\UI\AvoidCrackPlugin.dll
[2011.05.06 13:50:20 | 000,000,100 | ---- | M] () -- \Program Files\Strogino CS Portal\Counter-Strike Source\cstrike\materials\concrete\prodwllecracked.vmt
[2011.05.06 13:50:20 | 000,174,968 | ---- | M] () -- \Program Files\Strogino CS Portal\Counter-Strike Source\cstrike\materials\concrete\prodwllecracked.vtf
[2011.05.06 13:54:06 | 000,000,540 | ---- | M] () -- \Program Files\Strogino CS Portal\Counter-Strike Source\hl2\materials\Glass\glasswindow018a_cracked.vmt
[2011.05.06 13:54:06 | 000,022,064 | ---- | M] () -- \Program Files\Strogino CS Portal\Counter-Strike Source\hl2\materials\Glass\glasswindow018a_cracked.vtf
[2008.11.22 02:26:24 | 000,036,845 | ---- | M] () -- \Users\Petr\AppData\Roaming\BitTorrent\Civilization 4 IV + Warlords expansion + 1.61 + 2.08 update + nocd crack civ4 civIV.rar.torrent
[2009.02.22 11:18:14 | 000,009,216 | ---- | M] () -- \Users\Petr\Documents\Downloads\crack.exe
[2010.12.08 19:38:24 | 004,139,224 | ---- | M] () -- \Users\Petr\Documents\Downloads\GameZoneProject.Towers.Trap.v1.10.S60v3.SymbianOS9.1.Cracked-BiNPDA.rar
[2008.11.22 02:26:24 | 000,036,845 | ---- | M] () -- \Users\Petr\Downloads\Civilization 4 IV + Warlords expansion + 1.61 + 2.08 update + nocd crack civ4 civIV.rar [mininova].torrent
[4 \Users\Petr\Downloads\*.tmp files -> \Users\Petr\Downloads\*.tmp -> ]
[2008.10.11 06:55:22 | 051,990,528 | ---- | M] () -- \Users\Petr\Downloads\Warcraft III and The Frozen Throne\Warcraft III - The Frozen Throne [Disk3] -crack,patch,serial.iso
[1995.07.09 14:41:16 | 000,000,403 | ---- | M] () -- \Users\Petr\games\Micro Machines 2\IL-CRACK.COM
[2008.07.17 00:36:05 | 004,144,576 | ---- | M] () -- \Users\Petr\games\mobil\GameZoneProject.Towers.Trap.v1.10.S60v3.SymbianOS9.1.Cracked-BiNPDA.sis
[2001.05.25 22:47:30 | 000,017,910 | ---- | M] () -- \Users\Petr\games\star\StarCraft\crack.exe
[1994.11.17 09:13:44 | 000,007,632 | ---- | M] () -- \Users\Petr\games\Warcraft\CRACK.EXE

< *keygen* /s >
[2007.06.19 23:21:56 | 000,149,556 | ---- | M] () -- \Program Files\Wolfram Research\Mathematica\6.0\SystemFiles\Java\WolframSSHKeyGen.jar
[2008.10.23 12:23:46 | 000,022,016 | ---- | M] () -- \Users\Petr\finale\KeyGen.exe
[2006.07.22 13:53:28 | 000,001,527 | ---- | M] () -- \Users\Petr\games\star\starcraftkeygenerator\Keygen.class

< %APPDATA%\*.* >
[2010.11.24 14:54:54 | 000,000,000 | R--- | M] () -- C:\Users\Petr\AppData\Roaming\BG0Ai.txt
[2011.04.19 16:18:41 | 000,005,690 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\gnuplot_history
[2009.01.06 17:46:38 | 000,022,328 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\PnkBstrK.sys
[2011.05.24 23:05:57 | 000,046,658 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\room.dat
[2011.08.24 00:13:59 | 000,050,994 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\room_v3.dat

< %APPDATA%\*.exe /s >
[2011.07.04 15:12:05 | 011,408,960 | ---- | M] (PPLive Corporation) -- C:\Users\Petr\AppData\Roaming\PPlive\PPLite\Update\PPLite_Update.exe
[2010.07.04 19:51:34 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Petr\AppData\Roaming\Real\Update\setup3.11\setup.exe
[2011.01.30 20:04:58 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Petr\AppData\Roaming\Real\Update\setup3.14\setup.exe
[2011.06.11 09:01:33 | 000,308,864 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Petr\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\8.01\rnupgagent.exe
[2011.05.27 07:51:35 | 025,824,400 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Petr\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\8.01\stub_data\RealPlayer.exe
[2011.05.23 08:38:29 | 000,675,088 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Petr\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\8.01\stub_exe\RealPlayer.exe

< %SYSTEMDRIVE%\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-24 09:46:24

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >

< type c:\boot.ini >> test.txt /c >

========== Alternate Data Streams ==========

@Alternate Data Stream - 455886 bytes -> C:\windows\Temp:temp

< End of report >

Extras.txt:

OTL Extras logfile created on: 24.8.2011 14:57:06 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Petr\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,75 Gb Total Physical Memory | 0,86 Gb Available Physical Memory | 49,45% Memory free
3,74 Gb Paging File | 2,72 Gb Available in Paging File | 72,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,88 Gb Total Space | 7,06 Gb Free Space | 3,17% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 2,01 Gb Free Space | 22,29% Space Free | Partition Type: NTFS
Drive F: | 1021,00 Mb Total Space | 1018,74 Mb Free Space | 99,78% Space Free | Partition Type: FAT32

Computer Name: NOTEBOOK | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-79991764-2708180305-948282052-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Users\Petr\AppData\Roaming\Microsoft\soucymawyz.exe" = C:\Users\Petr\AppData\Roaming\Microsoft\soucymawyz.exe:*:Enabled:tely32
"C:\Users\Petr\AppData\Roaming\Microsoft\humouzyquet.exe" = C:\Users\Petr\AppData\Roaming\Microsoft\humouzyquet.exe:*:Enabled:tely32
"C:\Users\Petr\AppData\Roaming\Microsoft\ceju.exe" = C:\Users\Petr\AppData\Roaming\Microsoft\ceju.exe:*:Enabled:tely32

