Někdy vytížení PC na 100%

Zpráva

mrkew2 · #1 Příspěvek od **mrkew2** » 26 srp 2011 14:26

Někde se mi vytíží počítač na 100%. Mám dojem že tam něco mám. Poprosil bych o kontrolu logu. A ještě bych chtěl povypínat co nejvíce zbytečných služeb a procesu.

Logfile of random's system information tool 1.09 (written by random/random)
Run by PC at 2011-08-26 15:24:11
Microsoft Windows 7 Ultimate
System drive C: has 7 GB (14%) free of 50 GB
Total RAM: 3068 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:24:21, on 26.8.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Icon7\iConfig for Gamers\Z300\hid300.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Icon7\iConfig for Gamers\Tray.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\Opera\opera.exe
C:\Users\PC\Desktop\RSIT.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [iConfigg300] "C:\Program Files\Icon7\iConfig for Gamers\z300\hid300.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [Steam] "D:\Games\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EPSON39A7C4 (Epson Stylus SX420W)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU "C:\Windows\TEMP\E_S5E18.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Pidgin] C:\Program Files\Pidgin\pidgin.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GO36F4~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: CD Guard Drivers Auto Removal (v2) (psrem02) - Protection Technology - C:\Windows\system32\psrem02.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe

--
End of file - 6717 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3491727313-2059114097-998879636-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3491727313-2059114097-998879636-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\gle2vz0z.default

prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.3"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browserdirprovider.dll
brwsrcmp.dll
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GoogleDesktopMozilla.dll
GoogleDesktopMozillaStub.js
GoogleDesktopMozillaStub.xpt
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npnul32.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
googledesktop.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\gle2vz0z.default\extensions\
{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-11 3821568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-21 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-20 7625248]
"iConfigg300"=C:\Program Files\Icon7\iConfig for Gamers\z300\hid300.exe [2010-02-23 359936]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-03-28 281768]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2011-05-03 487424]
"Steam"=D:\Games\Steam\steam.exe [2011-08-02 1242448]
"EPSON39A7C4 (Epson Stylus SX420W)"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE [2009-09-14 200704]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-08-01 20880]
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2011-08-01 958352]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-07-29 17361032]
"Pidgin"=C:\Program Files\Pidgin\pidgin.exe [2011-08-20 48618]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F579D32520C4CBAF298862F1BEDBBDD0A557E2BB._service_run]
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe [2011-08-17 1017912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet 3]
C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe -minimize []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2011-07-25 30192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-04 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iConfig-z300]
C:\Program Files\Icon7\iConfig for Gamers\Z300\hid300.exe [2010-02-23 359936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ITSecMng]
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2009-07-22 83336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files\Samsung\Kies\KiesHelper.exe [2011-08-01 958352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-08-01 20880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2011-08-01 3507088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
d:\games\steam\steam.exe [2011-08-02 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Unified Remote v2]
C:\Program Files\Unified Remote\RemoteServer.exe [2011-05-07 177152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^20Dollars2Surf.lnk]
C:\PROGRA~1\20DOLL~1\20DOLL~1.EXE [2010-01-28 89088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [2009-11-05 2717024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FreeRapid 0.83u1.lnk]
D:\FREERA~1.83U\FREERA~1.83U\frd.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameRanger.lnk]
C:\Users\PC\AppData\Roaming\GAMERA~1\GAMERA~2\GAMERA~1.EXE [2011-06-24 1449696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Miranda IM.lnk]
C:\PROGRA~1\MIRAND~1\MIRAND~1.EXE [2011-06-06 818784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Red Alert 3.lnk]
D:\stažene soubory\Command.and.Conquer.Red.Alert.3.Multi4.Full-Rip\Red Alert 3\#readme#\VC80_Redist\vcredist_x64.exe []

C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EvernoteClipper.lnk - C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~3\GO36F4~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\xchat\xchat.exe"="C:\Program Files\xchat\xchat.exe:*:Enabled:XChat IRC Client"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=i420vfw.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsvid.dll
"vidc.yv12"=yv12vfw.dll
"vidc.mjpg"=pvmjpg30.dll
"VIDC.XFR1"=xfcodec.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-08-24 11:10:08 ----A---- C:\Windows\system32\tzres.dll
2011-08-23 20:54:56 ----D---- C:\Program Files\Penumbra
2011-08-23 19:06:25 ----D---- C:\Downloads
2011-08-23 19:05:37 ----D---- C:\ProgramData\iDownloader Limited
2011-08-23 19:05:37 ----D---- C:\Program Files\iDownloader
2011-08-23 19:04:14 ----D---- C:\ProgramData\Web Installer
2011-08-22 15:28:45 ----A---- C:\Windows\system32\drivers\athur.sys
2011-08-22 15:28:34 ----RA---- C:\Windows\system32\athur.sys
2011-08-20 14:33:52 ----A---- C:\Windows\WORDPAD.INI
2011-08-19 11:18:47 ----A---- C:\Windows\system32\pdfcmnnt.dll
2011-08-19 11:18:45 ----A---- C:\Windows\system32\MSMPIDE.DLL
2011-08-19 10:52:32 ----D---- C:\Users\PC\AppData\Roaming\PDF Writer
2011-08-19 10:47:33 ----D---- C:\Program Files\Common Files\Bullzip
2011-08-19 10:47:33 ----A---- C:\Windows\system32\bzpdfc.dll
2011-08-19 10:47:33 ----A---- C:\Windows\system32\bzFlRdr.dll
2011-08-19 10:47:33 ----A---- C:\Windows\system32\bzDCT.dll
2011-08-19 10:47:30 ----A---- C:\Windows\system32\bzpdf.dll
2011-08-17 16:05:03 ----D---- C:\Users\PC\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
2011-08-12 16:46:54 ----D---- C:\Program Files\Microsoft Chart Controls
2011-08-11 11:17:27 ----A---- C:\Windows\system32\xmllite.dll
2011-08-11 11:17:26 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-08-11 11:17:25 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-11 11:17:23 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-11 11:17:22 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-11 11:17:18 ----A---- C:\Windows\system32\iertutil.dll
2011-08-11 11:17:17 ----A---- C:\Windows\system32\ieframe.dll
2011-08-11 11:17:16 ----A---- C:\Windows\system32\mshtml.dll
2011-08-11 11:17:14 ----A---- C:\Windows\system32\urlmon.dll
2011-08-11 11:17:12 ----A---- C:\Windows\system32\wininet.dll
2011-08-11 11:17:12 ----A---- C:\Windows\system32\msfeeds.dll
2011-08-11 11:17:11 ----A---- C:\Windows\system32\url.dll
2011-08-11 11:17:11 ----A---- C:\Windows\system32\mstime.dll
2011-08-11 11:17:11 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-11 11:17:11 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-08-11 11:17:11 ----A---- C:\Windows\system32\licmgr10.dll
2011-08-11 11:17:11 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-11 11:17:11 ----A---- C:\Windows\system32\ieui.dll
2011-08-11 11:17:11 ----A---- C:\Windows\system32\iepeers.dll
2011-08-11 11:17:11 ----A---- C:\Windows\system32\iedkcs32.dll
2011-08-11 11:17:10 ----A---- C:\Windows\system32\msfeedssync.exe
2011-08-11 11:17:06 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-11 11:17:06 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-11 11:17:06 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-11 11:17:06 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-11 11:17:06 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-11 11:17:06 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-11 11:17:06 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-11 11:17:06 ----A---- C:\Windows\system32\winsrv.dll
2011-08-11 11:17:06 ----A---- C:\Windows\system32\KernelBase.dll
2011-08-11 11:17:06 ----A---- C:\Windows\system32\kernel32.dll
2011-08-11 11:17:06 ----A---- C:\Windows\system32\conhost.exe
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-11 11:17:02 ----A---- C:\Windows\system32\odbctrac.dll
2011-08-11 11:17:02 ----A---- C:\Windows\system32\odbcjt32.dll
2011-08-11 11:17:02 ----A---- C:\Windows\system32\odbccu32.dll
2011-08-11 11:17:02 ----A---- C:\Windows\system32\odbccr32.dll
2011-08-11 11:17:02 ----A---- C:\Windows\system32\odbccp32.dll
2011-08-07 12:57:00 ----D---- C:\Users\PC\AppData\Roaming\Unity
2011-08-06 14:40:48 ----D---- C:\Users\PC\AppData\Roaming\AtomZombieData
2011-07-31 11:56:10 ----D---- C:\Program Files\Common Files\Java
2011-07-31 11:55:54 ----A---- C:\Windows\system32\javaws.exe
2011-07-31 11:55:54 ----A---- C:\Windows\system32\javaw.exe
2011-07-31 11:55:54 ----A---- C:\Windows\system32\java.exe
2011-07-30 19:17:33 ----A---- C:\Windows\War3Unin.dat
2011-07-30 19:17:32 ----A---- C:\Windows\War3Unin.pif
2011-07-30 19:17:32 ----A---- C:\Windows\War3Unin.exe
2011-07-28 11:53:13 ----D---- C:\Users\PC\AppData\Roaming\Crayon Physics Deluxe
2011-07-28 11:31:39 ----D---- C:\Users\PC\AppData\Roaming\Broken Rules
2011-07-28 11:31:38 ----A---- C:\Windows\d3dx.dat
2011-07-28 10:59:29 ----D---- C:\Users\PC\AppData\Roaming\Lazy 8 Studios
2011-07-28 01:07:38 ----A---- C:\Windows\system32\easyupdatusapiu.dll
2011-07-28 01:06:29 ----A---- C:\Windows\system32\nvhdap32.dll
2011-07-28 01:06:29 ----A---- C:\Windows\system32\drivers\nvhda32v.sys
2011-07-28 01:06:28 ----A---- C:\Windows\system32\nvapo32v.dll
2011-07-28 01:06:23 ----A---- C:\Windows\system32\OpenCL.dll
2011-07-28 01:06:23 ----A---- C:\Windows\system32\nvoglv32.dll
2011-07-28 01:06:23 ----A---- C:\Windows\system32\nvgenco322090.dll
2011-07-28 01:06:23 ----A---- C:\Windows\system32\nvdispco3220150.dll
2011-07-28 01:06:23 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2011-07-28 01:06:22 ----A---- C:\Windows\system32\nvcuvid.dll
2011-07-28 01:06:22 ----A---- C:\Windows\system32\nvcuvenc.dll
2011-07-28 01:06:22 ----A---- C:\Windows\system32\nvcuda.dll
2011-07-28 01:06:22 ----A---- C:\Windows\system32\nvcompiler.dll

