pomaly PC & problem s reinstalom

[jakub214]

Dobry den, chcel by som Vas poprosit o pomoc s PC - v normalnom rezime je prakticky nepouzitelny - je velmi pomaly a niekolkokrat do dna mi vyhadzuje modru smrt...pokusal som sa o reinstalaciu win, ale zamrzne to stale pri ciernej obrazovke s animaciou nacitavania operacneho programu ( a to aj v pripade pokusu o reinstal pomocou recovery diskov vytvorenych cez HP recovery media creation ). Model: HP Pavilion dv7 Operacny sys.: 64bit win7 home premium

Za odpoved vopred dakujem

prikladam log


Logfile of random's system information tool 1.09 (written by random/random)
Run by Jakub at 2012-02-06 17:49:47
Microsoft Windows 7 Home Premium
System drive C: has 385 GB (79%) free of 486 GB
Total RAM: 4030 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:50:03, on 6. 2. 2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16912)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jakub.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Connectify] C:\Program Files (x86)\Connectify\Connectify.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10w_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12030 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\DigitalPersona\Bin\DpHostW.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe"
C:\Windows\Explorer.EXE
ctfmon.exe
"C:\Program Files\DigitalPersona\Bin\DPAgent.exe"
"C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SuggestExperimentA/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderFromOmniboxHeuristic/OriginalAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SyncPromoMsg/MsgD/WarmSocketImpact/warmest_socket/ --extension-process --enable-print-preview --channel=836.0419AC40.284455078 /prefetch:3
C:\Windows\system32\rundll32.exe "C:\Users\Jakub\AppData\Local\Google\Chrome\APPLIC~1\170963~1.0\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Jakub\AppData\Local\Google\Chrome\Application\17.0.963.0\gcswf32.dll" --lang=sk --channel=836.06933500.235816817 --flash-broker=328 /prefetch:4
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtest=CacheListSize/CacheListSize_13/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SuggestExperimentA/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderFromOmniboxHeuristic/OriginalAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndDynamic/SpdyImpact/npn_with_spdy/SyncPromoMsg/MsgD/WarmSocketImpact/warmest_socket/ --enable-print-preview --channel=836.08DDD8C0.892087133 /prefetch:3
"C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtest=CacheListSize/CacheListSize_13/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SuggestExperimentA/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderFromOmniboxHeuristic/OriginalAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndDynamic/SpdyImpact/npn_with_spdy/SyncPromoMsg/MsgD/WarmSocketImpact/warmest_socket/ --enable-print-preview --channel=836.08A9BE00.760113005 /prefetch:3
"C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtest=CacheListSize/CacheListSize_13/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SuggestExperimentA/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderFromOmniboxHeuristic/OriginalAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndDynamic/SpdyImpact/npn_with_spdy/SyncPromoMsg/MsgD/WarmSocketImpact/warmest_socket/ --enable-print-preview --channel=836.08C0F1C0.1924241691 /prefetch:3
"C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtest=CacheListSize/CacheListSize_13/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SuggestExperimentA/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderFromOmniboxHeuristic/OriginalAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndDynamic/SpdyImpact/npn_with_spdy/SyncPromoMsg/MsgD/WarmSocketImpact/warmest_socket/ --enable-print-preview --channel=836.08DE3380.1877594929 /prefetch:3
"C:\Users\Jakub\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\HPCeeScheduleForJakub.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-11-28 963064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-17 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-10-26 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-11-28 963064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-28 2096424]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-06-18 487424]
"BTMTrayAgent"=C:\Program Files\Motorola\Bluetooth\btmshell.dll [2010-06-10 24783624]
"SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2010-01-20 611896]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-06-18 8192]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [2010-02-09 1712184]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-06-16 2736128]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"Connectify"=C:\Program Files (x86)\Connectify\Connectify.exe [2010-01-15 920064]
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10w_ActiveX.exe [2011-09-10 243360]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-06-21 98304]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-06-29 602168]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2010-06-02 61112]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-08-17 52920]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DpHost]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-02-06 17:49:48 ----D---- C:\Program Files\trend micro
2012-02-06 17:49:47 ----D---- C:\rsit
2012-02-06 15:30:13 ----A---- C:\TDSSKiller.2.7.9.0_06.02.2012_15.30.13_log.txt
2012-01-20 20:54:30 ----ASH---- C:\pagefile.sys
2012-01-19 16:12:57 ----A---- C:\Windows\system32\schannel.dll
2012-01-19 16:12:51 ----A---- C:\Windows\system32\lsasrv.dll
2012-01-19 16:12:49 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-01-19 16:12:47 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-01-19 16:12:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-01-19 16:12:44 ----A---- C:\Windows\system32\drivers\cng.sys
2012-01-19 16:12:40 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-01-19 16:12:40 ----A---- C:\Windows\system32\webio.dll
2012-01-19 16:12:39 ----A---- C:\Windows\system32\sspicli.dll
2012-01-19 16:12:37 ----A---- C:\Windows\system32\secur32.dll
2012-01-19 16:12:37 ----A---- C:\Windows\system32\lsass.exe
2012-01-19 16:12:36 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-01-19 16:12:36 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-01-19 16:12:36 ----A---- C:\Windows\system32\sspisrv.dll
2012-01-13 16:37:28 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-01-13 16:37:25 ----A---- C:\Windows\system32\quartz.dll
2012-01-13 16:37:14 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-01-13 16:37:11 ----A---- C:\Windows\system32\qdvd.dll
2012-01-13 13:57:13 ----A---- C:\Windows\system32\jscript.dll
2012-01-13 13:57:11 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-01-13 13:16:20 ----SHD---- C:\Config.Msi
2012-01-13 12:55:18 ----D---- C:\2be73dc4650f022b585db012
2012-01-12 21:08:55 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-01-12 21:08:55 ----A---- C:\Windows\system32\ntdll.dll
2012-01-12 21:08:53 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-01-12 21:08:53 ----A---- C:\Windows\system32\packager.dll