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07A2562B-9D18-487B-B72D-0CA27273FB08}" = lport=139 | protocol=6 | dir=in | app=system |
"{3B090556-4C7B-4FBD-BA85-93BA6E3FA3D3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4671E5DF-87F7-4E2F-9DA5-3740751D320E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{50031DDE-4D46-47C8-96E5-B758686B5BF3}" = lport=6112 | protocol=6 | dir=in | name=battlelan |
"{50E686B3-DD03-444E-8D7D-E4547EB41840}" = rport=139 | protocol=6 | dir=out | app=system |
"{55027302-AFA1-4837-9F85-4668ECA0F9A3}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5E9AC317-FD31-433E-B796-EBF90C448370}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7406FBFF-963B-453A-AC63-B0C24D3F34E2}" = lport=138 | protocol=17 | dir=in | app=system |
"{86F44B61-6BE0-4151-B2C2-EA76F2A04EC8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8A8CD1CC-E49B-4CB4-BB0C-7C113BCDABB8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{947C87D8-E8F3-4AC8-B989-BA055EC25B40}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{971DEA5E-85B8-4154-9D8D-B4AECAFE5122}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{99B1C1CC-69A7-4581-8658-D81FA7A3FBD2}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B770282A-4C86-4FD4-AE9D-1B3FADCE8F96}" = rport=445 | protocol=6 | dir=out | app=system |
"{C5217BCF-D837-4EC5-8581-7BCDB591F4A7}" = rport=137 | protocol=17 | dir=out | app=system |
"{C5FB7355-6774-45F1-B603-B9541FEBAC5F}" = lport=445 | protocol=6 | dir=in | app=system |
"{C8CCF0C6-ACF7-4133-A32C-A84047091417}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CE680D50-4D7E-415A-92C3-83F4F4736214}" = lport=137 | protocol=17 | dir=in | app=system |
"{DBBEC312-DC6B-46B1-BEA3-53065D7D2E82}" = rport=138 | protocol=17 | dir=out | app=system |
"{E996BDA7-C142-4BD7-8059-860FEE4D2FD1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F7398F16-021F-4231-938D-3A1831D5A15F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F82F0C0F-1C3A-41CF-A92C-CB05DA4B7326}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{035FC2CB-A373-4466-9804-0C289D937378}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{0CD93C1C-3BB5-4973-87E5-3BFFE6600353}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0E5FDE7E-6904-4331-A5FC-0433790682E9}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{330D36DB-BA99-456E-B8AD-EA2665017B68}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3854F92C-4A1F-4A87-863C-AD11E5E070D5}" = protocol=17 | dir=in | app=c:\program files\hamachi\hamachi.exe |
"{396E5584-6ABC-4675-9E37-07492988939A}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{46A5317E-6EB1-417F-827E-BF24D06C142C}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{477CCA8D-3520-4F62-A594-52475BDE1953}" = protocol=6 | dir=in | app=c:\program files\common files\soft602\langserv.exe |
"{4E048A09-5F64-43B9-A292-790419186102}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{59AF82A1-DAC5-49D7-B5BA-DB52F3CC06E0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{68FAD664-3368-471A-9FFA-89ADACBEB32F}" = protocol=17 | dir=in | app=c:\program files\common files\soft602\langserv.exe |
"{6C8A0720-690C-4E1A-B3A8-1596A34CB849}" = protocol=17 | dir=in | app=c:\program files\warcraft iii\frozen throne.exe |
"{75DDC305-9538-4E80-983B-70BDD133423C}" = protocol=17 | dir=in | app=c:\program files\wolfram research\mathematica player\7.0\mathematicaplayer.exe |
"{79AFD456-6DC7-48C5-B03E-7D70AF3DB87C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7D21AEFE-9BD1-4F67-9910-FC392D81ECC3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{815DC20A-8E17-4432-8712-F1DE94ECEEC0}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{A6AE392A-71B5-4B4B-9AF7-C4F6D03B0A95}" = protocol=6 | dir=in | app=c:\program files\wolfram research\mathematica player\7.0\mathematicaplayer.exe |
"{A9147612-CD2A-4C5F-9BF9-401EE5A3DEA8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B16E6431-CB19-4C12-AD51-1BBED97E6E06}" = protocol=6 | dir=in | app=c:\program files\wolfram research\mathematica player\7.0\math.exe |
"{B1CBDBCB-148D-4805-93AF-C6D5906317B0}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{B2DC134F-CBC6-4A89-A900-92CABAAC4B93}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B3E3DE08-ACCE-4EE7-B090-92000063C4A6}" = protocol=17 | dir=in | app=c:\program files\warcraft iii\warcraft iii.exe |
"{BAC16B97-02A8-45CD-AC3D-F932A74E1C38}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{C0D19ACC-DFD3-417F-B1FC-366E90D4769A}" = protocol=6 | dir=in | app=c:\program files\warcraft iii\warcraft iii.exe |
"{C47B0E64-9160-4087-92B2-AA5CB335D9AF}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{C925E25B-78ED-4680-9283-4C010E8B7B6E}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{D2F17BFA-639C-4BED-9424-10A840BDD8E8}" = protocol=6 | dir=in | app=c:\program files\warcraft iii\frozen throne.exe |
"{E0C3D9B1-A6BD-4E1E-A9A7-18C415A77F62}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{E8B5EF8C-D78F-40BF-B46B-93AAE1990DC5}" = protocol=17 | dir=in | app=c:\program files\wolfram research\mathematica player\7.0\math.exe |
"{EBFAA67E-1014-4938-AB97-88961D91B1C3}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{F08D7D58-BCF1-44E4-AEF9-D6C6E2C190FF}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{F9F01636-27B6-4F06-B10F-0C2DB734D195}" = protocol=6 | dir=in | app=c:\program files\hamachi\hamachi.exe |
"TCP Query User{00ECD467-EFD3-4E4B-9EDA-BD133A147604}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"TCP Query User{01E24930-4B76-40FD-ABBA-5D794A696077}C:\program files\diablo ii\game.exe" = protocol=6 | dir=in | app=c:\program files\diablo ii\game.exe |
"TCP Query User{09C573BF-0E17-4088-BA0A-866F48C9D6D2}C:\users\petr\games\rgc\client.exe" = protocol=6 | dir=in | app=c:\users\petr\games\rgc\client.exe |
"TCP Query User{1A202799-E3C7-45FD-9F20-2A25A0AF03DF}C:\program files\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"TCP Query User{2519239E-857E-4D31-81C9-BD79A21BCD26}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{2A8E6997-5123-4255-A8F5-D71B461DA4C6}C:\program files\warcraft iii\120x.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\120x.exe |
"TCP Query User{2F8F6FA6-1FBA-454C-9614-1ED4E073615F}C:\users\petr\downloads\battlelanv0.5\lancraft.exe" = protocol=6 | dir=in | app=c:\users\petr\downloads\battlelanv0.5\lancraft.exe |
"TCP Query User{321E7550-1570-42BF-8A5C-9B7DDB8642CB}C:\program files\serious sam 2\bin\sam2.exe" = protocol=6 | dir=in | app=c:\program files\serious sam 2\bin\sam2.exe |
"TCP Query User{32398F03-A3AB-4F87-8D61-193F0A920CAA}C:\users\petr\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\petr\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{35E3BD7F-3517-442E-8238-AD73784C9667}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe |
"TCP Query User{39AFDF6B-1C88-4FCF-B498-992064138096}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{48DEEFB3-A4BB-4337-82E0-6DB09012D89B}C:\program files\novalogic\delta force black hawk down\dfbhd.exe" = protocol=6 | dir=in | app=c:\program files\novalogic\delta force black hawk down\dfbhd.exe |
"TCP Query User{4BF66087-EA9C-4B95-8B96-435BB03F1016}C:\users\petr\games\star_wars_rebellion\rebexe.exe" = protocol=6 | dir=in | app=c:\users\petr\games\star_wars_rebellion\rebexe.exe |
"TCP Query User{56B798A5-FE6F-4EAF-B658-CCCFF344F285}C:\users\petr\appdata\local\temp\gm_ttt_94404\pong1.exe" = protocol=6 | dir=in | app=c:\users\petr\appdata\local\temp\gm_ttt_94404\pong1.exe |
"TCP Query User{5FF8E2FE-FC1D-4CDA-B311-92E83A6535B6}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{626DB1BE-EA4B-4F6D-989E-963982A9EA5D}C:\users\petr\games\star\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\users\petr\games\star\starcraft\starcraft.exe |
"TCP Query User{64D77763-1459-45E1-82DF-BB9C5477EBA0}C:\users\petr\games\paintball2\paintball2.exe" = protocol=6 | dir=in | app=c:\users\petr\games\paintball2\paintball2.exe |
"TCP Query User{6B4EA4FB-1DD1-4F78-9240-438AC33E323B}C:\program files\garena\garena.exe" = protocol=6 | dir=in | app=c:\program files\garena\garena.exe |
"TCP Query User{7C77661F-D3CE-443E-A123-BABF5050F9AB}C:\users\petr\games\okurky\gfonline.exe" = protocol=6 | dir=in | app=c:\users\petr\games\okurky\gfonline.exe |
"TCP Query User{96A31DED-12A3-4B8C-81C0-4A087C835822}C:\users\petr\appdata\local\temp\gm_ttt_12697\chat.exe" = protocol=6 | dir=in | app=c:\users\petr\appdata\local\temp\gm_ttt_12697\chat.exe |
"TCP Query User{A184C9E5-283E-4B24-803E-86C7059428C9}C:\users\petr\games\bang\kbang-0.1.3\kbang-server.exe" = protocol=6 | dir=in | app=c:\users\petr\games\bang\kbang-0.1.3\kbang-server.exe |
"TCP Query User{B056C163-C8ED-4790-8288-B5B747A81167}C:\users\petr\games\star\battlelanv0.5.exe" = protocol=6 | dir=in | app=c:\users\petr\games\star\battlelanv0.5.exe |
"TCP Query User{BAFCFA5A-731C-485C-BC91-FC16EF21AD02}C:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe |
"TCP Query User{C190C488-9516-4CDB-8627-EB62A63B66A2}C:\program files\novalogic\delta force black hawk down\dfbhdlc.exe" = protocol=6 | dir=in | app=c:\program files\novalogic\delta force black hawk down\dfbhdlc.exe |