======List of files/folders modified in the last 1 month======

2011-08-26 15:24:15 ----D---- C:\Program Files\trend micro
2011-08-26 15:15:53 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2011-08-26 15:15:46 ----D---- C:\Users\PC\AppData\Roaming\.purple
2011-08-26 14:42:44 ----D---- C:\Windows\temp
2011-08-26 14:11:04 ----D---- C:\Users\PC\AppData\Roaming\gtk-2.0
2011-08-26 10:32:15 ----D---- C:\Users\PC\AppData\Roaming\Skype
2011-08-26 10:30:41 ----D---- C:\Windows\system32\config
2011-08-26 10:29:34 ----D---- C:\Program Files\TeamSpeak 3 Client
2011-08-26 09:34:41 ----D---- C:\Program Files\Common Files\Akamai
2011-08-25 16:11:20 ----D---- C:\Windows\System32
2011-08-25 16:11:20 ----D---- C:\Windows\inf
2011-08-25 16:11:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-25 13:38:07 ----D---- C:\ProgramData\PMB Files
2011-08-25 00:44:25 ----D---- C:\Windows\winsxs
2011-08-25 00:44:10 ----D---- C:\Windows\system32\sk-SK
2011-08-25 00:44:10 ----D---- C:\Windows\system32\ru-RU
2011-08-25 00:44:10 ----D---- C:\Windows\system32\en-US
2011-08-25 00:44:10 ----D---- C:\Windows\system32\cs-CZ
2011-08-25 00:43:41 ----SHD---- C:\System Volume Information
2011-08-24 11:07:57 ----D---- C:\Windows\system32\catroot
2011-08-24 11:07:56 ----D---- C:\Windows\system32\catroot2
2011-08-23 20:54:56 ----RD---- C:\Program Files
2011-08-23 19:52:06 ----D---- C:\Program Files\Pidgin
2011-08-23 19:05:37 ----HD---- C:\ProgramData
2011-08-23 17:09:00 ----D---- C:\Users\PC\AppData\Roaming\Bioshock
2011-08-22 20:58:03 ----D---- C:\Program Files\OpenAL
2011-08-22 15:35:01 ----D---- C:\Windows
2011-08-22 15:30:06 ----D---- C:\Users\PC\AppData\Roaming\TS3Client
2011-08-22 15:28:51 ----D---- C:\Windows\system32\drivers
2011-08-22 15:28:47 ----D---- C:\Windows\system32\DriverStore
2011-08-22 15:24:56 ----D---- C:\Windows\pss
2011-08-22 15:24:17 ----D---- C:\Windows\Logs
2011-08-22 15:24:17 ----D---- C:\Windows\debug
2011-08-22 15:21:56 ----SHD---- C:\Windows\Installer
2011-08-22 14:51:23 ----D---- C:\Windows\system32\NDF
2011-08-22 13:28:31 ----D---- C:\Windows\system32\directx
2011-08-22 13:27:55 ----D---- C:\ProgramData\Media Center Programs
2011-08-21 19:34:10 ----RD---- C:\Program Files\Skype
2011-08-21 19:33:08 ----D---- C:\Windows\system32\Tasks
2011-08-21 19:32:53 ----D---- C:\ProgramData\Skype
2011-08-20 14:33:49 ----D---- C:\Program Files\Heroes Studio
2011-08-19 11:19:04 ----D---- C:\Program Files\PDFCreator
2011-08-19 10:47:33 ----RSD---- C:\Windows\assembly
2011-08-19 10:47:33 ----D---- C:\Program Files\Common Files
2011-08-19 10:46:17 ----D---- C:\Windows\system32\FxsTmp
2011-08-16 20:54:37 ----D---- C:\Users\PC\AppData\Roaming\FileZilla
2011-08-16 09:58:58 ----D---- C:\Program Files\Opera
2011-08-16 09:39:20 ----SD---- C:\ProgramData\Microsoft
2011-08-16 09:30:32 ----D---- C:\Program Files\Microsoft Silverlight
2011-08-15 18:04:47 ----D---- C:\Users\PC\AppData\Roaming\X-Chat 2
2011-08-14 10:39:46 ----HD---- C:\Program Files\InstallShield Installation Information
2011-08-13 12:31:08 ----D---- C:\Windows\Microsoft.NET
2011-08-12 16:45:13 ----D---- C:\Users\PC\AppData\Roaming\HLSW
2011-08-12 10:55:16 ----D---- C:\Windows\system32\migration
2011-08-12 10:55:16 ----D---- C:\Program Files\Internet Explorer
2011-08-11 23:37:51 ----A---- C:\Windows\system32\MRT.exe
2011-08-10 23:21:07 ----D---- C:\Users\PC\AppData\Roaming\Mozilla
2011-08-10 22:07:06 ----D---- C:\Windows\Prefetch
2011-08-10 18:07:46 ----D---- C:\Program Files\Garena
2011-08-10 11:18:21 ----D---- C:\Program Files\VDMSound
2011-08-09 21:59:58 ----D---- C:\Program Files\Oldgames
2011-08-09 21:01:52 ----D---- C:\Program Files\DOSBox-0.74
2011-08-07 14:50:50 ----A---- C:\Windows\BlendSettings.ini
2011-08-05 13:03:19 ----D---- C:\Program Files\Razor
2011-08-01 23:48:23 ----D---- C:\Users\PC\AppData\Roaming\.minecraft
2011-07-31 11:55:40 ----D---- C:\Program Files\Java
2011-07-30 11:57:20 ----SD---- C:\Program Files\HLSW
2011-07-30 11:52:33 ----D---- C:\Program Files\CrystalDiskMark
2011-07-29 19:25:39 ----D---- C:\Program Files\Ubisoft
2011-07-29 15:44:00 ----D---- C:\Program Files\20Dollars2Surf
2011-07-28 01:08:04 ----D---- C:\Program Files\NVIDIA Corporation
2011-07-28 01:07:48 ----D---- C:\ProgramData\NVIDIA
2011-07-28 01:07:37 ----D---- C:\Windows\Help
2011-07-28 01:06:42 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2009-08-04 213024]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 psdrv02;CD Guard Environment Driver (v2); C:\Windows\system32\drivers\psdrv02.sys [2006-09-11 67960]
R0 pssync05;CD Guard Synchronization Driver (v5); C:\Windows\system32\drivers\pssync05.sys [2006-11-03 61312]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-17 691696]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-06-29 138192]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 SSHDRV65;SSHDRV65; \??\C:\Windows\system32\drivers\SSHDRV65.sys [2010-06-21 120320]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 69480]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2011-06-24 154416]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2011-06-24 33072]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-07-08 281760]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-06-29 66616]
R2 cpuz133;cpuz133; \??\C:\Windows\system32\drivers\cpuz133_x32.sys [2010-03-30 20968]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-07-08 25888]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2010-01-05 1500160]
R3 bbcap;bbcap; C:\Windows\system32\DRIVERS\bbcap.sys [2010-07-30 4096]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 59904]
R3 I7Z300Filter;Icon7_Z300; C:\Windows\system32\drivers\I7Z300.sys [2010-01-20 12800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-20 2664032]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-14 116064]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28.sys [2010-02-09 722720]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2011-05-10 139368]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2009-07-30 287392]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 17920]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-07-14 1068032]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2011-06-24 113456]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-12-21 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393216]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\PC\AppData\Local\Temp\EKP86D0.tmp []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 NLNdisMP;NLNdisMP; C:\Windows\system32\DRIVERS\nlndis.sys []
S3 NLNdisPT;NetLimiter Ndis Protocol Service; C:\Windows\system32\DRIVERS\nlndis.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 PCD65X2;PCD65X2; \??\C:\Users\PC\AppData\Local\Temp\PCD65X2.sys []
S3 PCD65X3;PCD65X3; \??\C:\Users\PC\AppData\Local\Temp\PCD65X3.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-01-03 121192]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-01-03 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-01-03 136680]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-01-03 114152]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 169320]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 42472]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 79872]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 61168]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-09-14 49400]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-06-24 101680]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\k10stat\k10stat\WinRing0.sys [2008-07-26 14416]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-06-29 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-05-21 615528]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2011-06-15 737016]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-04 136176]
S2 psrem02;CD Guard Drivers Auto Removal (v2); C:\Windows\system32\psrem02.exe [2006-05-11 358008]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2011-07-25 30192]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-04 136176]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-07-17 411432]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-10-21 148848]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 26 srp 2011 16:17

Zdravim a pekny den preji

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

Provedte aktualizaci - treti zalozka
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

mrkew2 · #3 Příspěvek od **mrkew2** » 26 srp 2011 20:44

Takže mám to. Ty soubory jsem smazal vím co to je. Co dál teď?

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Verze databáze: 7577

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

26.8.2011 21:41:41
mbam-log-2011-08-26 (21-41-29).txt

Typ: Úplná kontrola (C:\|D:\|E:\|F:\|)
Kontrolované objekty: 868351
Uplynulý čas: 4 hodin, 13 minut, 1 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 2

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
d:\stažene soubory\stažhry\defcon-www.shareodie.net\defcon-www.shareodie.net\defcon.v1.6.multi5.cracked-theta\nfoviewer.exe (Malware.Packer.Krunchy) -> No action taken.
d:\stažene soubory\stažhry\defcon-www.shareodie.net\defcon-www.shareodie.net\defcon.v1.6.multi5.cracked-theta\Crack\defcon.v1.6-offline-patch.exe (PUP.Hacktool.Patcher) -> No action taken.

#4 Příspěvek od **vyosek** » 27 srp 2011 05:57

Stahnete na plochu CKScanner

Spustte a kliknete na Search for files
Po dokonceni skenu kliknete na Save List to File a nasledne OK
Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

mrkew2 · #5 Příspěvek od **mrkew2** » 27 srp 2011 09:06

OTL.txt mi z toho nevypadl.
Edit: už ano je dole. Měla to avira v karanténě.

ckfiles.txt
CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\garena\plugins\ui\avoidcrackplugin.dll
c:\program files\gimp-2.0\share\gimp\2.0\patterns\cracked.pat
c:\program files\inkscape\python\lib\site-packages\numpy\f2py\crackfortran.py
c:\program files\microsoft research\kodu game lab\content\textures\terrain\groundtextures\cracked_diff.xnb
c:\program files\microsoft research\kodu game lab\content\textures\terrain\groundtextures\cracked_norm.xnb
c:\program files\microsoft research\kodu game lab\content\textures\terrain\groundtextures\dirt_crackeddrysoft_df_.xnb
c:\program files\microsoft research\kodu game lab\content\textures\terrain\groundtextures\dirt_crackeddrysoft_df_border.xnb
c:\program files\mount&blade warband\sounds\fire_small_crackle_slick_op.ogg
c:\program files\penumbra\episode 1\redist\sounds\ice_cave\ice_cave_crack.snt
c:\program files\penumbra\episode 1\redist\sounds\ice_cave\ice_cave_crack1.ogg
c:\program files\penumbra\episode 1\redist\sounds\ice_cave\ice_cave_crack2.ogg
c:\program files\penumbra\episode 1\redist\sounds\ice_cave\ice_cave_crack3.ogg
c:\program files\penumbra\episode 1\redist\sounds\ice_cave\ice_cave_crack4.ogg
c:\program files\penumbra\episode 1\redist\sounds\ice_cave\ice_cave_crack5.ogg
c:\program files\penumbra\episode 1\redist\sounds\ice_cave\ice_cave_ice_crack.snt
c:\program files\penumbra\episode 1\redist\sounds\ice_cave\ice_cave_ice_crack1.ogg
c:\program files\razor\crypt.dll
scanner sequence 3.GJ.11.OILBCB
----- EOF -----

Extras.txt
OTL Extras logfile created on: 27.8.2011 9:31:45 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\PC\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 61,49% Memory free
5,99 Gb Paging File | 4,66 Gb Available in Paging File | 77,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,73 Gb Total Space | 7,35 Gb Free Space | 15,09% Space Free | Partition Type: NTFS
Drive D: | 416,93 Gb Total Space | 40,03 Gb Free Space | 9,60% Space Free | Partition Type: NTFS