======List of files/folders modified in the last 1 month======

2012-02-06 17:50:03 ----D---- C:\Windows\Temp
2012-02-06 17:49:48 ----RD---- C:\Program Files
2012-02-06 17:22:35 ----A---- C:\Windows\ntbtlog.txt
2012-02-06 15:30:13 ----D---- C:\Windows\system32\drivers
2012-02-05 22:29:58 ----D---- C:\Windows\System32
2012-02-05 22:29:58 ----D---- C:\Windows\inf
2012-02-05 22:29:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-02-05 21:40:29 ----D---- C:\Windows\Minidump
2012-01-26 14:15:35 ----D---- C:\Windows\system32\catroot2
2012-01-24 22:11:59 ----A---- C:\Windows\SYSWOW64\log.txt
2012-01-24 22:10:13 ----D---- C:\Windows\system32\config
2012-01-20 20:59:32 ----D---- C:\Windows\winsxs
2012-01-20 20:53:59 ----D---- C:\Windows\SysWOW64
2012-01-20 20:53:54 ----A---- C:\DUMP514a.tmp
2012-01-20 20:52:35 ----D---- C:\Users\Jakub\AppData\Roaming\Skype
2012-01-20 20:42:26 ----RSD---- C:\Windows\assembly
2012-01-20 20:37:32 ----D---- C:\Windows\Microsoft.NET
2012-01-20 20:23:40 ----SHD---- C:\System Volume Information
2012-01-19 16:33:55 ----D---- C:\Windows\ehome
2012-01-19 16:13:33 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2012-01-19 16:06:45 ----D---- C:\Windows\system32\catroot
2012-01-13 13:33:51 ----A---- C:\DUMP388c.tmp
2012-01-13 13:20:01 ----SHD---- C:\Windows\Installer
2012-01-10 11:38:58 ----D---- C:\Program Files (x86)\Connectify