"TCP Query User{CD834716-337B-46EA-89BA-2DB4DA5C7F17}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{D19305E9-8313-438B-A5B9-B359D043A13D}C:\program files\nopaypoker\nopaypoker.exe" = protocol=6 | dir=in | app=c:\program files\nopaypoker\nopaypoker.exe |
"TCP Query User{D705CBF9-1F7F-4F37-9ECA-E9AF12A1018E}C:\users\petr\games\rgc\rgc.exe" = protocol=6 | dir=in | app=c:\users\petr\games\rgc\rgc.exe |
"TCP Query User{DDD6B5EB-8E9A-4A0B-99BD-E5373725B17F}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{DF953D82-58D4-498A-A40A-23B3C9248109}C:\users\petr\appdata\local\temp\gm_ttt_19855\pong1.exe" = protocol=6 | dir=in | app=c:\users\petr\appdata\local\temp\gm_ttt_19855\pong1.exe |
"TCP Query User{E28F1AE7-AB8D-4B98-AC03-EC97D0EE6DE7}C:\program files\bzflag2.0.2\bzflag.exe" = protocol=6 | dir=in | app=c:\program files\bzflag2.0.2\bzflag.exe |
"TCP Query User{E396978C-22A6-4DCD-8059-68D0E1F1342B}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{E787E776-126C-422F-8C82-FBCA53E96BAE}C:\users\petr\games\recwar\recwar.exe" = protocol=6 | dir=in | app=c:\users\petr\games\recwar\recwar.exe |
"TCP Query User{F00ECF0C-06F5-4582-AD05-D16030A2136C}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{F04C958C-6F65-4973-BEAF-BFAB9DD01611}C:\users\jan\unrealtournament\system\unrealtournament.exe" = protocol=6 | dir=in | app=c:\users\jan\unrealtournament\system\unrealtournament.exe |
"TCP Query User{F4418D5A-82A9-4407-8AD3-961F695C4AEB}C:\users\petr\downloads\battlelanv0.5\battlelanv0.5.exe" = protocol=6 | dir=in | app=c:\users\petr\downloads\battlelanv0.5\battlelanv0.5.exe |
"TCP Query User{FAEC52C6-44F9-452D-96D6-F5188E9167FA}C:\users\petr\games\waagh\wtvclient.exe" = protocol=6 | dir=in | app=c:\users\petr\games\waagh\wtvclient.exe |
"TCP Query User{FBA213D8-0F57-4D15-91C5-4AE0647E2CB5}C:\users\petr\appdata\local\temp\_tc0\wtvclient.exe" = protocol=6 | dir=in | app=c:\users\petr\appdata\local\temp\_tc0\wtvclient.exe |
"UDP Query User{0C441670-6222-4D5D-BD98-32B75C7DD22C}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{11E46CD8-65D1-482F-AF44-70E0882B335D}C:\users\petr\appdata\local\temp\gm_ttt_94404\pong1.exe" = protocol=17 | dir=in | app=c:\users\petr\appdata\local\temp\gm_ttt_94404\pong1.exe |
"UDP Query User{14126E84-6338-40B5-A526-DCF1AC37489F}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"UDP Query User{2F4EFB2A-7667-4CF4-BF7D-4E835FD01D36}C:\users\petr\games\rgc\client.exe" = protocol=17 | dir=in | app=c:\users\petr\games\rgc\client.exe |
"UDP Query User{35BA7D1D-D151-4768-803B-899768C29F52}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe |
"UDP Query User{3ABA9BE4-9EB0-4445-B6B5-50F9E93851DF}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{411A6979-415D-4214-899B-E75E394619FB}C:\users\petr\games\bang\kbang-0.1.3\kbang-server.exe" = protocol=17 | dir=in | app=c:\users\petr\games\bang\kbang-0.1.3\kbang-server.exe |
"UDP Query User{42C7791F-58DC-4EA9-8D04-49CB9AA7CAD9}C:\users\petr\downloads\battlelanv0.5\battlelanv0.5.exe" = protocol=17 | dir=in | app=c:\users\petr\downloads\battlelanv0.5\battlelanv0.5.exe |
"UDP Query User{42E8EF75-C46B-4E13-A5AB-4C139EF8FECC}C:\program files\garena\garena.exe" = protocol=17 | dir=in | app=c:\program files\garena\garena.exe |
"UDP Query User{48E61C86-8309-4544-9B86-36359BB35052}C:\users\petr\games\okurky\gfonline.exe" = protocol=17 | dir=in | app=c:\users\petr\games\okurky\gfonline.exe |
"UDP Query User{51C7453D-6DAD-4957-BB89-FAA06B07ECFA}C:\program files\nopaypoker\nopaypoker.exe" = protocol=17 | dir=in | app=c:\program files\nopaypoker\nopaypoker.exe |
"UDP Query User{5D99D797-67B1-43D7-BE2D-E5C2E85910BD}C:\users\petr\games\rgc\rgc.exe" = protocol=17 | dir=in | app=c:\users\petr\games\rgc\rgc.exe |
"UDP Query User{668B8FB4-E106-406E-B5FB-34C0A1AC4886}C:\program files\serious sam 2\bin\sam2.exe" = protocol=17 | dir=in | app=c:\program files\serious sam 2\bin\sam2.exe |
"UDP Query User{69613901-6D7E-4C22-AE41-128E55A6AC5A}C:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe |
"UDP Query User{69C7EA90-C977-4B39-814A-1A1123982B6F}C:\users\petr\appdata\local\temp\gm_ttt_12697\chat.exe" = protocol=17 | dir=in | app=c:\users\petr\appdata\local\temp\gm_ttt_12697\chat.exe |
"UDP Query User{73765969-7021-426B-98E9-6261F5EF3AAE}C:\users\petr\appdata\local\temp\_tc0\wtvclient.exe" = protocol=17 | dir=in | app=c:\users\petr\appdata\local\temp\_tc0\wtvclient.exe |
"UDP Query User{7C98C257-7BD1-4A91-A475-16F9AB33CE09}C:\users\petr\games\paintball2\paintball2.exe" = protocol=17 | dir=in | app=c:\users\petr\games\paintball2\paintball2.exe |
"UDP Query User{95987BF2-994F-48C1-BE92-F5D646415792}C:\program files\bzflag2.0.2\bzflag.exe" = protocol=17 | dir=in | app=c:\program files\bzflag2.0.2\bzflag.exe |
"UDP Query User{99B877E0-7EE2-4820-8601-84A4710389E4}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{9A53E168-570E-484E-9DD1-B6A775A378BB}C:\program files\novalogic\delta force black hawk down\dfbhdlc.exe" = protocol=17 | dir=in | app=c:\program files\novalogic\delta force black hawk down\dfbhdlc.exe |
"UDP Query User{9D921433-B4E4-4965-8670-CBFB6B86B22D}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{9FCF1B9A-8CA0-4A80-B679-3121228E54B8}C:\program files\warcraft iii\120x.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\120x.exe |
"UDP Query User{A4B5AA6D-D936-4E95-B615-EDE1925856E5}C:\users\petr\games\recwar\recwar.exe" = protocol=17 | dir=in | app=c:\users\petr\games\recwar\recwar.exe |
"UDP Query User{AF508C6E-8496-498E-8E71-49262378E46A}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{B222E90E-B34A-4B38-80B6-9A0D41DF1710}C:\users\petr\games\star_wars_rebellion\rebexe.exe" = protocol=17 | dir=in | app=c:\users\petr\games\star_wars_rebellion\rebexe.exe |
"UDP Query User{B37028BC-5E4F-471D-9D32-ADB32AF18156}C:\users\petr\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\petr\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{B6DD93AC-66F9-42B4-9A32-3DAA9A823445}C:\users\petr\games\waagh\wtvclient.exe" = protocol=17 | dir=in | app=c:\users\petr\games\waagh\wtvclient.exe |
"UDP Query User{BA89A2F8-ECDD-4134-8C7F-9832385072A1}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{C196DBD0-0966-4579-8291-1DBCFDCCDBE0}C:\program files\diablo ii\game.exe" = protocol=17 | dir=in | app=c:\program files\diablo ii\game.exe |
"UDP Query User{C67CB0A0-CDA6-419B-B9B4-C0DDF81AE4A6}C:\program files\novalogic\delta force black hawk down\dfbhd.exe" = protocol=17 | dir=in | app=c:\program files\novalogic\delta force black hawk down\dfbhd.exe |
"UDP Query User{CE92AE32-B5D8-4763-98A6-4014D183B958}C:\users\jan\unrealtournament\system\unrealtournament.exe" = protocol=17 | dir=in | app=c:\users\jan\unrealtournament\system\unrealtournament.exe |
"UDP Query User{D18B5AF5-5BED-44ED-AAFA-E2AAE41FE78E}C:\users\petr\games\star\battlelanv0.5.exe" = protocol=17 | dir=in | app=c:\users\petr\games\star\battlelanv0.5.exe |
"UDP Query User{D57722C7-B231-488D-8CDE-0490E3F184D0}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{D6CD10DC-D8A8-481E-A3A2-152D133E0B95}C:\users\petr\downloads\battlelanv0.5\lancraft.exe" = protocol=17 | dir=in | app=c:\users\petr\downloads\battlelanv0.5\lancraft.exe |
"UDP Query User{EA989E99-2ED1-47A6-B3E4-981FB48A32F7}C:\users\petr\appdata\local\temp\gm_ttt_19855\pong1.exe" = protocol=17 | dir=in | app=c:\users\petr\appdata\local\temp\gm_ttt_19855\pong1.exe |
"UDP Query User{F3739186-095E-4E69-9ABD-459DB1B7FE36}C:\users\petr\games\star\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\users\petr\games\star\starcraft\starcraft.exe |
"UDP Query User{FCC9477B-93E3-4FA1-BF4B-FDFB84425445}C:\program files\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1
"{01F81577-D786-49D7-BAAF-B8A8B44CE251}" = ESU for Microsoft Vista SP1
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6202
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{084D80A0-A897-F435-CE63-A3A7CDB46D9A}" = CCC Help Danish
"{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A88700E-74DF-4CBF-B4F2-2F2147D416DA}" = Counter-Strike Source
"{0E485D10-139A-21B6-471C-7856AF893F42}" = Catalyst Control Center Localization Spanish
"{0F98662A-EA83-414F-8766-3FCE46A32641}" = Credential Manager for HP ProtectTools
"{12D61C9C-5E84-47F0-BD81-A48DF61A86D7}" = Vista Default Settings
"{1320CACA-1955-4E9E-84A1-B75F064221BB}" = Software602 Form Filler
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{154E4F71-DFC0-4B31-8D99-F97615031B02}" = HP Webcam Application
"{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"{196A2093-817C-7237-9FB8-7223FF8D3424}" = Catalyst Control Center Localization Portuguese
"{19C6BC99-B7D0-E36A-3F72-24501D2FF8F0}" = Catalyst Control Center Localization Thai
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}" = Star Wars Jedi Knight Jedi Academy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2462B5A9-CDE0-A51C-5646-6863B445B717}" = CCC Help Dutch
"{2472CC23-7C6E-F1A5-F439-B93CC198D0E2}" = Catalyst Control Center Graphics Light
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 15
"{27AB9B63-70B4-3444-7FE7-EAAF837286B6}" = Catalyst Control Center Localization Turkish
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2ACA66D0-7C67-4235-90B5-7AB382FF8633}" = HP 3D DriveGuard
"{2B01122D-645A-7A29-5F98-025F3F920EEE}" = CCC Help Thai
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2E8A56E1-8421-623F-7D27-5B0D64052D35}" = CCC Help Swedish