Computer Name: MRKEW | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.com [@ = comfile] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\xchat\xchat.exe" = C:\Program Files\xchat\xchat.exe:*:Enabled:XChat IRC Client -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{07BE4679-4318-4413-9701-B3D92354F11D}" = Heroes of Might and Magic V - Tribes of the East
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}" = Heroes of Might and Magic® IV
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{19BA95C2-4693-49E5-B454-0C232FFFC452}" = Hearts of Iron 3 - Demo
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.7
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1EE9BBA1-312F-4EC0-9DEA-A8FE22BBABAA}_is1" = 20Dollars2Surf 1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{24aab420-4e30-4496-9739-3e216f3de6ae}" = Python 2.6.2
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 26
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = The Battle for Middle-earth (tm) II
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2EF0D7ED-F944-4E0D-AC78-7DA00C0B81E4}_is1" = Penumbra Episode 1
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{361CEA4C-93D1-4C52-90A5-968C8EB83164}_is1" = King’s Bounty: The Legend Demo
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D54E30E-B4EE-4666-82E2-287802EC8382}" = Oracle VM VirtualBox 4.0.10
"{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Activision(R)
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{43136202-ACE3-4679-812E-692F6419A853}" = Icon7 iConfig for Gamers installation
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D530FA3-9B89-4186-98B7-F51000000100}" = Age of Empires Online
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63CEA2E4-4FE7-4F2C-B388-C1313D24157C}" = SPORE™ Galaktická dobrodružství
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{652CD1F7-23C6-462D-963C-60F92C3BF332}" = BB FlashBack Pro
"{66333C41-085E-4DA1-8273-E2BCA382D766}" = NET Installation Assistance for VB6 App (Runtime Only)
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABA8CC0-E3DE-4434-A7C7-180E153429B4}" = Unified Remote
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A62183-20AB-4333-ACA7-08BDAD9368A3}" = Fallout Tactics
"{7A2A107B-9695-423F-9462-8F17C178BD35}" = TP-LINK Wireless Client Utility
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}" = Far Cry (Patch 1.4)
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84A528D6-EB2F-49C5-9C08-36CE41A72357}" = BB FlashBack Standard
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89CB9F02-F392-45AD-B429-B9373E6B7BE0}" = Activision
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BCD7AE7-F713-4D50-BAB9-7839B9386870}" = ImageShack Uploader 2.2.0
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ECBE643-8230-11D5-9D6B-00A024112F81}" = VDMSound 2.0.4
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{952E960F-7241-499C-9A66-18C42C1C176C}_is1" = Heroes of Annihilated Empires
"{97AFD0D8-5720-4A59-BFDC-CB92A36FADF9}_is1" = Company of Heroes: Eastern Front 1.20
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C916142-C18C-429D-BFED-40094A7E0BEB}" = The Settlers 7 - Paths to a Kingdom
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1" = Convert AVI to MP4 1.3
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A89DEBCA-F743-3412-97F6-B2E489194551}" = Google Talk Plugin
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.5 - Czech
"{AE04B8FC-4CD9-4A94-BE8F-C2434470FB11}" = DiRT2 Demo
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{B931FB80-537A-4600-00AD-AC5DEDB6C25B}" = The Lord of the Rings, The Rise of the Witch-king
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI
"{BAB004F0-F04C-49DD-8118-AE4A7697C469}" = Quake 4(TM) Demo
"{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}" = SPORE™ Balíček strašidelných a roztomilých doplňků
"{C325F588-D6B1-4A7F-B6A2-914C75DDA348}" = Morrowind
"{C6E70A7A-2A2F-4E3E-B99A-C4B488314306}" = Prey Demo
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.26 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}" = Vegas Pro 9.0
"{DA338A9B-DE09-4039-9102-825EA28B3A07}" = Foxit PDF Editor
"{DB3C800B-081B-4146-B4E3-EFB5B77AA913}" = TES Construction Set
"{DF7B213D-2065-41ED-BB51-7A3EED31EA7B}" = Ultima Online: Mondain's Legacy
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE91E474-9298-47B8-817F-8E0042408998}" = Risen Hotfix 1.01
"{F081E2C6-2BA3-4867-91D8-CB7EB8782478}" = Icon7 iConfig for Gamers installation
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.4.2
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FE6BAD47-65BD-4C5F-BDF6-DCA408E0419A}" = Opera 11.11
"{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}" = Pinnacle VideoSpin
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"15b35190-c6f9-11d9-9669-0800200c9a66_is1" = Dungeons & Dragons Online ®: Eberron Unlimited ™ v01.12.00.803
"284D9B4A58796481EC5A61D01DCC5E654761629C" = ENE CIR Receiver Driver
"4578-0181-0549-1546" = Altitude
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Age of Conan_is1" = Age of Conan - Hyborian Adventures
"Akamai" = Akamai NetSession Interface
"All Video Converter_is1" = All Video Converter 3.3
"Any Video Converter Professional_is1" = Any Video Converter Professional 3.2.3
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Baldur's Gate" = Baldur's Gate
"Battle for Wesnoth 1.8.6" = Battle for Wesnoth 1.8.6
"Battle for Wesnoth 1.9.6" = Battle for Wesnoth 1.9.6
"BB FlashBack Pro" = BB FlashBack Pro
"BB FlashBack Standard" = BB FlashBack Standard
"BGCZ" = Baldur's Gate(TM) - Čeština
"Blitzkrieg" = Blitzkrieg Mod
"BSPlayerf" = BS.Player FREE
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.2.0.1313
"CamStudio" = CamStudio
"CCleaner" = CCleaner
"CoH_CoI_is1" = Cross of Iron 1.10.1
"Company of Heroes" = Company of Heroes
"Convert Doc_is1" = Convert Doc
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.54
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.17
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.0.2
"CrystalDiskMark_is1" = CrystalDiskMark 3.0.1b
"DA9E83E3434B0A377F6C3573D30A3E6E692E31F2" = Balíček ovladače systému Windows - Ralink Technology, Corp. (netr28) Net (02/09/2010 3.00.17.0000)
"DebugMode Wink" = DebugMode Wink
"Doom Shareware for Windows 95" = Doom Shareware for Windows 95
"Dračí oko" = Dračí oko
"Eastern Front" = Eastern Front
"EAX Unified" = EAX Unified
"Ęđŕé Ěčđŕ_is1" = Ęđŕé Ěčđŕ v. 0.341
"Endor Updater" = Endor Updater 1.3
"EPSON SX420W Series" = Odinstalace tiskárny EPSON SX420W Series
"Equilibris" = Heroes of Might And Magic IV: Equilibris
"Eurobattle.net1.26" = Eurobattle.net
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fantasy Grounds II" = Fantasy Grounds II
"Fantasy Grounds II Demo" = Fantasy Grounds II Demo
"FastCAD" = FastCAD
"FileZilla Client" = FileZilla Client 3.3.4
"FlatOut Ultimate Carnage" = FlatOut Ultimate Carnage
"Fraps" = Fraps (remove only)
"Gadwin PrintScreen" = Gadwin PrintScreen
"Gadwin PrintScreen Professional" = Gadwin PrintScreen Professional
"Game Booster_is1" = Game Booster
"Garena" = Garena 2010
"GFWL_{4D530FA3-9B89-4186-98B7-F51000000100}" = Age of Empires Online
"Google Desktop" = Google Desktop
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"HD Tach_is1" = HD Tach version 3
"HD Tune_is1" = HD Tune 2.55
"Heroes of Might and Magic" = Heroes of Might and Magic
"Heroes Studio_is1" = Heroes Studio 2011
"HLSW_is1" = HLSW v1.4.0.2
"Inkscape" = Inkscape 0.48.1
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}" = Heroes of Might and Magic® IV
"InstallShield_{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Singularity(TM)
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{78A62183-20AB-4333-ACA7-08BDAD9368A3}" = Fallout Tactics
"InstallShield_{89CB9F02-F392-45AD-B429-B9373E6B7BE0}" = Singularity(TM) 1.1 Patch
"InstallShield_{BAB004F0-F04C-49DD-8118-AE4A7697C469}" = Quake 4(TM) Demo
"InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"IrfanView" = IrfanView (remove only)
"IsoBuster_is1" = IsoBuster 2.8
"Java Adapter Expert Edition_is1" = Java Adapter Expert Edition
"Left 4 Dead" = Left 4 Dead
"lgomorrowindczechaio_is1" = Lightning Morrowind Czech All-In-One
"Mafia" = Mafia
"Mafia Game" = Mafia Game
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.1.1800
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"MightandMagicINES32" = DJ OldGames Package: Might and Magic I (NES)
"Miranda IM" = Miranda IM 0.9.23
"Mount&Blade Warband" = Mount&Blade Warband
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NirSoft BlueScreenView" = NirSoft BlueScreenView
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"OnLive" = OnLive
"OpenAL" = OpenAL
"OpenSSL Light (32-bit)_is1" = OpenSSL 1.0.0a Light (32-bit)
"OpenTTD" = OpenTTD 1.1.1
"Original War" = Original War
"Picasa 3" = Picasa 3
"Pidgin" = Pidgin
"PSPad editor_is1" = PSPad editor
"RESIDENT EVIL" = RESIDENT EVIL
"Software Informer_is1" = Software Informer 1.0 BETA
"Steam App 104300" = Dwarfs Demo
"Steam App 11020" = TrackMania Nations Forever
"Steam App 18700" = And Yet It Moves
"Steam App 24710" = Red Alert 3 Demo
"Steam App 26500" = Cogs
"Steam App 26900" = Crayon Physics Deluxe
"Steam App 41100" = Hammerfight
"Steam App 440" = Team Fortress 2
"Steam App 50280" = Mafia II - Demo
"Steam App 55040" = Atom Zombie Smasher
"Steam App 630" = Alien Swarm
"Steam App 63010" = HOARD - Demo
"Steam App 70300" = VVVVVV
"Steam App 96200" = Steel Storm: Burning Retribution
"Steam App 97010" = Solar 2 - Demo
"Steam App 99900" = Spiral Knights
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"SWAT 4 1.1" = SWAT 4 1.1
"TalkAndWrite_is1" = TalkAndWrite
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 6" = TeamViewer 6
"Throwback" = Throwback
"TIOnline" = TIOnline
"Totalcmd" = Total Commander (Remove or Repair)
"TreeSize Professional_is1" = TreeSize Professional V5.4.4
"Tunngle beta_is1" = Tunngle beta
"UDK-18887ba0-32c3-41c7-ad81-7ffcbeb990f8" = Unreal Development Kit: 2011-07
"UOAM" = UO Auto-Map
"uTorrent" = µTorrent
"Video Card Stability Test" = Video Card Stability Test
"VLC media player" = VLC media player 1.1.2
"Warcraft III" = Warcraft III
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinGTK-2_is1" = GTK+ 2.10.13 runtime environment
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"wxPython2.8-unicode-py26_is1" = wxPython 2.8.10.1 (unicode) for Python 2.6
"Xfire" = Xfire (remove only)
"xchat" = XChat 2 (remove only)
"X-Chat 2_is1" = X-Chat 2.8.6-2
"YouTube Downloader_is1" = YouTube Downloader 2.5
"ZDaemon" = ZDaemon (remove only)
"ZonerPhotoStudio13_EN_is1" = Zoner Photo Studio 13

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"dd222ae914837305" = CGen+
"Dexpot" = Dexpot
"GameRanger" = GameRanger
"Google Chrome" = Google Chrome
"Opera 11.50.1074" = Opera 11.50
"QIP 2010" = QIP 2010 10.4.23.3289
"Rise of the Witch King Unofficial Patch 2.02" = Rise of the Witch King Unofficial Patch 2.02
"ShockWave V0.95" = ShockWave V0.95
"tc10-DE_SEVENONE_MAIN" = Big Pizza Mountainbike Challenge 10 (DE)
"UnityWebPlayer" = Unity Web Player
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

mrkew2 · #6 Příspěvek od **mrkew2** » 27 srp 2011 09:49

OTL.txt

OTL logfile created on: 27.8.2011 9:31:45 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\PC\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 61,49% Memory free
5,99 Gb Paging File | 4,66 Gb Available in Paging File | 77,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,73 Gb Total Space | 7,35 Gb Free Space | 15,09% Space Free | Partition Type: NTFS
Drive D: | 416,93 Gb Total Space | 40,03 Gb Free Space | 9,60% Space Free | Partition Type: NTFS

Computer Name: MRKEW | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.08.27 09:30:33 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Desktop\OTL.exe
PRC - [2011.08.20 19:05:44 | 000,048,618 | ---- | M] (The Pidgin developer community) -- C:\Program Files\Pidgin\pidgin.exe
PRC - [2011.08.02 10:20:38 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Games\Steam\steam.exe
PRC - [2011.08.01 05:32:20 | 000,020,880 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011.07.16 06:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.06.30 21:25:17 | 000,947,056 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011.06.29 14:29:27 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.28 14:48:58 | 000,974,848 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
PRC - [2011.06.15 14:59:50 | 000,737,016 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files\Tunngle\TnglCtrl.exe
PRC - [2011.06.01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.05.21 08:01:00 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.05.03 11:18:01 | 000,487,424 | ---- | M] (Gadwin Systems, Inc) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
PRC - [2011.03.28 16:15:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.03.28 16:15:40 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.28 16:15:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.02.23 17:42:16 | 000,359,936 | ---- | M] () -- C:\Program Files\Icon7\iConfig for Gamers\Z300\hid300.exe
PRC - [2009.12.20 16:34:12 | 000,385,024 | ---- | M] () -- C:\Program Files\Icon7\iConfig for Gamers\Tray.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

========== Modules (No Company Name) ==========

MOD - [2011.08.20 19:05:44 | 000,325,180 | ---- | M] () -- C:\Program Files\Pidgin\libjabber.dll
MOD - [2011.08.20 19:05:44 | 000,288,309 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libmsn.dll
MOD - [2011.08.20 19:05:44 | 000,251,285 | ---- | M] () -- C:\Program Files\Pidgin\liboscar.dll
MOD - [2011.08.20 19:05:44 | 000,190,214 | ---- | M] () -- C:\Program Files\Pidgin\libymsg.dll
MOD - [2011.08.20 19:05:44 | 000,180,516 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libgg.dll
MOD - [2011.08.20 19:05:44 | 000,147,158 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libsilc.dll
MOD - [2011.08.20 19:05:44 | 000,119,368 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libmxit.dll
MOD - [2011.08.20 19:05:44 | 000,093,250 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libsametime.dll
MOD - [2011.08.20 19:05:44 | 000,087,918 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libnovell.dll
MOD - [2011.08.20 19:05:44 | 000,086,376 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libmyspace.dll
MOD - [2011.08.20 19:05:44 | 000,075,085 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libirc.dll
MOD - [2011.08.20 19:05:44 | 000,070,345 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libbonjour.dll
MOD - [2011.08.20 19:05:44 | 000,061,569 | ---- | M] () -- C:\Program Files\Pidgin\plugins\spellchk.dll
MOD - [2011.08.20 19:05:44 | 000,043,176 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libsimple.dll
MOD - [2011.08.20 19:05:44 | 000,038,873 | ---- | M] () -- C:\Program Files\Pidgin\plugins\log_reader.dll
MOD - [2011.08.20 19:05:44 | 000,033,896 | ---- | M] () -- C:\Program Files\Pidgin\plugins\xmppdisco.dll
MOD - [2011.08.20 19:05:44 | 000,029,185 | ---- | M] () -- C:\Program Files\Pidgin\plugins\xmppconsole.dll
MOD - [2011.08.20 19:05:44 | 000,023,339 | ---- | M] () -- C:\Program Files\Pidgin\plugins\themeedit.dll
MOD - [2011.08.20 19:05:44 | 000,022,446 | ---- | M] () -- C:\Program Files\Pidgin\plugins\ticker.dll
MOD - [2011.08.20 19:05:44 | 000,022,242 | ---- | M] () -- C:\Program Files\Pidgin\plugins\pidginrc.dll
MOD - [2011.08.20 19:05:44 | 000,021,753 | ---- | M] () -- C:\Program Files\Pidgin\plugins\win2ktrans.dll
MOD - [2011.08.20 19:05:44 | 000,021,709 | ---- | M] () -- C:\Program Files\Pidgin\plugins\winprefs.dll
MOD - [2011.08.20 19:05:44 | 000,021,699 | ---- | M] () -- C:\Program Files\Pidgin\plugins\notify.dll
MOD - [2011.08.20 19:05:44 | 000,018,706 | ---- | M] () -- C:\Program Files\Pidgin\plugins\ssl-nss.dll
MOD - [2011.08.20 19:05:44 | 000,017,910 | ---- | M] () -- C:\Program Files\Pidgin\plugins\convcolors.dll
MOD - [2011.08.20 19:05:44 | 000,016,371 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libxmpp.dll
MOD - [2011.08.20 19:05:44 | 000,016,330 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libyahoo.dll
MOD - [2011.08.20 19:05:44 | 000,016,291 | ---- | M] () -- C:\Program Files\Pidgin\plugins\timestamp_format.dll
MOD - [2011.08.20 19:05:44 | 000,014,269 | ---- | M] () -- C:\Program Files\Pidgin\plugins\markerline.dll
MOD - [2011.08.20 19:05:44 | 000,013,426 | ---- | M] () -- C:\Program Files\Pidgin\plugins\autoaccept.dll
MOD - [2011.08.20 19:05:44 | 000,013,291 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libyahoojp.dll
MOD - [2011.08.20 19:05:44 | 000,012,953 | ---- | M] () -- C:\Program Files\Pidgin\plugins\timestamp.dll
MOD - [2011.08.20 19:05:44 | 000,012,380 | ---- | M] () -- C:\Program Files\Pidgin\plugins\history.dll
MOD - [2011.08.20 19:05:44 | 000,011,517 | ---- | M] () -- C:\Program Files\Pidgin\plugins\idle.dll
MOD - [2011.08.20 19:05:44 | 000,011,029 | ---- | M] () -- C:\Program Files\Pidgin\plugins\joinpart.dll
MOD - [2011.08.20 19:05:44 | 000,010,521 | ---- | M] () -- C:\Program Files\Pidgin\plugins\offlinemsg.dll
MOD - [2011.08.20 19:05:44 | 000,010,015 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libicq.dll
MOD - [2011.08.20 19:05:44 | 000,009,712 | ---- | M] () -- C:\Program Files\Pidgin\plugins\extplacement.dll
MOD - [2011.08.20 19:05:44 | 000,009,476 | ---- | M] () -- C:\Program Files\Pidgin\plugins\statenotify.dll
MOD - [2011.08.20 19:05:44 | 000,009,084 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libaim.dll
MOD - [2011.08.20 19:05:44 | 000,009,055 | ---- | M] () -- C:\Program Files\Pidgin\plugins\sendbutton.dll
MOD - [2011.08.20 19:05:44 | 000,008,927 | ---- | M] () -- C:\Program Files\Pidgin\plugins\relnot.dll
MOD - [2011.08.20 19:05:44 | 000,008,878 | ---- | M] () -- C:\Program Files\Pidgin\plugins\psychic.dll
MOD - [2011.08.20 19:05:44 | 000,007,645 | ---- | M] () -- C:\Program Files\Pidgin\plugins\gtkbuddynote.dll
MOD - [2011.08.20 19:05:44 | 000,006,954 | ---- | M] () -- C:\Program Files\Pidgin\plugins\newline.dll
MOD - [2011.08.20 19:05:44 | 000,006,875 | ---- | M] () -- C:\Program Files\Pidgin\plugins\iconaway.dll
MOD - [2011.08.20 19:05:44 | 000,006,751 | ---- | M] () -- C:\Program Files\Pidgin\plugins\buddynote.dll
MOD - [2011.08.20 19:05:44 | 000,006,526 | ---- | M] () -- C:\Program Files\Pidgin\plugins\ssl.dll
MOD - [2011.08.20 19:05:42 | 002,719,062 | ---- | M] () -- C:\Program Files\Pidgin\libsilc-1-1-2.dll
MOD - [2011.08.20 19:05:42 | 001,206,642 | ---- | M] () -- C:\Program Files\Pidgin\libsilcclient-1-1-2.dll
MOD - [2011.08.20 19:05:42 | 000,582,656 | ---- | M] () -- C:\Program Files\Pidgin\exchndl.dll
MOD - [2011.08.20 19:05:42 | 000,475,580 | ---- | M] () -- C:\Program Files\Pidgin\spellcheck\libgtkspell-0.dll
MOD - [2011.08.20 19:05:42 | 000,417,501 | ---- | M] () -- C:\Program Files\Pidgin\sqlite3.dll
MOD - [2011.08.20 19:05:42 | 000,173,805 | ---- | M] () -- C:\Program Files\Pidgin\libmeanwhile-1.dll
MOD - [2011.08.20 19:05:40 | 001,213,633 | ---- | M] () -- C:\Program Files\Pidgin\libxml2-2.dll
MOD - [2011.08.13 12:28:51 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\42b7d97728eeae41b1b7f07e1dc8d95c\System.Management.ni.dll
MOD - [2011.08.13 12:17:32 | 000,770,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ed90bb3036f49542dec1542d2fb67bec\System.Runtime.Remoting.ni.dll
MOD - [2011.08.12 18:35:41 | 000,115,137 | ---- | M] () -- C:\Users\PC\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
MOD - [2011.08.12 17:00:25 | 001,781,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\691edfabba02ab7b44ade91f4366620b\System.Xaml.ni.dll
MOD - [2011.08.11 23:37:13 | 013,137,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\dc8ff5594ca3e3eae9ce18dac0d4c1a1\System.Windows.Forms.ni.dll
MOD - [2011.08.11 23:37:12 | 017,673,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\f8b91bff067ef11f1c6d91165b81a692\PresentationFramework.ni.dll
MOD - [2011.08.11 23:36:52 | 005,618,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\ab80df5a42b1510769e3f7439c0adfc5\System.Xml.ni.dll
MOD - [2011.08.11 23:36:50 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\10f3536f30a3e5ab8b917db400ed917e\PresentationFramework.Aero.ni.dll
MOD - [2011.08.11 23:36:48 | 011,106,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8813e0d9a4084ad3d8b70813654d66ff\PresentationCore.ni.dll
MOD - [2011.08.11 23:36:44 | 001,652,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\d6f6ff8ce6fca426c10ed4a3f065309c\System.Drawing.ni.dll
MOD - [2011.08.11 23:36:41 | 007,053,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\c884496e2103e6707e1e59b18e3010e0\System.Core.ni.dll
MOD - [2011.08.11 23:36:35 | 003,798,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\e6ffc3dd83c366e0ff1213e0a3aea2e9\WindowsBase.ni.dll
MOD - [2011.08.11 23:36:31 | 009,085,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\8adab33bcdf6adf3ec0e8f1ec8fa187b\System.ni.dll
MOD - [2011.08.11 23:33:59 | 014,408,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d4e8a005f4cdd6528f1c7295d833877f\mscorlib.ni.dll
MOD - [2011.08.02 13:44:00 | 014,401,832 | ---- | M] () -- D:\Games\Steam\bin\libcef.dll
MOD - [2011.08.02 13:43:50 | 000,190,248 | ---- | M] () -- D:\Games\Steam\bin\chromehtml.dll
MOD - [2011.08.02 13:43:50 | 000,091,432 | ---- | M] () -- D:\Games\Steam\bin\avutil-50.dll
MOD - [2011.08.02 13:43:49 | 000,155,432 | ---- | M] () -- D:\Games\Steam\bin\avformat-52.dll
MOD - [2011.08.02 13:43:47 | 000,914,216 | ---- | M] () -- D:\Games\Steam\bin\avcodec-52.dll
MOD - [2011.08.01 05:32:20 | 000,020,880 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011.07.25 17:59:03 | 000,219,305 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libpng14-14.dll
MOD - [2011.07.25 17:59:03 | 000,095,189 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libpangocairo-1.0-0.dll
MOD - [2011.07.25 17:59:03 | 000,090,496 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll
MOD - [2011.07.25 17:59:03 | 000,055,808 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\zlib1.dll
MOD - [2011.07.25 17:59:02 | 000,904,525 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libcairo-2.dll
MOD - [2011.07.25 17:59:02 | 000,535,264 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\freetype6.dll
MOD - [2011.07.25 17:59:02 | 000,482,872 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libgio-2.0-0.dll
MOD - [2011.07.25 17:59:02 | 000,279,059 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libfontconfig-1.dll
MOD - [2011.07.25 17:59:02 | 000,143,096 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libexpat-1.dll
MOD - [2011.04.19 12:39:46 | 000,315,392 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libtidy.dll
MOD - [2011.04.19 12:39:44 | 000,433,664 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libxml2.dll
MOD - [2010.08.12 23:22:58 | 000,094,208 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2010.03.26 23:14:36 | 000,102,400 | ---- | M] () -- C:\Program Files\Icon7\iConfig for Gamers\lan.dll
MOD - [2010.02.23 17:42:16 | 000,359,936 | ---- | M] () -- C:\Program Files\Icon7\iConfig for Gamers\Z300\hid300.exe
MOD - [2009.12.20 16:34:12 | 000,385,024 | ---- | M] () -- C:\Program Files\Icon7\iConfig for Gamers\Tray.exe
MOD - [2008.03.30 16:22:42 | 000,070,144 | ---- | M] () -- C:\Program Files\PSPad editor\PSPadShell.dll
MOD - [2008.02.11 18:06:40 | 000,438,272 | ---- | M] () -- C:\Program Files\JAM_EE\JAMShellExt.dll
MOD - [2003.06.08 00:15:16 | 000,286,720 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2003.05.15 14:43:24 | 000,119,808 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Win32 Services (SafeList) ==========

SRV - [2011.08.03 09:46:46 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_2da1ebd.dll -- (Akamai)
SRV - [2011.07.17 19:27:48 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.06.29 14:29:27 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.15 14:59:50 | 000,737,016 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2011.06.01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.03.28 16:15:40 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.10.21 10:39:14 | 000,148,848 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006.05.11 18:46:25 | 000,358,008 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\Windows\System32\psrem02.exe -- (psrem02) CD Guard Drivers Auto Removal (v2)

========== Driver Services (SafeList) ==========

DRV - [2011.07.06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011.06.29 14:29:27 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.29 14:29:27 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.06.24 15:46:36 | 000,154,416 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2011.06.24 15:46:36 | 000,113,456 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2011.06.24 15:46:36 | 000,101,680 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2011.06.24 15:46:36 | 000,033,072 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2011.05.21 08:01:00 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.05.10 11:41:28 | 000,139,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011.01.03 10:38:36 | 000,136,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.01.03 10:38:36 | 000,121,192 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011.01.03 10:38:36 | 000,114,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2011.01.03 10:38:36 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010.12.21 07:55:02 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010.11.09 14:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2010.07.30 21:00:50 | 000,004,096 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bbcap.sys -- (bbcap)
DRV - [2010.07.08 21:44:40 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.07.08 21:44:39 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.06.21 17:09:34 | 000,120,320 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\SSHDRV65.sys -- (SSHDRV65)
DRV - [2010.06.17 18:11:45 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.06.17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.03.30 23:38:26 | 000,020,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz133_x32.sys -- (cpuz133)
DRV - [2010.03.11 11:17:14 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2010.02.03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.01.20 13:30:54 | 000,012,800 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\I7Z300.sys -- (Z300Fltr)
DRV - [2010.01.20 13:30:54 | 000,012,800 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\I7Z300.sys -- (I7Z300Filter)
DRV - [2010.01.05 19:20:10 | 001,500,160 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2009.09.24 17:54:26 | 000,169,320 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2009.09.16 08:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV - [2009.09.14 14:29:36 | 000,049,400 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2009.08.05 12:55:08 | 000,061,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2009.08.04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2009.07.30 17:12:54 | 000,287,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009.07.28 20:01:26 | 000,069,480 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2009.07.24 11:31:58 | 000,021,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2009.07.14 18:56:28 | 000,116,064 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 02:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009.07.14 02:14:49 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:13:45 | 001,068,032 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.06.29 10:17:00 | 000,059,904 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.06.19 09:57:20 | 000,079,872 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2009.06.19 09:56:48 | 000,042,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2009.06.17 11:59:46 | 000,046,984 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2009.02.24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008.07.26 22:30:30 | 000,014,416 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Stopped] -- C:\Program Files\k10stat\k10stat\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2007.06.29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2006.11.03 10:24:01 | 000,061,312 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\pssync05.sys -- (pssync05) CD Guard Synchronization Driver (v5)
DRV - [2006.09.11 14:01:44 | 000,067,960 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\psdrv02.sys -- (psdrv02) CD Guard Environment Driver (v2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3491727313-2059114097-998879636-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 90 83 07 76 E9 3A CB 01 [binary data]
IE - HKU\S-1-5-21-3491727313-2059114097-998879636-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files\OnLive\Plugin\npolgdet.dll (OnLive)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\PC\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\PC\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\PC\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\PC\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.25 14:09:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.16 00:03:30 | 000,000,000 | ---D | M]