"{3032FE9D-1EF0-2B28-E28F-D14123A54091}" = CCC Help Norwegian
"{30BF4E6C-D866-46F7-A4F6-81A45E97706E}" = Catalyst Control Center - Branding
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{32D95F2D-17A3-9457-667D-DC603227295F}" = ATI Catalyst Install Manager
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 E1
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FE45683-E0A6-8887-BA46-93846D76A571}" = Catalyst Control Center Localization Japanese
"{420BBA1D-B275-4891-838C-EA88FE87A632}" = HP Customer Experience Enhancements
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{48530DE6-19F9-489D-809E-AFAA8AACC6DF}" = SplitMediaLabs VH Screen Capture Driver (x86)
"{4B8CE04B-567D-A6D1-C8C3-55151585051A}" = Catalyst Control Center Localization Hungarian
"{4BBB1697-A0C0-C00D-CC3B-2A3D8D7ED8E1}" = CCC Help Czech
"{4BDBFEB0-784B-8FBB-E323-17F4B8C3450D}" = Catalyst Control Center Core Implementation
"{4DEB1738-EE2D-9415-B1F3-99FE75519BB8}" = Catalyst Control Center Localization Norwegian
"{4E86E575-2B04-4FEC-ADA3-72D47CB4777C}" = Cortona3D Viewer
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4FE315B7-4634-4587-80FF-D40BF0989567}" = Wolfram Notebook Indexer 2.0
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{5E2A53AB-F61C-4509-B85D-9FF1B3D495B2}_is1" = ClockNetRadio 1.17 FREE
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FEB063B-B9A0-7677-8D4B-5DE1397BBC7F}" = Catalyst Control Center Localization Swedish
"{6079977A-C216-0ED5-7E82-5E94A7683EB1}" = Catalyst Control Center Localization Chinese Traditional
"{609C59C0-2920-B88F-AC4E-8434CEEA093F}" = CCC Help Chinese Standard
"{62A07DAC-EE36-7C2D-28D4-18A4B8F55EC9}" = Catalyst Control Center Localization Greek
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6716796A-DD6E-8B10-AF22-D30ECB25C682}" = CCC Help Portuguese
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A1F0A1A-474C-4151-8534-5F61832D88CD}" = Comic Life
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F854740-01D1-46A4-C809-D73B14F9FAA2}" = ccc-utility
"{70CEFEBA-F757-4DBE-8A21-027C326137CE}" = HP Software Setup 5.00.A.7
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}" = HP ProtectTools Security Manager Suite
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BE6A272-9078-5035-FB61-D2D1C15D1EA0}" = Catalyst Control Center Localization Russian
"{8253DB6F-C883-93A4-435F-9526DC07C17F}" = CCC Help Italian
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BB128BE-2670-485D-A221-B00715BCEBCF}" = HP Easy Setup - Frontend
"{8EC7AB5C-7128-B1CD-CA1D-74190D31313E}" = Catalyst Control Center Localization Chinese Standard
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9320B364-EF7F-90E6-63F8-C58EEB9AE517}" = Catalyst Control Center Graphics Full New
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{959B8759-D31A-CE42-6BA1-A8F7812C040B}" = CCC Help Finnish
"{959BAC64-7722-EBD6-660E-C74ED44CA0D3}" = Catalyst Control Center Localization Danish
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{99A5C123-2741-45BA-276A-8BDA52303CAD}" = CCC Help German
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CDB5063-D699-42BA-9135-7B8C4ECAC856}" = BIOS Configuration for HP ProtectTools
"{9DEE62F7-3C8A-A6E8-6D00-99BB99B0A19C}" = CCC Help French
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{A3EB6C7C-F959-9258-3A35-2A6EDB9CA176}" = CCC Help Hungarian
"{A4A74248-A609-4FE5-9370-64351D433D45}_is1" = Cabri II Plus Plug-in 1.4.5
"{A4B50564-9B8D-49DF-4A90-C6EC349A6538}" = Catalyst Control Center Localization Korean
"{A55C2FF6-4217-F05B-E603-0544CB9EBD93}" = Catalyst Control Center Localization French
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC194855-F7AC-4D04-B4C9-07BA46FCB697}" = ActivClient 6.1 x86
"{B076BAB8-B78C-053A-FAC2-0A9CCD802E0A}" = CCC Help Korean
"{B1508FDD-AFC7-373B-8B96-6A6BEC48A9A8}" = Catalyst Control Center Localization Polish
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3B36E34-2E5A-20E8-AF99-A2D40E84CC6F}" = CCC Help Turkish
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B57BC333-F983-C25E-4C04-834548DF8607}" = Catalyst Control Center Localization Italian
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B6EC7388-E277-4A5B-8C8F-71067A41BA64}" = TextPad 5
"{B79DB290-9F72-4B20-9776-848D7832705B}" = HP User Guides 0108
"{BECF6C08-ED85-7F05-E2CD-43A18DA0B3D7}" = CCC Help Spanish
"{BEEA5BCB-CCA1-6FBA-764C-625239FE0F50}" = CCC Help Polish
"{C09C13C7-B636-01CC-D5A1-A7411F858891}" = Catalyst Control Center Localization Czech
"{C19BD21C-AF1A-CBC1-3B73-938B37F6B0E6}" = CCC Help Chinese Traditional
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{C9EF2D75-ECB0-602D-6700-977702AD7CCF}" = Catalyst Control Center Graphics Full Existing
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBC24502-5EB5-45B6-9E56-E6A2F6AFA367}" = HP JavaCard for HP ProtectTools
"{CC8128C5-EC9A-0167-65F5-305E78F1A535}" = CCC Help Russian
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0FF1E97-85BA-C735-1D4C-636293B0E9F0}" = CCC Help Greek
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D405A9E1-5D02-46FB-A2B3-796F1F218B32}" = HP ProtectTools Security Manager
"{D4C5185C-A8DF-8466-FE8A-1692E08ECBF7}" = Skins
"{D7FD9036-5EE1-A970-B981-BF46AF433380}" = Catalyst Control Center Localization German
"{D8A790CB-CF32-4135-AAAE-6BA5A75C5DBF}" = OSCAR Editor
"{DA507A38-4B2A-40C0-90AC-E30AAA0B757C}" = Vegas Movie Studio Platinum 9.0
"{DBC658BB-C766-4852-8DBA-7E1DBFBC9D36}" = Wolfram Mathematica 6
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}" = HP Help and Support
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EF3C3C9A-C96B-051E-99D1-72D7CE823DA8}" = ccc-core-static
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F173C2B3-296F-458C-98FF-1676A42EBA02}" = HP Wallpaper
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F46CBAC2-20F4-98DA-D890-81F4DE2BF3BA}" = Catalyst Control Center Localization Finnish
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F545FAC8-4D05-229A-E1A3-3DF671518DC3}" = CCC Help English
"{F657EF23-08BB-4C8D-B688-78C20FA657EA}" = Drive Encryption for HP ProtectTools
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"{FB86EDAA-B17D-447E-972B-5580A4C6AE3C}_is1" = Legie
"{FF165D48-1562-B757-E006-69197226E903}" = CCC Help Japanese
"{FFCA8569-F139-54BF-A9EF-092A3DFDFB4B}" = Catalyst Control Center Localization Dutch
"34EA302E7F4CBD17A19E33BBCB72363234956D7E" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 4.5)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Aligator Cable Suite" = Aligator Cable Suite 2.12c
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"ATMA V" = ATMA V 5.05
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"CountDown ShutDown PC_is1" = CountDown ShutDown PC
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.17
"Czech Soccer Manager 2002 Final Editionverze 4.0 (31.3.2006)" = Czech Soccer Manager 2002 Final Edition
"Diablo II" = Diablo II
"DivX Setup.divx.com" = DivX Setup
"DotAlicious Gaming Client" = DotAlicious Gaming Client
"EEEE705096F837B7907659F100C9FE6DA001970F" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.7)
"Finale 2007" = Finale 2007
"Fraps" = Fraps
"Game Maker 8.0" = Game Maker 8.0
"Garena" = Garena 2010
"GoogleVideoPlayer" = Google Video Player
"GPL Ghostscript 8.63" = GPL Ghostscript 8.63
"GSview 4.9" = GSview 4.9
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Icy Tower 1.1" = Icy Tower 1.1
"InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{D8A790CB-CF32-4135-AAAE-6BA5A75C5DBF}" = Anti-Vibrate Oscar Editor
"InstallShield_{DBC658BB-C766-4852-8DBA-7E1DBFBC9D36}" = Wolfram Mathematica 6
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"Little Fighter 2" = Little Fighter 2 1.9c
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"mIRC" = mIRC
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mp3 Editor for Free_is1" = Mp3 Editor for Free v5.2.7 Build 79
"M-WIN-D 7.0.1 1223367_is1" = Mathematica Player (M-WIN-D 7.0.1 1223367)
"Nokia PC Suite" = Nokia PC Suite
"NoPayPOKER_is1" = NoPayPOKER
"OpenAL" = OpenAL
"OpenTTD" = OpenTTD 1.0.5
"PDF Complete" = PDF Complete
"Pirates_Battle_for_the_Caribbean_is1" = Pirates: Battle for the Caribbean
"Plants Vs Zombies" = Plants Vs Zombies
"POD-Bot 2.5" = POD-Bot 2.5
"PPLite" = PPLite 1.0.0.0028
"PSPad editor_is1" = PSPad editor
"Puzzle Quest 2_is1" = Puzzle Quest 2
"Puzzle Quest1.01" = Puzzle Quest
"QIP Infium_is1" = QIP Infium 2.0.9024 RC4
"RealPlayer 12.0" = RealPlayer
"Rollcage" = Rollcage
"ScreenSaver Druid" = ScreenSaver Druid
"Skispringen 2007_0001" = Skispringen 2007
"SopCast" = SopCast 3.2.9
"StrongDC++" = StrongDC++ 2.41
"SubMagic_is1" = SubMagic V0.70
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tanky ][" = Tanky ][ - Ještě větší pařba
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Texmaker" = Texmaker
"TmNationsForever_is1" = TmNationsForever
"Totalcmd" = Total Commander (Remove or Repair)
"TVUPlayer" = TVUPlayer 2.4.1.0
"UltraISO_is1" = UltraISO Premium V9.32
"Veetle TV" = Veetle TV 0.9.18
"VH Toolkit_is1" = VH Toolkit 1.0.46.0
"VLC media player" = VLC media player 1.0.3
"vShare" = vShare Plugin
"Warcraft III" = Warcraft III
"WinEdt_is1" = WinEdt
"WinRAR archiver" = WinRAR
"WinShell_is1" = WinShell