[2011.04.01 13:05:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions
[2011.05.21 10:17:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\gle2vz0z.default\extensions
[2011.05.21 10:17:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\gle2vz0z.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2011.05.06 15:38:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\kyoa53qf.default\extensions
[2011.08.21 19:34:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.08.21 19:34:10 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.08.21 19:34:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.05.21 10:16:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.05.27 19:17:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011.07.31 11:55:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2010.01.01 10:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.01 10:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.01 10:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 10:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.08.27 16:21:12 | 000,001,057 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 gatorservice.ubi.comb
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [iConfigg300] C:\Program Files\Icon7\iConfig for Gamers\z300\hid300.exe ()
O4 - HKU\S-1-5-21-3491727313-2059114097-998879636-1000..\Run: [EPSON39A7C4 (Epson Stylus SX420W)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-3491727313-2059114097-998879636-1000..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc)
O4 - HKU\S-1-5-21-3491727313-2059114097-998879636-1000..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-3491727313-2059114097-998879636-1000..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-3491727313-2059114097-998879636-1000..\Run: [Pidgin] C:\Program Files\Pidgin\pidgin.exe (The Pidgin developer community)
O4 - HKU\S-1-5-21-3491727313-2059114097-998879636-1000..\Run: [Steam] D:\Games\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3491727313-2059114097-998879636-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3491727313-2059114097-998879636-1000\..Trusted Domains: localhost ([]http in Místní intranet)
O15 - HKU\S-1-5-21-3491727313-2059114097-998879636-1000\..Trusted Ranges: GD ([http] in Místní intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.200.48.12 81.200.48.11
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GO36F4~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4225bcdb-7a2b-11df-b44e-aab93e765bac}\Shell - "" = AutoRun
O33 - MountPoints2\{4225bcdb-7a2b-11df-b44e-aab93e765bac}\Shell\AutoRun\command - "" = E:\Launcher.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-3491727313-2059114097-998879636-1000\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKU\S-1-5-21-3491727313-2059114097-998879636-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.mjpg - C:\Windows\System32\pvmjpg30.dll (Pegasus Imaging Corporation)
Drivers32: VIDC.XFR1 - C:\Windows\System32\xfcodec.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011.08.27 09:30:33 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\PC\Desktop\OTL.exe
[2011.08.26 17:24:05 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.08.26 17:24:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.08.26 17:23:54 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.08.24 11:10:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011.08.23 20:58:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Penumbra
[2011.08.23 20:54:56 | 000,000,000 | ---D | C] -- C:\Program Files\Penumbra
[2011.08.23 19:06:25 | 000,000,000 | ---D | C] -- C:\Downloads
[2011.08.23 19:05:57 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\iDownloader
[2011.08.23 19:05:49 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\os
[2011.08.23 19:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\iDownloader Limited
[2011.08.23 19:05:37 | 000,000,000 | ---D | C] -- C:\Program Files\iDownloader
[2011.08.23 19:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Web Installer
[2011.08.23 13:30:01 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\Penumbra
[2011.08.22 21:14:55 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\Penumbra Overture
[2011.08.22 15:28:45 | 001,500,160 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athur.sys
[2011.08.22 15:28:34 | 001,500,160 | R--- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athur.sys
[2011.08.22 13:27:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Funcom
[2011.08.21 19:32:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.08.20 14:33:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes Studio
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.08.27 09:35:02 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.08.27 09:32:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3491727313-2059114097-998879636-1000UA.job
[2011.08.27 09:30:33 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Desktop\OTL.exe
[2011.08.27 09:30:26 | 000,000,919 | ---- | M] () -- C:\Program Files\Program Files – zástupce.lnk
[2011.08.27 09:23:10 | 000,459,264 | ---- | M] () -- C:\Users\PC\Desktop\CKScanner.exe
[2011.08.27 09:21:03 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.27 09:20:35 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.27 09:15:21 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.27 09:15:21 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.27 09:10:09 | 000,000,031 | ---- | M] () -- C:\Windows\System32\bbcap.err
[2011.08.27 09:10:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.27 09:10:02 | 2412,851,200 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.26 23:28:31 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat
[2011.08.26 22:45:40 | 000,051,078 | ---- | M] () -- C:\Users\PC\AppData\Roaming\room_v3.dat
[2011.08.26 17:26:05 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.08.26 15:18:57 | 000,781,383 | ---- | M] () -- C:\Users\PC\Desktop\RSIT.exe
[2011.08.26 15:15:46 | 000,000,847 | ---- | M] () -- C:\Users\PC\.recently-used.xbel
[2011.08.26 14:11:31 | 000,032,934 | ---- | M] () -- C:\Users\PC\Desktop\Vorkuta.FCW
[2011.08.26 11:32:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3491727313-2059114097-998879636-1000Core.job
[2011.08.25 16:11:20 | 000,724,254 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2011.08.25 16:11:20 | 000,675,878 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.08.25 16:11:20 | 000,661,714 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.08.25 16:11:20 | 000,154,858 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2011.08.25 16:11:20 | 000,145,780 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.08.25 16:11:20 | 000,125,800 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.08.25 16:04:31 | 001,689,915 | ---- | M] () -- C:\Users\PC\Desktop\MarketMilitiaMineCraftFullVersion.apk
[2011.08.25 11:54:22 | 000,001,986 | -H-- | M] () -- C:\Users\PC\Documents\Default.rdp
[2011.08.24 11:06:02 | 000,000,044 | ---- | M] () -- C:\Users\Public\Documents\idlut.iso
[2011.08.23 20:58:01 | 000,002,130 | ---- | M] () -- C:\Users\PC\Desktop\Penumbra Overture Ep1.lnk
[2011.08.23 12:53:36 | 000,001,494 | ---- | M] () -- C:\Users\PC\Desktop\K10STAT.exe – zástupce.lnk
[2011.08.22 15:26:07 | 000,000,628 | ---- | M] () -- C:\Users\PC\Documents\cc_20110822_152605.reg
[2011.08.22 15:25:46 | 000,020,146 | ---- | M] () -- C:\Users\PC\Documents\cc_20110822_152543.reg
[2011.08.22 13:40:57 | 000,000,010 | RHS- | M] () -- C:\config.sys
[2011.08.20 14:34:09 | 000,001,972 | ---- | M] () -- C:\Users\PC\Desktop\Heroes Studio.lnk
[2011.08.20 14:33:53 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.08.27 09:35:02 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.08.27 09:30:26 | 000,000,919 | ---- | C] () -- C:\Program Files\Program Files – zástupce.lnk
[2011.08.27 09:23:10 | 000,459,264 | ---- | C] () -- C:\Users\PC\Desktop\CKScanner.exe
[2011.08.26 17:26:05 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.08.26 15:18:57 | 000,781,383 | ---- | C] () -- C:\Users\PC\Desktop\RSIT.exe
[2011.08.26 15:15:46 | 000,000,847 | ---- | C] () -- C:\Users\PC\.recently-used.xbel
[2011.08.26 14:11:29 | 000,032,934 | ---- | C] () -- C:\Users\PC\Desktop\Vorkuta.FCW
[2011.08.25 16:04:31 | 001,689,915 | ---- | C] () -- C:\Users\PC\Desktop\MarketMilitiaMineCraftFullVersion.apk
[2011.08.23 20:58:01 | 000,002,130 | ---- | C] () -- C:\Users\PC\Desktop\Penumbra Overture Ep1.lnk
[2011.08.23 19:52:05 | 000,000,949 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk
[2011.08.23 19:05:50 | 000,000,044 | ---- | C] () -- C:\Users\Public\Documents\idlut.iso
[2011.08.23 12:53:36 | 000,001,494 | ---- | C] () -- C:\Users\PC\Desktop\K10STAT.exe – zástupce.lnk
[2011.08.22 15:28:37 | 000,017,577 | R--- | C] () -- C:\Windows\System32\netathur.inf
[2011.08.22 15:28:37 | 000,007,480 | ---- | C] () -- C:\Windows\System32\athurext.cat
[2011.08.22 15:26:06 | 000,000,628 | ---- | C] () -- C:\Users\PC\Documents\cc_20110822_152605.reg
[2011.08.22 15:25:45 | 000,020,146 | ---- | C] () -- C:\Users\PC\Documents\cc_20110822_152543.reg
[2011.08.20 14:33:52 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.08.20 14:33:50 | 000,001,972 | ---- | C] () -- C:\Users\PC\Desktop\Heroes Studio.lnk
[2011.08.19 11:18:47 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011.07.30 19:17:33 | 000,068,748 | ---- | C] () -- C:\Windows\War3Unin.dat
[2011.07.28 11:31:38 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011.07.03 11:44:23 | 000,000,079 | ---- | C] () -- C:\Users\PC\AppData\Local\CrystalDiskMark30.ini
[2011.07.03 11:28:57 | 000,000,000 | ---- | C] () -- C:\Windows\bench32.INI
[2011.06.27 19:21:10 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011.06.24 20:51:18 | 000,036,352 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2011.06.17 17:39:39 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2011.06.16 23:00:44 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2011.06.16 18:34:35 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011.05.26 21:07:38 | 000,051,078 | ---- | C] () -- C:\Users\PC\AppData\Roaming\room_v3.dat
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.03.27 10:12:47 | 000,114,706 | ---- | C] () -- C:\Program Files\k10stat.rar
[2011.03.02 23:57:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.03.02 23:57:40 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.03.02 23:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.03.02 23:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.03.02 23:57:40 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.02.12 17:02:57 | 000,000,600 | ---- | C] () -- C:\Users\PC\AppData\Roaming\winscp.rnd
[2010.12.18 17:03:19 | 000,006,911 | ---- | C] () -- C:\Users\PC\AppData\Roaming\.freeciv-client-rc-2.2
[2010.11.30 20:02:32 | 000,007,597 | ---- | C] () -- C:\Users\PC\AppData\Local\resmon.resmoncfg
[2010.10.16 11:57:39 | 000,000,090 | ---- | C] () -- C:\Users\PC\AppData\Local\fusioncache.dat
[2010.08.23 19:14:14 | 000,336,704 | ---- | C] () -- C:\Windows\System32\perfi019.dat
[2010.08.23 19:14:11 | 000,724,254 | ---- | C] () -- C:\Windows\System32\perfh019.dat
[2010.08.23 19:14:11 | 000,154,858 | ---- | C] () -- C:\Windows\System32\perfc019.dat
[2010.08.23 19:14:11 | 000,039,446 | ---- | C] () -- C:\Windows\System32\perfd019.dat
[2010.08.21 22:18:04 | 000,003,584 | ---- | C] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.07 21:45:21 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010.08.07 09:56:22 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2010.07.22 20:54:18 | 000,000,643 | ---- | C] () -- C:\Windows\level.ini
[2010.07.16 21:04:22 | 000,000,248 | ---- | C] () -- C:\Windows\System32\secustat.dat
[2010.07.16 20:58:48 | 000,000,305 | ---- | C] () -- C:\Windows\System32\secushr.dat
[2010.07.16 20:58:27 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010.07.08 21:44:40 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.07.08 21:44:39 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.06.24 20:55:26 | 000,000,024 | ---- | C] () -- C:\Windows\SW_Win3112X32.DLL
[2010.06.24 20:54:36 | 001,802,240 | ---- | C] () -- C:\Windows\System32\beconvlib.dll
[2010.06.24 20:54:36 | 000,282,624 | ---- | C] () -- C:\Windows\System32\bprgcomm.dll
[2010.06.24 20:54:36 | 000,131,072 | ---- | C] () -- C:\Windows\System32\CSVSpecialProcessing.dll
[2010.06.24 20:54:35 | 000,221,184 | ---- | C] () -- C:\Windows\System32\SII_PDF.dll
[2010.06.24 20:54:35 | 000,102,400 | ---- | C] () -- C:\Windows\System32\SARzilla.dll
[2010.06.24 20:54:35 | 000,098,304 | ---- | C] () -- C:\Windows\System32\DVM.dll
[2010.06.24 20:54:35 | 000,053,248 | ---- | C] () -- C:\Windows\System32\RegisterExe.exe
[2010.06.24 20:54:35 | 000,000,530 | ---- | C] () -- C:\Windows\System32\tx151ic.ini
[2010.06.24 15:39:46 | 000,081,920 | ---- | C] () -- C:\Windows\System32\emfxp.dll
[2010.06.24 15:39:46 | 000,059,904 | ---- | C] () -- C:\Windows\System32\unpdf.exe
[2010.06.21 17:50:14 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.06.21 17:09:34 | 000,120,320 | ---- | C] () -- C:\Windows\System32\drivers\SSHDRV65.sys
[2010.06.17 20:41:39 | 000,000,979 | ---- | C] () -- C:\Windows\eReg.dat
[2010.06.17 18:19:28 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010.06.17 18:19:28 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010.06.17 18:19:27 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010.06.16 19:50:08 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.06.15 15:45:16 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.06.15 14:02:26 | 000,006,136 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010.06.15 14:01:45 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2009.07.27 11:48:41 | 000,675,878 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.07.27 11:48:41 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.07.27 11:48:41 | 000,145,780 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.07.27 11:48:41 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 000,309,656 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,661,714 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,125,800 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 02:55:09 | 000,587,776 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2009.07.14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.14 01:36:08 | 000,193,024 | ---- | C] () -- C:\Windows\System32\sppcomapi.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2007.01.26 01:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll
[2007.01.26 01:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll
[2002.08.29 19:33:56 | 000,319,488 | R--- | C] () -- C:\Windows\System32\MafiaSetup.exe
[2002.08.29 19:33:56 | 000,319,488 | R--- | C] () -- C:\Users\PC\AppData\Roaming\MafiaSetup.exe

========== LOP Check ==========

[2010.12.19 10:29:38 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\.freeciv
[2011.08.01 23:48:23 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\.minecraft
[2011.08.27 09:36:58 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\.purple
[2011.05.21 10:15:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\AIMP
[2011.02.08 19:41:59 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Altap
[2011.06.04 22:04:01 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\AnvSoft
[2011.08.06 17:37:39 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\AtomZombieData
[2011.07.06 11:13:28 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Audacity
[2011.04.10 19:16:33 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\avidemux
[2011.03.17 00:07:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\BatteryBar
[2011.08.23 17:09:00 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Bioshock
[2010.08.13 11:39:10 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\BITS
[2010.10.03 11:21:35 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Blender Foundation
[2010.07.31 14:24:36 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Blueberry
[2011.07.28 11:31:39 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Broken Rules
[2010.07.17 07:12:41 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\BSplayer
[2010.06.15 16:02:12 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\BSplayer Pro
[2011.02.01 19:10:39 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Canneverbe Limited
[2010.12.31 19:26:03 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\CheckPoint
[2011.07.28 12:03:25 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Crayon Physics Deluxe
[2011.03.16 17:44:47 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\DAEMON Tools
[2010.06.17 18:19:24 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
[2011.03.04 22:48:44 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\DAEMON Tools Pro
[2010.12.21 19:52:07 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Darkfall
[2011.02.16 21:05:58 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Design Science
[2011.05.21 10:15:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Dev-Cpp
[2011.07.26 17:15:32 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Dexpot
[2011.04.18 16:17:01 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Dropbox
[2011.05.09 15:57:08 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Dwarfs
[2010.11.29 16:50:41 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\enchant
[2011.05.21 10:15:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Epson
[2010.06.15 17:56:14 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\ESET
[2010.08.24 21:33:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Fantasy Grounds II
[2011.08.16 20:54:37 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FileZilla
[2010.07.16 20:58:22 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FlashGet
[2010.07.16 20:58:15 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FlashGetBHO
[2011.01.31 22:02:41 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Foxit Software
[2011.05.21 10:50:29 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FreeStone Group
[2010.10.27 12:27:33 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Gajim
[2011.06.06 15:50:36 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GameRanger
[2011.05.21 10:17:17 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GHISLER
[2011.08.26 14:11:04 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\gtk-2.0
[2011.08.12 16:45:13 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\HLSW
[2011.05.21 10:17:17 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Icon7
[2011.05.27 20:54:44 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\inkscape
[2011.05.21 10:00:11 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\IObit
[2011.05.21 10:17:17 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\IrfanView
[2011.05.21 10:15:19 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\jabbim
[2011.03.19 19:18:21 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\JAM Software
[2011.03.16 21:30:08 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Kalypso Media
[2011.02.05 18:27:57 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\kLoOge
[2011.07.28 10:59:29 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Lazy 8 Studios
[2010.12.18 16:22:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\LEGO Company
[2010.07.30 21:01:10 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\LogSys
[2010.12.22 18:47:09 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\LolClient
[2011.05.14 22:00:42 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Miranda
[2011.01.10 17:14:31 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\mkvtoolnix
[2010.08.30 17:33:50 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Mount&Blade Warband
[2010.08.21 18:48:34 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\My Battle for Middle-earth(tm) II - RC Mod Files
[2010.08.20 18:00:13 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2011.08.19 16:21:33 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
[2010.09.10 20:31:08 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Need for Speed World
[2011.03.16 23:32:13 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Notebook Hardware Control
[2011.01.01 20:15:55 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OnLive App
[2010.06.16 19:14:15 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenOffice.org
[2011.05.21 10:00:13 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Opera
[2011.03.24 22:08:10 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\PC Suite
[2010.08.21 20:02:54 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\PChat
[2011.08.19 10:52:32 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\PDF Writer
[2011.06.09 22:30:49 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Publish Providers
[2011.06.17 18:22:00 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Red Alert 3
[2010.06.28 13:42:19 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Red Alert 3 Demo
[2011.05.30 18:23:18 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Samsung
[2011.05.21 10:17:19 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Software Informer
[2011.06.19 12:09:49 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Sony
[2010.06.24 16:52:41 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\SPORE
[2011.02.27 11:49:51 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\STV Software
[2011.02.26 14:39:41 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TeamViewer
[2011.05.21 10:17:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Teeworlds
[2010.11.08 16:06:51 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Toshiba
[2011.01.23 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Trillian
[2011.08.22 15:30:06 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TS3Client
[2011.06.29 17:41:27 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\ts3overlay
[2011.06.18 00:11:03 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Tunngle
[2010.10.16 12:06:38 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Turbine
[2011.06.11 21:56:13 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Unified Remote
[2011.08.07 12:57:00 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Unity
[2011.08.26 15:15:53 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\uTorrent
[2010.06.20 12:59:54 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\VitySoft
[2011.05.12 19:45:12 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\wargaming.net
[2011.05.21 10:15:15 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\WebSurf.ru
[2011.08.15 18:04:47 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\X-Chat 2
[2011.06.16 18:24:51 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Zoner
[2011.07.30 16:07:33 | 000,032,526 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

Pokračovaní

mrkew2 · #7 Příspěvek od **mrkew2** » 27 srp 2011 09:52

Pokračovaní

========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\System32\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTORV.SYS >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2011.03.11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011.03.11 07:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011.03.11 07:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\System32\drivers\nvraid.sys
[2011.03.11 07:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_38e464dbe521cc7f\nvraid.sys
[2011.03.11 07:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011.03.11 07:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys

< MD5 for: NVRD32.SYS >
[2009.08.04 17:44:12 | 000,139,296 | ---- | M] (NVIDIA Corporation) MD5=6F922993C8AA8BF555B0A8428AAB5731 -- C:\Drivers\chipset_cs_mcp77_15.5_w732\IDE\Win7\sataraid\nvrd32.sys
[2009.08.04 17:44:12 | 000,139,296 | ---- | M] (NVIDIA Corporation) MD5=6F922993C8AA8BF555B0A8428AAB5731 -- C:\Drivers\chipset_cs_mcp77_15.5_w732\IDE\WinVista\sataraid\nvrd32.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: NVSTOR32.SYS >
[2009.08.04 17:44:14 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=269DE658DEAF032564E8B6430B5BD170 -- C:\Drivers\chipset_cs_mcp77_15.5_w732\IDE\Win7\sataraid\nvstor32.sys
[2009.08.04 17:44:14 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=269DE658DEAF032564E8B6430B5BD170 -- C:\Drivers\chipset_cs_mcp77_15.5_w732\IDE\WinVista\sataraid\nvstor32.sys
[2009.08.04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\Drivers\chipset_cs_mcp77_15.5_w732\IDE\Win7\sata_ide\nvstor32.sys
[2009.08.04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\Drivers\chipset_cs_mcp77_15.5_w732\IDE\WinVista\sata_ide\nvstor32.sys
[2009.08.04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\Windows\System32\drivers\nvstor32.sys
[2009.08.04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_40ee9c3d357e7b66\nvstor32.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011.06.21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 08:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\System32\drivers\tcpip.sys
[2011.06.21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\System32\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[26 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\122c08a963fbdcba346ad4fbad854720\*.tmp files -> C:\Windows\SoftwareDistribution\Download\122c08a963fbdcba346ad4fbad854720\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6b3c3400cd81b193adcc8650b6281372\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6b3c3400cd81b193adcc8650b6281372\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\978bcacd350d00a69b0abda6244bc752\*.tmp files -> C:\Windows\SoftwareDistribution\Download\978bcacd350d00a69b0abda6244bc752\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c45e8cd7d41298f44f460842a9347c70\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c45e8cd7d41298f44f460842a9347c70\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d571da08d60590eb2b556d12196c4892\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d571da08d60590eb2b556d12196c4892\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d5dc3f7818c29f4b1897b622a6abfe46\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d5dc3f7818c29f4b1897b622a6abfe46\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d9ad0644b362e8208605baad436c65c0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d9ad0644b362e8208605baad436c65c0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ec8d11d386d14a79b3cb73319fa32977\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ec8d11d386d14a79b3cb73319fa32977\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.12.19 10:29:38 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\.freeciv
[2011.08.01 23:48:23 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\.minecraft
[2011.08.27 09:53:10 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\.purple
[2010.07.31 13:21:48 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Adobe
[2011.05.21 10:15:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\AIMP
[2011.02.08 19:41:59 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Altap
[2011.06.04 22:04:01 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\AnvSoft
[2011.08.06 17:37:39 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\AtomZombieData
[2011.07.06 11:13:28 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Audacity
[2011.04.10 19:16:33 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\avidemux
[2011.06.12 21:09:41 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Avira
[2011.04.10 19:29:06 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\AVS4YOU
[2011.03.17 00:07:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\BatteryBar
[2011.08.23 17:09:00 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Bioshock
[2010.08.13 11:39:10 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\BITS
[2010.10.03 11:21:35 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Blender Foundation
[2010.07.31 14:24:36 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Blueberry
[2011.07.28 11:31:39 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Broken Rules
[2010.07.17 07:12:41 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\BSplayer
[2010.06.15 16:02:12 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\BSplayer Pro
[2011.02.01 19:10:39 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Canneverbe Limited
[2010.12.31 19:26:03 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\CheckPoint
[2011.07.28 12:03:25 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Crayon Physics Deluxe
[2011.03.16 17:44:47 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\DAEMON Tools
[2010.06.17 18:19:24 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
[2011.03.04 22:48:44 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\DAEMON Tools Pro
[2010.12.21 19:52:07 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Darkfall
[2011.02.16 21:05:58 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Design Science
[2011.05.21 10:15:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Dev-Cpp
[2011.07.26 17:15:32 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Dexpot
[2010.09.26 22:11:02 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Digsby
[2011.04.18 16:17:01 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Dropbox
[2011.05.09 15:57:08 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Dwarfs
[2010.11.29 16:50:41 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\enchant
[2011.05.21 10:15:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Epson
[2010.06.15 17:56:14 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\ESET
[2010.08.24 21:33:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Fantasy Grounds II
[2011.08.16 20:54:37 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FileZilla
[2010.07.16 20:58:22 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FlashGet
[2010.07.16 20:58:15 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FlashGetBHO
[2011.01.31 22:02:41 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Foxit Software
[2011.05.21 10:50:29 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FreeStone Group
[2010.10.27 12:27:33 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Gajim
[2011.06.06 15:50:36 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GameRanger
[2011.05.21 10:17:17 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GHISLER
[2011.08.26 14:11:04 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\gtk-2.0
[2011.08.12 16:45:13 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\HLSW
[2011.05.21 10:17:17 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Icon7
[2010.06.15 13:44:38 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Identities
[2011.05.27 20:54:44 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\inkscape
[2010.11.18 20:51:18 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\InstallShield
[2011.05.21 10:00:11 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\IObit
[2011.05.21 10:17:17 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\IrfanView
[2011.05.21 10:15:19 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\jabbim
[2011.03.19 19:18:21 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\JAM Software
[2011.03.16 21:30:08 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Kalypso Media
[2011.02.05 18:27:57 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\kLoOge
[2011.07.28 10:59:29 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Lazy 8 Studios
[2010.12.18 16:22:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\LEGO Company
[2010.07.30 21:01:10 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\LogSys
[2010.12.22 18:47:09 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\LolClient
[2010.06.15 15:59:19 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Macromedia
[2011.05.14 22:04:50 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Malwarebytes
[2009.07.14 09:48:45 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Media Center Programs
[2011.07.02 16:51:47 | 000,000,000 | --SD | M] -- C:\Users\PC\AppData\Roaming\Microsoft
[2011.02.16 20:16:08 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\MiKTeX
[2011.05.14 22:00:42 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Miranda
[2011.05.21 10:15:16 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\mIRC
[2011.01.10 17:14:31 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\mkvtoolnix
[2010.08.30 17:33:50 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Mount&Blade Warband
[2011.08.10 23:21:07 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Mozilla
[2010.08.21 18:48:34 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\My Battle for Middle-earth(tm) II - RC Mod Files
[2010.08.20 18:00:13 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2011.08.19 16:21:33 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
[2010.09.10 20:31:08 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Need for Speed World
[2011.03.16 23:32:13 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Notebook Hardware Control
[2010.06.18 22:14:07 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\NVIDIA
[2011.01.01 20:15:55 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OnLive App
[2010.06.16 19:14:15 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenOffice.org
[2011.05.21 10:00:13 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Opera
[2011.03.24 22:08:10 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\PC Suite
[2010.08.21 20:02:54 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\PChat
[2011.08.19 10:52:32 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\PDF Writer
[2011.05.21 10:17:19 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\PSpad
[2011.06.09 22:30:49 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Publish Providers
[2011.05.19 14:24:38 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Real
[2011.06.17 18:22:00 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Red Alert 3
[2010.06.28 13:42:19 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Red Alert 3 Demo
[2011.05.30 18:23:18 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Samsung
[2010.06.18 21:10:20 | 000,000,000 | RH-D | M] -- C:\Users\PC\AppData\Roaming\SecuROM
[2011.08.27 09:20:21 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Skype
[2011.06.19 11:24:44 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\skypePM
[2011.05.21 10:17:19 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Software Informer
[2011.06.19 12:09:49 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Sony
[2010.06.24 16:52:41 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\SPORE
[2011.02.27 11:49:51 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\STV Software
[2011.05.21 10:15:15 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\teamspeak2
[2011.02.26 14:39:41 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TeamViewer
[2011.05.21 10:17:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Teeworlds
[2010.11.08 16:06:51 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Toshiba
[2011.01.23 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Trillian
[2011.08.22 15:30:06 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TS3Client
[2011.06.29 17:41:27 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\ts3overlay
[2011.06.18 00:11:03 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Tunngle
[2010.10.16 12:06:38 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Turbine
[2011.06.11 21:56:13 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Unified Remote
[2011.08.07 12:57:00 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Unity
[2011.08.26 15:15:53 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\uTorrent
[2010.06.20 12:59:54 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\VitySoft
[2011.07.02 15:25:11 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\vlc
[2011.05.12 19:45:12 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\wargaming.net
[2011.05.21 10:15:15 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\WebSurf.ru
[2011.08.15 18:04:47 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\X-Chat 2
[2011.07.02 16:20:03 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Xfire
[2011.06.16 18:24:51 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2002.08.29 19:33:56 | 000,319,488 | R--- | M] () -- C:\Users\PC\AppData\Roaming\MafiaSetup.exe
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\PC\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\PC\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\PC\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Users\PC\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2009.11.14 19:11:36 | 000,113,152 | ---- | M] () -- C:\Users\PC\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2009.11.14 19:33:40 | 000,357,888 | ---- | M] () -- C:\Users\PC\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2009.11.14 19:11:36 | 000,136,704 | ---- | M] () -- C:\Users\PC\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.02.23 16:00:42 | 000,042,288 | ---- | M] () -- C:\Users\PC\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2011.06.24 18:46:03 | 001,449,696 | ---- | M] (GameRanger Technologies) -- C:\Users\PC\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
[2011.07.02 18:03:50 | 000,010,134 | R--- | M] () -- C:\Users\PC\AppData\Roaming\Microsoft\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe
[2010.08.05 18:26:13 | 000,583,168 | ---- | M] () -- C:\Users\PC\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\uno_packages\9FEC.tmp_\sun-pdfimport.oxt\xpdfimport.exe
[2011.05.30 18:27:14 | 003,154,792 | ---- | M] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\NDP40-KB2461678-x86.exe
[2011.04.14 19:57:00 | 000,075,688 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\DriverChecker.exe
[2011.06.24 08:54:30 | 000,941,968 | ---- | M] (Samsung) -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\Kies.exe
[2011.06.24 08:54:38 | 000,278,928 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesDriverInstaller.exe
[2011.04.27 09:14:54 | 000,034,816 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesMobileDeviceService.exe
[2011.06.24 08:54:36 | 003,373,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesTrayAgent.exe
[2011.04.14 19:57:08 | 000,208,280 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\lame.exe
[2011.04.14 19:57:12 | 000,195,992 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\oggenc.exe
[2011.06.07 04:14:06 | 000,140,800 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\ConnectionManager.exe
[2011.06.07 04:14:04 | 000,284,160 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceDataService.exe
[2011.06.09 11:45:38 | 000,660,992 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceManager.exe
[2011.04.14 19:57:24 | 000,026,536 | ---- | M] (Teruten Inc) -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\FsExService64.exe
[2011.04.14 19:57:28 | 000,223,144 | ---- | M] (Teruten) -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\FsUsbExService.exe
[2011.04.14 19:57:32 | 000,143,272 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\FUSBCommander.exe
[2011.04.27 07:19:58 | 000,107,008 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\HSPConnection.exe
[2011.06.24 08:54:40 | 000,067,472 | ---- | M] (Samsung) -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\Kies_Tutorial.exe
[2011.06.07 04:13:54 | 000,100,352 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentInstaller.exe
[2011.06.07 04:13:54 | 000,095,232 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentUpdate.exe
[2011.06.24 08:54:44 | 000,131,984 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2011.06.24 08:54:46 | 000,020,880 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\KiesPDLR.exe
[2011.06.24 08:54:48 | 004,661,464 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\MediaModules\MyFreeCodecPack.exe
[2011.04.14 19:57:44 | 000,227,224 | ---- | M] (ENJsoft corp.) -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\TransModules\SelfMV.exe
[2011.04.14 19:57:48 | 000,067,480 | ---- | M] (ENJsoft corp.) -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\TransModules\SelfMV2.exe
[2011.04.14 19:57:50 | 000,079,768 | ---- | M] (ENJsoft corp.) -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\TransModules\TG_CAM.exe
[2011.06.20 03:33:24 | 020,677,600 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2011.06.24 08:54:50 | 000,358,800 | ---- | M] (ml) -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\temp\Kies.Update.exe
[2011.08.01 05:32:24 | 000,362,384 | ---- | M] (ml) -- C:\Users\PC\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 03:16:15 | 000,193,024 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\sppcomapi.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.06.17 18:11:45 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 03:16:15 | 000,193,024 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\sppcomapi.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.08.27 09:15:21 | 000,014,192 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.27 09:15:21 | 000,014,192 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.26 23:28:31 | 000,000,000 | ---- | M] () -- C:\Windows\system32\Access.dat
[2011.08.27 09:10:09 | 000,000,031 | ---- | M] () -- C:\Windows\system32\bbcap.err
[2011.08.25 16:11:20 | 000,145,780 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2011.08.25 16:11:20 | 000,125,800 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011.08.25 16:11:20 | 000,154,858 | ---- | M] () -- C:\Windows\system32\perfc019.dat
[2011.08.25 16:11:20 | 000,675,878 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2011.08.25 16:11:20 | 000,661,714 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011.08.25 16:11:20 | 000,724,254 | ---- | M] () -- C:\Windows\system32\perfh019.dat
[2011.08.25 16:11:20 | 002,485,650 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Gadwin PrintScreen" = C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash -- [2011.05.03 11:18:01 | 000,487,424 | ---- | M] (Gadwin Systems, Inc)
"Steam" = "D:\Games\Steam\steam.exe" -silent -- [2011.08.02 10:20:38 | 001,242,448 | ---- | M] (Valve Corporation)
"EPSON39A7C4 (Epson Stylus SX420W)" = C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU "C:\Windows\TEMP\E_S5E18.tmp" /EF "HKCU" -- [2009.09.14 07:00:00 | 000,200,704 | ---- | M] (SEIKO EPSON CORPORATION)
"KiesPDLR" = C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -- [2011.08.01 05:32:20 | 000,020,880 | ---- | M] ()
"KiesHelper" = C:\Program Files\Samsung\Kies\KiesHelper.exe /s -- [2011.08.01 05:32:08 | 000,958,352 | ---- | M] (Samsung)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2011.07.29 12:31:22 | 017,361,032 | R--- | M] (Skype Technologies S.A.)
"Pidgin" = C:\Program Files\Pidgin\pidgin.exe -- [2011.08.20 19:05:44 | 000,048,618 | ---- | M] (The Pidgin developer community)