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-79991764-2708180305-948282052-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"GeoGebra WebStart" = GeoGebra WebStart
"Google Chrome" = Google Chrome
"QIP 2005" = QIP 2005 8095
"TeXLive2010" = TeX Live 2010
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 26.8.2010 4:13:07 | Computer Name = Notebook | Source = Google Update | ID = 20
Description =

Error - 26.8.2010 5:13:05 | Computer Name = Notebook | Source = Google Update | ID = 20
Description =

Error - 26.8.2010 6:13:09 | Computer Name = Notebook | Source = Google Update | ID = 20
Description =

Error - 26.8.2010 7:13:06 | Computer Name = Notebook | Source = Google Update | ID = 20
Description =

Error - 26.8.2010 7:54:10 | Computer Name = Notebook | Source = Application Error | ID = 1000
Description = Chybující aplikace chrome.exe, verze 0.0.0.0, časové razítko 0x4c05deaa,
chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000, kód výjimky
0xc0000005, posun chyby 0x00530065, ID procesu 0x1750, čas spuštění aplikace 0x01cb451531a1d3f0.

Error - 26.8.2010 8:11:11 | Computer Name = Notebook | Source = Windows Search Service | ID = 3013
Description =

Error - 26.8.2010 16:48:35 | Computer Name = Notebook | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 26.8.2010 16:48:35 | Computer Name = Notebook | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 26.8.2010 16:49:34 | Computer Name = Notebook | Source = WinMgmt | ID = 10
Description =

Error - 26.8.2010 17:09:43 | Computer Name = Notebook | Source = Windows Search Service | ID = 3013
Description =

[ Credential Manager Events ]
Error - 13.2.2011 10:26:18 | Computer Name = Notebook | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Petr@NOTEBOOK Client GUID: {Password} Error: 0xC516020B Client Host: localhost Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 13.2.2011 10:26:18 | Computer Name = Notebook | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Petr@NOTEBOOK Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 2.3.2011 4:39:23 | Computer Name = Notebook | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Petr@NOTEBOOK Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 2.3.2011 4:39:23 | Computer Name = Notebook | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Petr@NOTEBOOK Client GUID: {Password} Error: 0xC516020B Client Host: localhost Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 20.5.2011 2:20:49 | Computer Name = Notebook | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Petr@NOTEBOOK Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 20.5.2011 2:20:49 | Computer Name = Notebook | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Petr@NOTEBOOK Client GUID: {Password} Error: 0xC516020B Client Host: localhost Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 31.7.2011 11:13:31 | Computer Name = Notebook | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Petr@NOTEBOOK Client GUID: {Password} Error: 0xC516020B Client Host: localhost Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 31.7.2011 11:13:31 | Computer Name = Notebook | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Petr@NOTEBOOK Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 5.8.2011 20:20:11 | Computer Name = Notebook | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Petr@NOTEBOOK Client GUID: {Password} Error: 0xC516020B Client Host: localhost Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 5.8.2011 20:20:11 | Computer Name = Notebook | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Petr@NOTEBOOK Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

[ OSession Events ]
Error - 22.5.2009 11:41:52 | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 25142
seconds with 120 seconds of active time. This session ended with a crash.

Error - 13.4.2010 7:56:10 | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3474
seconds with 1920 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 24.8.2011 5:01:33 | Computer Name = Notebook | Source = Service Control Manager | ID = 7000
Description =

Error - 24.8.2011 5:07:36 | Computer Name = Notebook | Source = Application Popup | ID = 875
Description = Načtení ovladače sfdrv01.sys je blokováno.

Error - 24.8.2011 5:10:50 | Computer Name = Notebook | Source = Service Control Manager | ID = 7000
Description =

Error - 24.8.2011 5:11:09 | Computer Name = Notebook | Source = Service Control Manager | ID = 7026
Description =

Error - 24.8.2011 5:48:39 | Computer Name = Notebook | Source = Application Popup | ID = 875
Description = Načtení ovladače sfdrv01.sys je blokováno.

Error - 24.8.2011 5:50:40 | Computer Name = Notebook | Source = Service Control Manager | ID = 7000
Description =

Error - 24.8.2011 5:50:40 | Computer Name = Notebook | Source = Service Control Manager | ID = 7026
Description =

Error - 24.8.2011 8:51:16 | Computer Name = Notebook | Source = Application Popup | ID = 875
Description = Načtení ovladače sfdrv01.sys je blokováno.

Error - 24.8.2011 8:53:12 | Computer Name = Notebook | Source = Service Control Manager | ID = 7000
Description =

Error - 24.8.2011 8:53:12 | Computer Name = Notebook | Source = Service Control Manager | ID = 7026
Description =

< End of report >

#5 Příspěvek od **Caroprd111** » 24 srp 2011 21:07

Co s tím nelegálním softwarem?

Podle pravidel fóra se zde nelegálním softwarem nezabýváme - nelegální programy představují bezpečnostní hrozbu a navíc tím porušujete zákon.

petredgar · #6 Příspěvek od **petredgar** » 24 srp 2011 22:03

Omlouvám se, nějaký nelegální software (obzvláště (a myslím, že pouze) hry) jsem opravdu užíval. Snad už jsem je všechny odstranil.

#7 Příspěvek od **Caroprd111** » 24 srp 2011 22:22

Znovu spusťte OTL a do spodního bílého okna vložte následující skript. Poté klikněte na Opravit, PC se restartuje, výsledný log vložte sem.