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.08.27 09:35:02 | 000,000,512 | ---- | M] () MD5=45345F16FA0F6247501B53D13266CBBA -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 675 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\View Baldur's Gate: Tales of The Sword Coast Readme.lnk
@Alternate Data Stream - 595 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Register Baldur's Gate: Tales of the Sword Coast.lnk

< End of report >

#8 Příspěvek od **vyosek** » 27 srp 2011 20:04

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - [2011.08.03 09:46:46 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_2da1ebd.dll -- (Akamai)
IE - HKU\S-1-5-21-3491727313-2059114097-998879636-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 90 83 07 76 E9 3A CB 01 [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3491727313-2059114097-998879636-1000\..Trusted Domains: localhost ([]http in Místní intranet)
O15 - HKU\S-1-5-21-3491727313-2059114097-998879636-1000\..Trusted Ranges: GD ([http] in Místní intranet)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{4225bcdb-7a2b-11df-b44e-aab93e765bac}\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell - "" = AutoRun
O37 - HKU\S-1-5-21-3491727313-2059114097-998879636-1000\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKU\S-1-5-21-3491727313-2059114097-998879636-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[26 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\122c08a963fbdcba346ad4fbad854720\*.tmp files -> C:\Windows\SoftwareDistribution\Download\122c08a963fbdcba346ad4fbad854720\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6b3c3400cd81b193adcc8650b6281372\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6b3c3400cd81b193adcc8650b6281372\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\978bcacd350d00a69b0abda6244bc752\*.tmp files -> C:\Windows\SoftwareDistribution\Download\978bcacd350d00a69b0abda6244bc752\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c45e8cd7d41298f44f460842a9347c70\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c45e8cd7d41298f44f460842a9347c70\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d571da08d60590eb2b556d12196c4892\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d571da08d60590eb2b556d12196c4892\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d5dc3f7818c29f4b1897b622a6abfe46\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d5dc3f7818c29f4b1897b622a6abfe46\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d9ad0644b362e8208605baad436c65c0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d9ad0644b362e8208605baad436c65c0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ec8d11d386d14a79b3cb73319fa32977\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ec8d11d386d14a79b3cb73319fa32977\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
@Alternate Data Stream - 675 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\View Baldur's Gate: Tales of The Sword Coast Readme.lnk
@Alternate Data Stream - 595 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Register Baldur's Gate: Tales of the Sword Coast.lnk

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
 
:services
gupdate
gupdatem

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3491727313-2059114097-998879636-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3491727313-2059114097-998879636-1000UA.job
c:\Program Files\Common Files\Akamai
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

mrkew2 · #9 Příspěvek od **mrkew2** » 27 srp 2011 22:55

Ten log najdu kde, nic se mi neobjevilo.

#10 Příspěvek od **vyosek** » 28 srp 2011 05:47

Pokud ne, tak postup opakujte znovu v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti)

mrkew2 · #11 Příspěvek od **mrkew2** » 28 srp 2011 10:06

Tak udělal jsem to v nouzovém režimu a na konci už byla výzva k restartu. Po zapnutí PC na mě zase log nevyskočil (možná to je tým že mi nefunguje notepad), ale hledal jsem a našel jsem nějaký log C:\_OTL\MovedFiles.
A tady to je snad to je ono.

All processes killed
========== OTL ==========
Error: No service named Akamai was found to stop!
Service\Driver key Akamai not found.
File c:\Program Files\Common Files\Akamai\netsession_win_2da1ebd.dll not found.
HKU\S-1-5-21-3491727313-2059114097-998879636-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ not found.
Registry value HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4225bcdb-7a2b-11df-b44e-aab93e765bac}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4225bcdb-7a2b-11df-b44e-aab93e765bac}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
Registry key HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000_Classes\.com\ not found.
Registry key HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000_Classes\comfile\ not found.
HKEY_LOCAL_MACHINE\Software\Classes\.com\\|comfile /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000_Classes\.exe\ not found.
Registry key HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000_Classes\exefile\ not found.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
File/Folder C:\Windows\*.tmp not found.
File/Folder C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp not found.
C:\Windows\Installer\MSI586E.tmp deleted successfully.
C:\Windows\Installer\MSI5A24.tmp deleted successfully.
C:\Windows\Installer\MSI5BBB.tmp deleted successfully.
C:\Windows\Installer\MSI5E4B.tmp deleted successfully.
C:\Windows\Installer\MSI604F.tmp deleted successfully.
C:\Windows\Installer\MSI636B.tmp deleted successfully.
C:\Windows\Installer\MSI6459.tmp deleted successfully.
C:\Windows\Installer\MSI65BD.tmp deleted successfully.
C:\Windows\Installer\MSI682E.tmp deleted successfully.
C:\Windows\Installer\MSI6A32.tmp deleted successfully.
C:\Windows\Installer\MSI6C07.tmp deleted successfully.
C:\Windows\Installer\MSI6FB0.tmp deleted successfully.
C:\Windows\Installer\MSI71B4.tmp deleted successfully.
C:\Windows\Installer\MSI734A.tmp deleted successfully.
C:\Windows\Installer\MSI75EA.tmp deleted successfully.
C:\Windows\Installer\MSI781D.tmp deleted successfully.
C:\Windows\Installer\MSI7A4F.tmp deleted successfully.
C:\Windows\Installer\MSI7C34.tmp deleted successfully.
C:\Windows\Installer\MSI7F70.tmp deleted successfully.
C:\Windows\Installer\MSI81E1.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\122c08a963fbdcba346ad4fbad854720\BITFE1B.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\6b3c3400cd81b193adcc8650b6281372\BIT87C.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\978bcacd350d00a69b0abda6244bc752\BITF2BA.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\c45e8cd7d41298f44f460842a9347c70\BIT6E6.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\d571da08d60590eb2b556d12196c4892\BITF123.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\d5dc3f7818c29f4b1897b622a6abfe46\BIT9701.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\d9ad0644b362e8208605baad436c65c0\BITB6A.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\ec8d11d386d14a79b3cb73319fa32977\BITD316.tmp deleted successfully.
C:\Windows\System32\tmp3E9B.tmp deleted successfully.
C:\Windows\System32\tmp3ECB.tmp deleted successfully.
ADS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\View Baldur's Gate: Tales of The Sword Coast Readme.lnk deleted successfully.
ADS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Register Baldur's Gate: Tales of the Sword Coast.lnk deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3491727313-2059114097-998879636-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3491727313-2059114097-998879636-1000UA.job moved successfully.
c:\Program Files\Common Files\Akamai\Logs\dump folder moved successfully.
c:\Program Files\Common Files\Akamai\Logs folder moved successfully.
c:\Program Files\Common Files\Akamai\Languages folder moved successfully.
c:\Program Files\Common Files\Akamai\Cache folder moved successfully.
c:\Program Files\Common Files\Akamai folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 53632 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: PC
->Temp folder emptied: 22996483 bytes
->Temporary Internet Files folder emptied: 5633734 bytes
->Java cache emptied: 63493134 bytes
->FireFox cache emptied: 34270930 bytes
->Google Chrome cache emptied: 223024817 bytes
->Opera cache emptied: 51213010 bytes
->Flash cache emptied: 14731 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 860348 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3648 bytes
RecycleBin emptied: 11726472 bytes

Total Files Cleaned = 394,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: PC
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.26.5 log created on 08282011_104422

#12 Příspěvek od **vyosek** » 28 srp 2011 11:37

Super

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Doporucuji provest defragmentaci disku

Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
- Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
- prepnete se do zalozky Nastroje
- Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
- Toto provedte se vsemi disky
Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
- Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
- Kliknete na Analyzovat
- Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
- Postup provedte se vsemi disky
Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
- Vyhodou programku je, ze se neinstaluje
- Staci tedy jen stahnout dle verze vaseho OS a rozbalit
- Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
- Probehne analyza disku a nasledne i defragmentace

Napiste co PC

mrkew2 · #13 Příspěvek od **mrkew2** » 28 srp 2011 19:00

Tak jsem udělal ty dva body. A ještě defragmentuji.
Zatím davám log jestli to je čisté.

Logfile of random's system information tool 1.09 (written by random/random)
Run by PC at 2011-08-28 19:57:49
Microsoft Windows 7 Ultimate
System drive C: has 8 GB (16%) free of 50 GB
Total RAM: 3068 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:58:18, on 28.8.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Icon7\iConfig for Gamers\Z300\hid300.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Icon7\iConfig for Gamers\Tray.exe
C:\Program Files\Pidgin\pidgin.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\PC\Desktop\RSIT.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14469
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [iConfigg300] "C:\Program Files\Icon7\iConfig for Gamers\z300\hid300.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [EPSON39A7C4 (Epson Stylus SX420W)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU "C:\Windows\TEMP\E_S5E18.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Pidgin] C:\Program Files\Pidgin\pidgin.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GO36F4~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: CD Guard Drivers Auto Removal (v2) (psrem02) - Protection Technology - C:\Windows\system32\psrem02.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe

--
End of file - 6570 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\gle2vz0z.default

prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.3"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
AskHPRFF.js
browserdirprovider.dll
brwsrcmp.dll
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GoogleDesktopMozilla.dll
GoogleDesktopMozillaStub.js
GoogleDesktopMozillaStub.xpt
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npnul32.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
googledesktop.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\gle2vz0z.default\extensions\
{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-11 3821568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-21 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-20 7625248]
"iConfigg300"=C:\Program Files\Icon7\iConfig for Gamers\z300\hid300.exe [2010-02-23 359936]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-03-28 281768]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2011-05-03 487424]
"EPSON39A7C4 (Epson Stylus SX420W)"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE [2009-09-14 200704]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-08-01 20880]
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2011-08-01 958352]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-07-29 17361032]
"Pidgin"=C:\Program Files\Pidgin\pidgin.exe [2011-08-20 48618]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F579D32520C4CBAF298862F1BEDBBDD0A557E2BB._service_run]
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe [2011-08-17 1017912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet 3]
C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe -minimize []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2011-07-25 30192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iConfig-z300]
C:\Program Files\Icon7\iConfig for Gamers\Z300\hid300.exe [2010-02-23 359936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ITSecMng]
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2009-07-22 83336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files\Samsung\Kies\KiesHelper.exe [2011-08-01 958352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-08-01 20880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2011-08-01 3507088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Unified Remote v2]
C:\Program Files\Unified Remote\RemoteServer.exe [2011-05-07 177152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^20Dollars2Surf.lnk]
C:\PROGRA~1\20DOLL~1\20DOLL~1.EXE [2010-01-28 89088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [2009-11-05 2717024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FreeRapid 0.83u1.lnk]
D:\FREERA~1.83U\FREERA~1.83U\frd.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameRanger.lnk]
C:\Users\PC\AppData\Roaming\GAMERA~1\GAMERA~2\GAMERA~1.EXE [2011-06-24 1449696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Miranda IM.lnk]
C:\PROGRA~1\MIRAND~1\MIRAND~1.EXE [2011-06-06 818784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Red Alert 3.lnk]
D:\stažene soubory\Command.and.Conquer.Red.Alert.3.Multi4.Full-Rip\Red Alert 3\#readme#\VC80_Redist\vcredist_x64.exe []