Kód: Vybrat vše

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

:OTL
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
O33 - MountPoints2\{009f49ba-971b-11dd-8130-0021868e50a8}\Shell - "" = AutoRun
O33 - MountPoints2\{009f49ba-971b-11dd-8130-0021868e50a8}\Shell\AutoRun\command - "" = I:\autorun.exe
O33 - MountPoints2\{1a3b7d08-96c0-11dd-9781-0022644e8c12}\Shell - "" = AutoRun
O33 - MountPoints2\{1a3b7d08-96c0-11dd-9781-0022644e8c12}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{2cef2851-fc5a-11de-aebf-0022644e8c12}\Shell - "" = AutoRun
O33 - MountPoints2\{2cef2851-fc5a-11de-aebf-0022644e8c12}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{5a2914c5-a770-11dd-8c29-0022644e8c12}\Shell\AutoRun\command - "" = I:\autorun.bat
O33 - MountPoints2\{c43719a2-5bf9-11df-8e09-0022644e8c12}\Shell\AutoRun\command - "" = H:\PRIKAZE//netrazis.exe
O33 - MountPoints2\{c43719a2-5bf9-11df-8e09-0022644e8c12}\Shell\open\command - "" = H:\PRIKAZE//netrazis.exe
[2011.03.31 15:19:03 | 000,000,000 | -HSD | M] -- C:\Users\Petr\AppData\Roaming\.#
[2007.06.19 23:21:56 | 000,149,556 | ---- | M] () -- \Program Files\Wolfram Research\Mathematica\6.0\SystemFiles\Java\WolframSSHKeyGen.jar
[2008.10.23 12:23:46 | 000,022,016 | ---- | M] () -- \Users\Petr\finale\KeyGen.exe
[2006.07.22 13:53:28 | 000,001,527 | ---- | M] () -- \Users\Petr\games\star\starcraftkeygenerator\Keygen.class
[2008.11.22 02:26:24 | 000,036,845 | ---- | M] () -- \Users\Petr\AppData\Roaming\BitTorrent\Civilization 4 IV + Warlords expansion + 1.61 + 2.08 update + nocd crack civ4 civIV.rar.torrent
[2009.02.22 11:18:14 | 000,009,216 | ---- | M] () -- \Users\Petr\Documents\Downloads\crack.exe
[2010.12.08 19:38:24 | 004,139,224 | ---- | M] () -- \Users\Petr\Documents\Downloads\GameZoneProject.Towers.Trap.v1.10.S60v3.SymbianOS9.1.Cracked-BiNPDA.rar
[2008.11.22 02:26:24 | 000,036,845 | ---- | M] () -- \Users\Petr\Downloads\Civilization 4 IV + Warlords expansion + 1.61 + 2.08 update + nocd crack civ4 civIV.rar [mininova].torrent
[4 \Users\Petr\Downloads\*.tmp files -> \Users\Petr\Downloads\*.tmp -> ]
[2008.10.11 06:55:22 | 051,990,528 | ---- | M] () -- \Users\Petr\Downloads\Warcraft III and The Frozen Throne\Warcraft III - The Frozen Throne [Disk3] -crack,patch,serial.iso
[1995.07.09 14:41:16 | 000,000,403 | ---- | M] () -- \Users\Petr\games\Micro Machines 2\IL-CRACK.COM
[2008.07.17 00:36:05 | 004,144,576 | ---- | M] () -- \Users\Petr\games\mobil\GameZoneProject.Towers.Trap.v1.10.S60v3.SymbianOS9.1.Cracked-BiNPDA.sis
[2001.05.25 22:47:30 | 000,017,910 | ---- | M] () -- \Users\Petr\games\star\StarCraft\crack.exe
[1994.11.17 09:13:44 | 000,007,632 | ---- | M] () -- \Users\Petr\games\Warcraft\CRACK.EXE

:Files
C:\Users\Petr\AppData\Roaming\Microsoft\humouzyquet.exe
C:\Users\Petr\AppData\Roaming\Microsoft\humouzyquet.exe
C:\Users\Petr\AppData\Roaming\Microsoft\ceju.exe

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\Petr\AppData\Roaming\Microsoft\soucymawyz.exe" =-
"C:\Users\Petr\AppData\Roaming\Microsoft\humouzyquet.exe" =-
"C:\Users\Petr\AppData\Roaming\Microsoft\ceju.exe" =-

petredgar · #8 Příspěvek od **petredgar** » 24 srp 2011 22:34

Provedeno, přikládám log:

All processes killed
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jan

User: Petr
->Temp folder emptied: 47222672 bytes
->Temporary Internet Files folder emptied: 33256 bytes
->Java cache emptied: 30075925 bytes
->FireFox cache emptied: 25294066 bytes
->Google Chrome cache emptied: 262982466 bytes
->Flash cache emptied: 17854 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1052090 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 713261966 bytes

Total Files Cleaned = 1 030,00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Jan

User: Petr
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{009f49ba-971b-11dd-8130-0021868e50a8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{009f49ba-971b-11dd-8130-0021868e50a8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{009f49ba-971b-11dd-8130-0021868e50a8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{009f49ba-971b-11dd-8130-0021868e50a8}\ not found.
File I:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1a3b7d08-96c0-11dd-9781-0022644e8c12}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1a3b7d08-96c0-11dd-9781-0022644e8c12}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1a3b7d08-96c0-11dd-9781-0022644e8c12}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1a3b7d08-96c0-11dd-9781-0022644e8c12}\ not found.
File G:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2cef2851-fc5a-11de-aebf-0022644e8c12}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2cef2851-fc5a-11de-aebf-0022644e8c12}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2cef2851-fc5a-11de-aebf-0022644e8c12}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2cef2851-fc5a-11de-aebf-0022644e8c12}\ not found.
File G:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a2914c5-a770-11dd-8c29-0022644e8c12}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a2914c5-a770-11dd-8c29-0022644e8c12}\ not found.
File I:\autorun.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c43719a2-5bf9-11df-8e09-0022644e8c12}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c43719a2-5bf9-11df-8e09-0022644e8c12}\ not found.
File H:\PRIKAZE//netrazis.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c43719a2-5bf9-11df-8e09-0022644e8c12}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c43719a2-5bf9-11df-8e09-0022644e8c12}\ not found.
File H:\PRIKAZE//netrazis.exe not found.
C:\Users\Petr\AppData\Roaming\.# folder moved successfully.
File move failed. \Program Files\Wolfram Research\Mathematica\6.0\SystemFiles\Java\WolframSSHKeyGen.jar scheduled to be moved on reboot.
File move failed. \Users\Petr\finale\KeyGen.exe scheduled to be moved on reboot.
File \Users\Petr\games\star\starcraftkeygenerator\Keygen.class not found.
File move failed. \Users\Petr\AppData\Roaming\BitTorrent\Civilization 4 IV + Warlords expansion + 1.61 + 2.08 update + nocd crack civ4 civIV.rar.torrent scheduled to be moved on reboot.
File move failed. \Users\Petr\Documents\Downloads\crack.exe scheduled to be moved on reboot.
File move failed. \Users\Petr\Documents\Downloads\GameZoneProject.Towers.Trap.v1.10.S60v3.SymbianOS9.1.Cracked-BiNPDA.rar scheduled to be moved on reboot.
File move failed. \Users\Petr\Downloads\Civilization 4 IV + Warlords expansion + 1.61 + 2.08 update + nocd crack civ4 civIV.rar [mininova].torrent scheduled to be moved on reboot.
\Users\Petr\Downloads\2E35.tmp deleted successfully.
\Users\Petr\Downloads\B9D.tmp deleted successfully.
\Users\Petr\Downloads\E234.tmp deleted successfully.
\Users\Petr\Downloads\F00E.tmp deleted successfully.
File \Users\Petr\Downloads\Warcraft III and The Frozen Throne\Warcraft III - The Frozen Throne [Disk3] -crack,patch,serial.iso not found.
File \Users\Petr\games\Micro Machines 2\IL-CRACK.COM not found.
File \Users\Petr\games\mobil\GameZoneProject.Towers.Trap.v1.10.S60v3.SymbianOS9.1.Cracked-BiNPDA.sis not found.
File \Users\Petr\games\star\StarCraft\crack.exe not found.
File move failed. \Users\Petr\games\Warcraft\CRACK.EXE scheduled to be moved on reboot.
========== FILES ==========
File\Folder C:\Users\Petr\AppData\Roaming\Microsoft\humouzyquet.exe not found.
File\Folder C:\Users\Petr\AppData\Roaming\Microsoft\humouzyquet.exe not found.
File\Folder C:\Users\Petr\AppData\Roaming\Microsoft\ceju.exe not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Users\Petr\AppData\Roaming\Microsoft\soucymawyz.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Users\Petr\AppData\Roaming\Microsoft\humouzyquet.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Users\Petr\AppData\Roaming\Microsoft\ceju.exe deleted successfully.

OTL by OldTimer - Version 3.2.26.5 log created on 08242011_232412

Files\Folders moved on Reboot...
File move failed. \Program Files\Wolfram Research\Mathematica\6.0\SystemFiles\Java\WolframSSHKeyGen.jar scheduled to be moved on reboot.
File move failed. \Users\Petr\finale\KeyGen.exe scheduled to be moved on reboot.
File move failed. \Users\Petr\AppData\Roaming\BitTorrent\Civilization 4 IV + Warlords expansion + 1.61 + 2.08 update + nocd crack civ4 civIV.rar.torrent scheduled to be moved on reboot.
File move failed. \Users\Petr\Documents\Downloads\crack.exe scheduled to be moved on reboot.
File move failed. \Users\Petr\Documents\Downloads\GameZoneProject.Towers.Trap.v1.10.S60v3.SymbianOS9.1.Cracked-BiNPDA.rar scheduled to be moved on reboot.
File move failed. \Users\Petr\Downloads\Civilization 4 IV + Warlords expansion + 1.61 + 2.08 update + nocd crack civ4 civIV.rar [mininova].torrent scheduled to be moved on reboot.
File move failed. \Users\Petr\games\Warcraft\CRACK.EXE scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#9 Příspěvek od **Caroprd111** » 24 srp 2011 22:36

Jak se chová PC?

petredgar · #10 Příspěvek od **petredgar** » 24 srp 2011 22:38

S PC není žádný viditelný problém. On nebyl ani předtím, spíš mi přišlo, že je pomalejší, než býval. Proto jsem se chtěl ujistit, jestli je to opotřebením (stářím), nebo nějakou havětí.
Žádný přesný test nemám, takže to nemám s čím porovnávat.

#11 Příspěvek od **Caroprd111** » 24 srp 2011 23:09

Stáhněte T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Spusťte, pro potvrzení volby mačkejte klávesu A, Enter
Po použití program vymažte. Pozor, antiviry ho mohou falešně označit za vir.

Stáhněte TFC http://oldtimer.geekstogo.com/TFC.exe

Spusťte.
Klikněte na "Start". Potvrďte hlášku kliknutím na "Ok" (Bude následovat restart)

Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe

Spusťte.
Klikněte na "CleanUp!". Potvrďte hlášky kliknutím na "Yes" (Bude následovat restart)

Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
Obrázek

Záložka Čistič

Dejte analyzovat, po dokončení dejte Spustit Ccleaner.

Záložka Registry
Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.

OK

Zavřít

Defragmentujte disk.

Dejte nový log z RSIT.

petredgar · #12 Příspěvek od **petredgar** » 25 srp 2011 14:03

Všechna čištění provedena, na defragmentaci se od rána pracuje (teď 41%

). Pak dám vědět.

#13 Příspěvek od **Caroprd111** » 25 srp 2011 14:36

petredgar · #14 Příspěvek od **petredgar** » 25 srp 2011 18:20

Dofragmentováno. Zde je log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr at 2011-08-25 19:11:18
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 42 GB (18%) free of 228 GB
Total RAM: 1788 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:11:46, on 25.8.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\CPUID\HWMonitor\HWMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Totalcmd\TOTALCMD.EXE
C:\windows\system32\wuauclt.exe
C:\windows\system32\conime.exe
C:\Program Files\QIP\qip.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\mIRC\mirc.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\rundll32.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\Petr\Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Petr.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = wifi.vkol.cz:3128
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O3 - Toolbar: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... b?3,14,8,0
O17 - HKLM\System\CCS\Services\Tcpip\..\{CC36B031-5B34-4AF9-BA0D-E74C7FCFC38D}: NameServer = 10.12.0.1,10.6.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{CC36B031-5B34-4AF9-BA0D-E74C7FCFC38D}: NameServer = 10.12.0.1,10.6.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll
O20 - AppInit_DLLs: C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll APSHook.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Update Service (gupdate1c99f0fa0068f00) (gupdate1c99f0fa0068f00) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 7980 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-79991764-2708180305-948282052-1004Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-79991764-2708180305-948282052-1004UA.job
C:\windows\tasks\User_Feed_Synchronization-{FCFE04A7-757E-48F5-AE5E-12D4B50CAB92}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i5rka2qn.default

prefs.js - "extensions.enabledItems" - "vshare@toolbar:1.0.2, {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.3.0.7280, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@bittorrent.com/BitTorrentDNA]
"Description"=Delivery Network Acceleration by BitTorrent™
"Path"=C:\Program Files\DNA\plugins\npbtdna.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@parallelgraphics.com/Cortona]
"Description"=Cortona VRML Plugin
"Path"=C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.688]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\real player\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.688]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\real player\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.688]
"Description"=6.0.12.688
"Path"=C:\Program Files\real player\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
npbittorrent.dll
npdeploytk.dll
npnul32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i5rka2qn.default\extensions\
vshare@toolbar
{20a82645-c095-46ed-80e3-08825760534b}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{043C5167-00BB-4324-AF7E-62013FAEDACF}]
vShare Toolbar - C:\Program Files\vShare\vshare_toolbar.dll [2011-01-25 482360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{043C5167-00BB-4324-AF7E-62013FAEDACF} - vShare Toolbar - C:\Program Files\vShare\vshare_toolbar.dll [2011-01-25 482360]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1045800]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2008-03-19 3842048]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1314816]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-08-02 281768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"Google Update"=C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-25 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\accrdsub]
c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2007-05-16 293168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]
c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2008-05-21 24848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-18 2289664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPAP]
C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe [2010-04-06 185800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster]
C:\Program Files\Uniblue\RegistryBooster\launcher.exe delay 20000 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-02-24 202256]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll APSHook.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\kkvrahnb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\kkvrahnb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"msacm.lhacm"=lhacm.acm
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======File associations======

.txt - open - "C:\Program Files\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2011-08-25 19:11:20 ----D---- C:\Program Files\trend micro
2011-08-25 19:11:18 ----D---- C:\rsit
2011-08-25 10:27:01 ----D---- C:\Program Files\Defraggler
2011-08-24 11:33:37 ----A---- C:\windows\system32\tzres.dll
2011-08-24 10:13:35 ----A---- C:\windows\system32\shsvcs.dll
2011-08-24 10:13:28 ----A---- C:\windows\system32\ntkrnlpa.exe
2011-08-24 10:13:27 ----A---- C:\windows\system32\ntoskrnl.exe
2011-08-24 10:13:05 ----A---- C:\windows\system32\d3d10warp.dll
2011-08-24 10:13:05 ----A---- C:\windows\system32\d3d10_1.dll
2011-08-24 10:13:05 ----A---- C:\windows\system32\d3d10.dll
2011-08-24 10:13:05 ----A---- C:\windows\system32\d2d1.dll
2011-08-24 10:13:04 ----A---- C:\windows\system32\FntCache.dll
2011-08-24 10:13:04 ----A---- C:\windows\system32\DWrite.dll
2011-08-24 10:13:04 ----A---- C:\windows\system32\d3d10level9.dll
2011-08-24 10:13:04 ----A---- C:\windows\system32\d3d10core.dll
2011-08-24 10:13:04 ----A---- C:\windows\system32\d3d10_1core.dll
2011-08-24 10:13:03 ----A---- C:\windows\system32\xpsservices.dll
2011-08-24 10:13:03 ----A---- C:\windows\system32\XpsGdiConverter.dll
2011-08-24 10:13:03 ----A---- C:\windows\system32\OpcServices.dll
2011-08-24 10:12:50 ----A---- C:\windows\system32\win32k.sys
2011-08-24 10:12:47 ----A---- C:\windows\system32\xmllite.dll
2011-08-24 10:12:44 ----A---- C:\windows\system32\inetcomm.dll
2011-08-24 10:12:35 ----A---- C:\windows\system32\ieframe.dll
2011-08-24 10:12:34 ----A---- C:\windows\system32\wininet.dll
2011-08-24 10:12:34 ----A---- C:\windows\system32\urlmon.dll
2011-08-24 10:12:33 ----A---- C:\windows\system32\mshtml.dll
2011-08-24 10:12:32 ----A---- C:\windows\system32\url.dll
2011-08-24 10:12:32 ----A---- C:\windows\system32\mstime.dll
2011-08-24 10:12:32 ----A---- C:\windows\system32\mshtmled.dll
2011-08-24 10:12:32 ----A---- C:\windows\system32\msfeeds.dll
2011-08-24 10:12:32 ----A---- C:\windows\system32\iertutil.dll
2011-08-24 10:12:31 ----A---- C:\windows\system32\iepeers.dll
2011-08-24 10:12:31 ----A---- C:\windows\system32\ieapfltr.dll
2011-08-24 10:12:18 ----A---- C:\windows\system32\kernel32.dll
2011-08-24 10:12:14 ----A---- C:\windows\system32\oleaut32.dll
2011-08-24 10:12:06 ----A---- C:\windows\system32\drivers\bowser.sys
2011-08-24 10:12:04 ----A---- C:\windows\system32\drivers\bthport.sys
2011-08-24 10:12:03 ----A---- C:\windows\system32\drivers\BTHUSB.SYS
2011-08-24 10:12:00 ----A---- C:\windows\system32\vbscript.dll
2011-08-24 10:12:00 ----A---- C:\windows\system32\jscript.dll
2011-08-24 10:11:57 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2011-08-24 10:11:57 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2011-08-24 10:11:56 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2011-08-24 10:11:53 ----A---- C:\windows\system32\winsrv.dll
2011-08-24 10:11:51 ----A---- C:\windows\system32\drivers\srvnet.sys
2011-08-24 10:11:51 ----A---- C:\windows\system32\drivers\srv2.sys
2011-08-24 10:11:47 ----A---- C:\windows\system32\atmfd.dll
2011-08-24 10:11:46 ----A---- C:\windows\system32\atmlib.dll
2011-08-24 10:11:44 ----A---- C:\windows\system32\drivers\srv.sys
2011-08-24 10:11:36 ----A---- C:\windows\system32\mfc42u.dll
2011-08-24 10:11:36 ----A---- C:\windows\system32\mfc42.dll
2011-08-24 10:11:32 ----A---- C:\windows\system32\drivers\dfsc.sys
2011-08-24 10:11:28 ----A---- C:\windows\system32\dnsrslvr.dll
2011-08-24 10:11:28 ----A---- C:\windows\system32\dnscacheugc.exe
2011-08-24 10:11:28 ----A---- C:\windows\system32\dnsapi.dll
2011-08-24 10:11:24 ----A---- C:\windows\system32\csrsrv.dll
2011-08-24 10:11:21 ----A---- C:\windows\system32\drivers\afd.sys
2011-08-24 09:56:03 ----A---- C:\windows\system32\drivers\tcpip.sys
2011-08-24 09:55:57 ----A---- C:\windows\system32\schannel.dll
2011-08-19 13:21:43 ----D---- C:\Users\Petr\AppData\Roaming\602XML
2011-08-19 13:20:55 ----D---- C:\Users\Petr\AppData\Roaming\602Installer
2011-08-19 13:20:22 ----D---- C:\Program Files\Common Files\soft602
2011-08-19 13:20:09 ----D---- C:\Program Files\Common Files\Freedom Scientific
2011-08-18 17:47:09 ----D---- C:\Program Files\Common Files\Steam
2011-08-18 17:46:59 ----D---- C:\Program Files\Steam
2011-08-06 02:40:12 ----D---- C:\Users\Petr\AppData\Roaming\DivX