C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EvernoteClipper.lnk - C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~3\GO36F4~1.DLL"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\xchat\xchat.exe"="C:\Program Files\xchat\xchat.exe:*:Enabled:XChat IRC Client"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=i420vfw.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsvid.dll
"vidc.yv12"=yv12vfw.dll
"vidc.mjpg"=pvmjpg30.dll
"VIDC.XFR1"=xfcodec.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-08-28 19:54:19 ----SHD---- C:\Config.Msi
2011-08-27 23:47:29 ----D---- C:\_OTL
2011-08-27 12:40:33 ----D---- C:\Program Files\IDroo
2011-08-27 09:30:26 ----A---- C:\Program Files\Program Files – zástupce.lnk
2011-08-26 17:24:05 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-08-26 17:23:54 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-08-24 11:10:08 ----A---- C:\Windows\system32\tzres.dll
2011-08-23 20:54:56 ----D---- C:\Program Files\Penumbra
2011-08-23 19:06:25 ----D---- C:\Downloads
2011-08-23 19:05:37 ----D---- C:\ProgramData\iDownloader Limited
2011-08-23 19:05:37 ----D---- C:\Program Files\iDownloader
2011-08-23 19:04:14 ----D---- C:\ProgramData\Web Installer
2011-08-22 15:28:45 ----A---- C:\Windows\system32\drivers\athur.sys
2011-08-22 15:28:34 ----RA---- C:\Windows\system32\athur.sys
2011-08-20 14:33:52 ----A---- C:\Windows\WORDPAD.INI
2011-08-19 11:18:47 ----A---- C:\Windows\system32\pdfcmnnt.dll
2011-08-19 11:18:45 ----A---- C:\Windows\system32\MSMPIDE.DLL
2011-08-19 10:52:32 ----D---- C:\Users\PC\AppData\Roaming\PDF Writer
2011-08-19 10:47:33 ----D---- C:\Program Files\Common Files\Bullzip
2011-08-19 10:47:33 ----A---- C:\Windows\system32\bzpdfc.dll
2011-08-19 10:47:33 ----A---- C:\Windows\system32\bzFlRdr.dll
2011-08-19 10:47:33 ----A---- C:\Windows\system32\bzDCT.dll
2011-08-19 10:47:30 ----A---- C:\Windows\system32\bzpdf.dll
2011-08-17 16:05:03 ----D---- C:\Users\PC\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
2011-08-12 16:46:54 ----D---- C:\Program Files\Microsoft Chart Controls
2011-08-11 11:17:27 ----A---- C:\Windows\system32\xmllite.dll
2011-08-11 11:17:26 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-08-11 11:17:25 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-11 11:17:23 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-11 11:17:22 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-11 11:17:18 ----A---- C:\Windows\system32\iertutil.dll
2011-08-11 11:17:17 ----A---- C:\Windows\system32\ieframe.dll
2011-08-11 11:17:16 ----A---- C:\Windows\system32\mshtml.dll
2011-08-11 11:17:14 ----A---- C:\Windows\system32\urlmon.dll
2011-08-11 11:17:12 ----A---- C:\Windows\system32\wininet.dll
2011-08-11 11:17:12 ----A---- C:\Windows\system32\msfeeds.dll
2011-08-11 11:17:11 ----A---- C:\Windows\system32\url.dll
2011-08-11 11:17:11 ----A---- C:\Windows\system32\mstime.dll
2011-08-11 11:17:11 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-11 11:17:11 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-08-11 11:17:11 ----A---- C:\Windows\system32\licmgr10.dll
2011-08-11 11:17:11 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-11 11:17:11 ----A---- C:\Windows\system32\ieui.dll
2011-08-11 11:17:11 ----A---- C:\Windows\system32\iepeers.dll
2011-08-11 11:17:11 ----A---- C:\Windows\system32\iedkcs32.dll
2011-08-11 11:17:10 ----A---- C:\Windows\system32\msfeedssync.exe
2011-08-11 11:17:06 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-11 11:17:06 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-11 11:17:06 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-11 11:17:06 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-11 11:17:06 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-11 11:17:06 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-11 11:17:06 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-11 11:17:06 ----A---- C:\Windows\system32\winsrv.dll
2011-08-11 11:17:06 ----A---- C:\Windows\system32\KernelBase.dll
2011-08-11 11:17:06 ----A---- C:\Windows\system32\kernel32.dll
2011-08-11 11:17:06 ----A---- C:\Windows\system32\conhost.exe
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-11 11:17:05 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-11 11:17:02 ----A---- C:\Windows\system32\odbctrac.dll
2011-08-11 11:17:02 ----A---- C:\Windows\system32\odbcjt32.dll
2011-08-11 11:17:02 ----A---- C:\Windows\system32\odbccu32.dll
2011-08-11 11:17:02 ----A---- C:\Windows\system32\odbccr32.dll
2011-08-11 11:17:02 ----A---- C:\Windows\system32\odbccp32.dll
2011-08-07 12:57:00 ----D---- C:\Users\PC\AppData\Roaming\Unity
2011-08-06 14:40:48 ----D---- C:\Users\PC\AppData\Roaming\AtomZombieData
2011-07-31 11:56:10 ----D---- C:\Program Files\Common Files\Java
2011-07-31 11:55:54 ----A---- C:\Windows\system32\javaws.exe
2011-07-31 11:55:54 ----A---- C:\Windows\system32\javaw.exe
2011-07-31 11:55:54 ----A---- C:\Windows\system32\java.exe
2011-07-30 19:17:33 ----A---- C:\Windows\War3Unin.dat
2011-07-30 19:17:32 ----A---- C:\Windows\War3Unin.pif
2011-07-30 19:17:32 ----A---- C:\Windows\War3Unin.exe

======List of files/folders modified in the last 1 month======

2011-08-28 19:58:03 ----D---- C:\Users\PC\AppData\Roaming\.purple
2011-08-28 19:57:51 ----D---- C:\Program Files\trend micro
2011-08-28 19:56:14 ----SHD---- C:\System Volume Information
2011-08-28 19:54:22 ----SHD---- C:\Windows\Installer
2011-08-28 19:54:22 ----D---- C:\Program Files\Apple Software Update
2011-08-28 19:53:41 ----D---- C:\Program Files\Common Files
2011-08-28 19:49:09 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2011-08-28 19:49:09 ----D---- C:\Users\PC\AppData\Roaming\TS3Client
2011-08-28 19:49:09 ----D---- C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
2011-08-28 19:49:08 ----D---- C:\Users\PC\AppData\Roaming\Skype
2011-08-28 19:48:36 ----D---- C:\Windows
2011-08-28 19:47:15 ----D---- C:\Program Files\CCleaner
2011-08-28 19:44:06 ----D---- C:\Windows\temp
2011-08-28 19:38:36 ----D---- C:\Windows\system32\config
2011-08-28 19:38:08 ----D---- C:\Windows\System32
2011-08-28 19:38:08 ----D---- C:\Windows\inf
2011-08-28 19:38:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-28 19:35:11 ----D---- C:\Windows\Prefetch
2011-08-28 11:39:48 ----RSD---- C:\Windows\assembly
2011-08-28 11:35:36 ----D---- C:\Windows\Microsoft.NET
2011-08-28 11:13:38 ----D---- C:\Program Files\Common Files\Steam
2011-08-28 11:12:10 ----D---- C:\Windows\system32\DriverStore
2011-08-28 11:12:10 ----D---- C:\Windows\system32\catroot
2011-08-28 10:44:46 ----D---- C:\Windows\system32\drivers\etc
2011-08-28 10:44:27 ----D---- C:\Windows\Tasks
2011-08-27 23:23:14 ----D---- C:\Users\PC\AppData\Roaming\Dropbox
2011-08-27 13:35:16 ----D---- C:\Users\PC\AppData\Roaming\vlc
2011-08-27 12:40:33 ----RSD---- C:\Windows\Fonts
2011-08-27 12:40:33 ----RD---- C:\Program Files
2011-08-27 10:48:09 ----D---- C:\Program Files\Foxit Software
2011-08-26 22:46:20 ----D---- C:\Program Files\Garena
2011-08-26 21:47:10 ----D---- C:\Windows\system32\drivers
2011-08-26 21:47:10 ----D---- C:\Windows\security
2011-08-26 17:26:05 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-08-26 14:11:04 ----D---- C:\Users\PC\AppData\Roaming\gtk-2.0
2011-08-26 10:29:34 ----D---- C:\Program Files\TeamSpeak 3 Client
2011-08-25 13:38:07 ----D---- C:\ProgramData\PMB Files
2011-08-25 00:44:25 ----D---- C:\Windows\winsxs
2011-08-25 00:44:10 ----D---- C:\Windows\system32\sk-SK
2011-08-25 00:44:10 ----D---- C:\Windows\system32\ru-RU
2011-08-25 00:44:10 ----D---- C:\Windows\system32\en-US
2011-08-25 00:44:10 ----D---- C:\Windows\system32\cs-CZ
2011-08-24 11:07:56 ----D---- C:\Windows\system32\catroot2
2011-08-23 19:52:06 ----D---- C:\Program Files\Pidgin
2011-08-23 19:05:37 ----HD---- C:\ProgramData
2011-08-23 17:09:00 ----D---- C:\Users\PC\AppData\Roaming\Bioshock
2011-08-22 20:58:03 ----D---- C:\Program Files\OpenAL
2011-08-22 15:24:56 ----D---- C:\Windows\pss
2011-08-22 15:24:17 ----D---- C:\Windows\Logs
2011-08-22 15:24:17 ----D---- C:\Windows\debug
2011-08-22 14:51:23 ----D---- C:\Windows\system32\NDF
2011-08-22 13:28:31 ----D---- C:\Windows\system32\directx
2011-08-22 13:27:55 ----D---- C:\ProgramData\Media Center Programs
2011-08-21 19:34:10 ----RD---- C:\Program Files\Skype
2011-08-21 19:33:08 ----D---- C:\Windows\system32\Tasks
2011-08-21 19:32:53 ----D---- C:\ProgramData\Skype
2011-08-20 14:33:49 ----D---- C:\Program Files\Heroes Studio
2011-08-19 11:19:04 ----D---- C:\Program Files\PDFCreator
2011-08-19 10:46:17 ----D---- C:\Windows\system32\FxsTmp
2011-08-16 20:54:37 ----D---- C:\Users\PC\AppData\Roaming\FileZilla
2011-08-16 09:58:58 ----D---- C:\Program Files\Opera
2011-08-16 09:39:20 ----SD---- C:\ProgramData\Microsoft
2011-08-16 09:30:32 ----D---- C:\Program Files\Microsoft Silverlight
2011-08-15 18:04:47 ----D---- C:\Users\PC\AppData\Roaming\X-Chat 2
2011-08-14 10:39:46 ----HD---- C:\Program Files\InstallShield Installation Information
2011-08-12 16:45:13 ----D---- C:\Users\PC\AppData\Roaming\HLSW
2011-08-12 10:55:16 ----D---- C:\Windows\system32\migration
2011-08-12 10:55:16 ----D---- C:\Program Files\Internet Explorer
2011-08-11 23:37:51 ----A---- C:\Windows\system32\MRT.exe
2011-08-10 23:21:07 ----D---- C:\Users\PC\AppData\Roaming\Mozilla
2011-08-10 11:18:21 ----D---- C:\Program Files\VDMSound
2011-08-09 21:59:58 ----D---- C:\Program Files\Oldgames
2011-08-09 21:01:52 ----D---- C:\Program Files\DOSBox-0.74
2011-08-07 14:50:50 ----A---- C:\Windows\BlendSettings.ini
2011-08-05 13:03:19 ----D---- C:\Program Files\Razor
2011-08-01 23:48:23 ----D---- C:\Users\PC\AppData\Roaming\.minecraft
2011-07-31 11:55:40 ----D---- C:\Program Files\Java
2011-07-30 11:57:20 ----SD---- C:\Program Files\HLSW
2011-07-30 11:52:33 ----D---- C:\Program Files\CrystalDiskMark
2011-07-29 19:25:39 ----D---- C:\Program Files\Ubisoft
2011-07-29 15:44:00 ----D---- C:\Program Files\20Dollars2Surf

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2009-08-04 213024]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 psdrv02;CD Guard Environment Driver (v2); C:\Windows\system32\drivers\psdrv02.sys [2006-09-11 67960]
R0 pssync05;CD Guard Synchronization Driver (v5); C:\Windows\system32\drivers\pssync05.sys [2006-11-03 61312]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-17 691696]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-06-29 138192]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 SSHDRV65;SSHDRV65; \??\C:\Windows\system32\drivers\SSHDRV65.sys [2010-06-21 120320]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 69480]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2011-06-24 154416]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2011-06-24 33072]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-07-08 281760]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-06-29 66616]
R2 cpuz133;cpuz133; \??\C:\Windows\system32\drivers\cpuz133_x32.sys [2010-03-30 20968]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-07-08 25888]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2010-01-05 1500160]
R3 bbcap;bbcap; C:\Windows\system32\DRIVERS\bbcap.sys [2010-07-30 4096]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 59904]
R3 I7Z300Filter;Icon7_Z300; C:\Windows\system32\drivers\I7Z300.sys [2010-01-20 12800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-20 2664032]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-14 116064]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28.sys [2010-02-09 722720]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2011-05-10 139368]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2009-07-30 287392]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 17920]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-07-14 1068032]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2011-06-24 113456]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-12-21 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393216]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\PC\AppData\Local\Temp\EKP86D0.tmp []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2011-07-06 41272]
S3 NLNdisMP;NLNdisMP; C:\Windows\system32\DRIVERS\nlndis.sys []
S3 NLNdisPT;NetLimiter Ndis Protocol Service; C:\Windows\system32\DRIVERS\nlndis.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 PCD65X2;PCD65X2; \??\C:\Users\PC\AppData\Local\Temp\PCD65X2.sys []
S3 PCD65X3;PCD65X3; \??\C:\Users\PC\AppData\Local\Temp\PCD65X3.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-01-03 121192]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-01-03 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-01-03 136680]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-01-03 114152]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 169320]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 42472]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 79872]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 61168]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-09-14 49400]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-06-24 101680]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\k10stat\k10stat\WinRing0.sys [2008-07-26 14416]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-06-29 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-05-21 615528]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2011-06-15 737016]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 psrem02;CD Guard Drivers Auto Removal (v2); C:\Windows\system32\psrem02.exe [2006-05-11 358008]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2011-07-25 30192]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-08-02 411432]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-10-21 148848]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#14 Příspěvek od **vyosek** » 28 srp 2011 20:45

Log jiz vypada cisty

mrkew2 · #15 Příspěvek od **mrkew2** » 28 srp 2011 21:45

Jinak pc už vypadá dobře. Díky zase za pomoc. A ješte defragnu ten PC.

VIRY.CZ

Někdy vytížení PC na 100%

Někdy vytížení PC na 100%

Re: Někdy vytížení PC na 100%

Re: Někdy vytížení PC na 100%

Re: Někdy vytížení PC na 100%

Re: Někdy vytížení PC na 100%

Re: Někdy vytížení PC na 100%

Re: Někdy vytížení PC na 100%

Re: Někdy vytížení PC na 100%

Re: Někdy vytížení PC na 100%

Re: Někdy vytížení PC na 100%

Re: Někdy vytížení PC na 100%

Re: Někdy vytížení PC na 100%

Re: Někdy vytížení PC na 100%

Re: Někdy vytížení PC na 100%

Re: Někdy vytížení PC na 100%