======List of files/folders modified in the last 1 month======

2011-08-25 19:11:31 ----D---- C:\windows\Prefetch
2011-08-25 19:11:20 ----RD---- C:\Program Files
2011-08-25 19:11:11 ----AD---- C:\windows\Temp
2011-08-25 19:04:08 ----SHD---- C:\System Volume Information
2011-08-25 14:58:07 ----D---- C:\Program Files\mIRC
2011-08-25 10:16:26 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2011-08-25 10:16:25 ----D---- C:\Users\Petr\AppData\Roaming\TS3Client
2011-08-25 10:16:24 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2011-08-25 10:16:24 ----D---- C:\Users\Petr\AppData\Roaming\BitTorrent
2011-08-25 10:16:17 ----D---- C:\windows\Logs
2011-08-25 10:16:17 ----D---- C:\windows\Debug
2011-08-25 10:16:17 ----D---- C:\Windows
2011-08-25 10:14:52 ----D---- C:\Program Files\CCleaner
2011-08-25 10:10:06 ----D---- C:\ProgramData\hpqLog
2011-08-25 09:57:42 ----D---- C:\windows\Internet Logs
2011-08-24 23:24:15 ----D---- C:\windows\system32\drivers\etc
2011-08-24 22:57:32 ----D---- C:\Program Files\Firaxis Games
2011-08-24 22:55:24 ----SHD---- C:\windows\Installer
2011-08-24 22:48:37 ----D---- C:\ProgramData
2011-08-24 22:46:41 ----HD---- C:\Program Files\InstallShield Installation Information
2011-08-24 22:46:22 ----D---- C:\Program Files\Skispringen 2007
2011-08-24 22:43:35 ----D---- C:\Program Files\Diablo II
2011-08-24 16:00:29 ----RSD---- C:\windows\assembly
2011-08-24 16:00:29 ----D---- C:\windows\Microsoft.NET
2011-08-24 12:06:46 ----D---- C:\windows\rescache
2011-08-24 11:56:16 ----D---- C:\windows\System32
2011-08-24 11:56:16 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-08-24 11:56:15 ----D---- C:\windows\inf
2011-08-24 11:47:11 ----D---- C:\windows\system32\drivers
2011-08-24 11:46:19 ----D---- C:\windows\system32\catroot
2011-08-24 11:46:05 ----D---- C:\windows\winsxs
2011-08-24 11:44:46 ----AD---- C:\windows\system32\cs-CZ
2011-08-24 11:11:30 ----D---- C:\windows\system32\catroot2
2011-08-24 11:08:54 ----D---- C:\Program Files\Microsoft Silverlight
2011-08-24 11:05:41 ----D---- C:\Program Files\Internet Explorer
2011-08-24 11:05:35 ----RSD---- C:\windows\Fonts
2011-08-24 11:05:32 ----D---- C:\Program Files\Windows Mail
2011-08-24 11:01:31 ----D---- C:\ProgramData\Microsoft Help
2011-08-24 01:05:55 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2011-08-24 00:13:38 ----D---- C:\Program Files\Warcraft III
2011-08-23 20:11:29 ----D---- C:\Program Files\Garena
2011-08-23 20:06:37 ----A---- C:\windows\ScrAntic.ini
2011-08-19 13:20:22 ----D---- C:\Program Files\Common Files
2011-08-15 15:35:55 ----D---- C:\Program Files\TeamSpeak 3 Client
2011-08-15 12:01:31 ----D---- C:\windows\system32\WDI
2011-08-13 20:38:35 ----D---- C:\windows\system32\drivers\UMDF
2011-08-08 00:14:58 ----D---- C:\Program Files\Mozilla Firefox
2011-07-30 10:05:12 ----A---- C:\windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie.sys [2008-04-28 14352]
R0 giveio;giveio; C:\windows\system32\giveio.sys [1996-04-03 5248]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2008-04-07 25448]
R0 MegaSR;MegaSR; C:\windows\system32\drivers\megasr.sys [2008-01-21 386616]
R0 SafeBoot;SafeBoot; C:\windows\system32\drivers\SafeBoot.sys [2008-05-30 108752]
R0 SbAlg;SbAlg; C:\windows\system32\drivers\SbAlg.sys [2008-05-30 51376]
R0 SbFsLock;SbFsLock; C:\windows\system32\drivers\SbFsLock.sys [2008-05-30 12928]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\windows\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-01-05 691696]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2011-07-06 138192]
R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2008-07-14 207688]
R1 mfetdik;McAfee Inc. mfetdik; C:\windows\system32\drivers\mfetdik.sys [2008-07-14 55176]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2008-05-30 12496]
R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 ACEDRV07;ACEDRV07; \??\C:\windows\system32\drivers\ACEDRV07.sys [2011-01-09 101376]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2011-07-06 66616]
R2 cpuz135;cpuz135; \??\C:\windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2008-04-07 34664]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2008-04-11 382464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2008-05-21 3552768]
R3 HBtnKey;HBtnKey; C:\windows\system32\DRIVERS\cpqbttn.sys [2008-04-14 9344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2008-04-10 1804160]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2008-03-27 199472]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\windows\system32\DRIVERS\yk60x86.sys [2010-09-23 313632]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S3 awuw13qm;awuw13qm; C:\windows\system32\drivers\awuw13qm.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2009-02-14 1331192]
S3 BthEnum;Služba Bluetooth Enumerator; C:\windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2008-05-28 80424]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2008-05-28 81960]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2008-05-28 16168]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\Petr\AppData\Local\Temp\FZW3559.tmp []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MfeAVFK;McAfee Inc. MfeAVFK; C:\windows\system32\drivers\MfeAVFK.sys [2008-07-14 79240]
S3 MfeBOPK;McAfee Inc. MfeBOPK; C:\windows\system32\drivers\MfeBOPK.sys [2008-07-14 35240]
S3 MfeRKDK;McAfee Inc. MfeRKDK; C:\windows\system32\drivers\MfeRKDK.sys [2008-07-14 34152]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-03-14 84520]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-07-06 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-06-02 18944]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-30 256512]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c99f0fa0068f00;Google Update Service (gupdate1c99f0fa0068f00); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-07 133104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-07 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WPFFontCache_v0400;@c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 accoca;ActivClient Middleware Service; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-16 182576]
S4 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2007-10-19 86016]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S4 Ati External Event Utility;Ati External Event Utility; C:\windows\system32\Ati2evxx.exe [2008-05-21 671744]
S4 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S4 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
S4 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-04-16 165192]
S4 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2008-04-07 24936]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-18 73728]
S4 NetMsmqActivator;@c:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2010-04-25 66872]
S4 PnkBstrB;PnkBstrB; C:\windows\system32\PnkBstrB.exe [2009-01-15 202040]

-----------------EOF-----------------

#15 Příspěvek od **Caroprd111** » 25 srp 2011 18:51

Log je v pořádku.

VIRY.CZ

Zpomalení počítače

Zpomalení počítače

Re: Zpomalení počítače

Re: Zpomalení počítače

Re: Zpomalení počítače

Re: Zpomalení počítače

Re: Zpomalení počítače

Re: Zpomalení počítače

Re: Zpomalení počítače

Re: Zpomalení počítače

Re: Zpomalení počítače

Re: Zpomalení počítače

Re: Zpomalení počítače

Re: Zpomalení počítače

Re: Zpomalení počítače

Re: Zpomalení počítače