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 42328]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-13 270912]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 41272]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-05-01 56344]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2010-06-23 931168]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-05 346144]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-28 320560]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 591192]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 304472]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 58712]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 24408]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-06-22 6856704]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-06-22 264192]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
S3 AVerAF35;HP USB DVB-T TV Tuner; C:\Windows\System32\Drivers\HPAF35.sys [2009-10-19 511104]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552448]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTMCOM;Bluetooth Serial Port; C:\Windows\System32\Drivers\btmcom.sys [2010-04-09 52736]
S3 BTMNET;Motorola Bluetooth Network Adapter Service; C:\Windows\system32\DRIVERS\btmnet.sys [2010-06-17 28672]
S3 BTMUSB;Motorola Bluetooth Radio Service; C:\Windows\System32\Drivers\btmusb.sys [2010-06-29 3232768]
S3 clwvd;HP Webcam Splitter; C:\Windows\system32\DRIVERS\clwvd.sys [2010-06-24 32880]
S3 HPIR;HP TV Tuner Infrared Receiver; C:\Windows\system32\DRIVERS\HPIR.sys [2009-11-16 93184]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\Windows\syswow64\D1F0.tmp []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-01-11 232992]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 109056]
S3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2010-09-14 760168]
S3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2010-09-14 268648]
S3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2010-09-14 25960]
S3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2010-09-14 22376]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-06-18 515584]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2010-04-23 445192]
S2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-06-22 203264]
S2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
S2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-10-14 832552]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-07-05 227384]
S2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 30520]
S2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-06-29 27192]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-06-16 73728]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-05-01 325656]
S2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2010-06-18 258048]
S2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-01 2533400]
S2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2010-02-23 2192176]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
S3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-10-02 1431888]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-09-16 647680]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-04-04 246520]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-07-05 988216]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-22 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Rudy]

Zdravím!
Co je napsáno na té modré obrazovce?

[jakub214]

To Vam teraz povedat neviem, ale posielam vypisy z minidump ( ked to teda pomoze ) http://leteckaposta.cz/459873719

[Rudy]

Udělejte test RAM podle návodu: http://forum.viry.cz/viewtopic.php?f=53&t=106788 .

[jakub214]

Test prebehol a nasiel velke mnozstvo chyb, znamena to teda ze hardware je nenavratne poskodeny? Taktiez som sa zabudol zmienit ze pred istym casom mi Avast nasiel rootkit, avsak jeho meno si uz nemapatam, v historii to uz neni a pri vcerajsej kontrole bol PC "cisty"

[Rudy]

Máte- li RAMky ve více modulech, udělejte test na každém zvlášť. Tím zjistíte, který to způsobuje. Může to být ale i vadnou zákl. deskou.

[jakub214]

Dakujem Vam za radu, este keby som sa mohol spytat co sa tyka priciny chybneho fungovania RAM, je to cisto chyba fyzickeho charakteru alebo mohla byt sposobena uz mnou spominanimi rootkitmi?

[motji]

Rudy, omlouvám se za vstup

Dobrý večer ,
poprosím Vás ještě o druhý log ze rsitu s názvem info.txt.
Zatím bych to podle těch výpisů tipla opravdu na RAM, jak psal kolega, pokud máte více modulů, otestujte každý zvlášť.
Pokud je vadná RAM, není to způsobeno virem, budete ji muset vyměnit.

Vidím, že jste spouštěl TDSS killer, prosím vložte zde jeho log
C:\TDSSKiller.2.7.9.0_06.02.2012_15.30.13_log.txt

[jakub214]

log z RSIT :


info.txt logfile of random's system information tool 1.09 2012-02-06 17:50:07

======Uninstall list======

-->"C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Game Explorer Categories - main\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Web Link - Club Penguin\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Web Link - Dark Orbit\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Web Link - Habbo Hotel\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Web Link - Seafight\Uninstall.exe"
-->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall
-->"C:\Program Files (x86)\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{FDB3B167-F4FA-461D-976F-286304A57B2A}
Adobe Community Help-->msiexec /qb /x {3521BDBD-D453-5D9F-AA55-44B75D214629}
Adobe Community Help-->MsiExec.exe /I{3521BDBD-D453-5D9F-AA55-44B75D214629}
Adobe Download Assistant-->msiexec /qb /x {5D90E53A-BD7C-8F32-9B82-7733D0F0BC8E}
Adobe Download Assistant-->MsiExec.exe /I{5D90E53A-BD7C-8F32-9B82-7733D0F0BC8E}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10w_ActiveX.exe -maintain activex
Adobe InDesign CS5.5-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{857CC5F0-040E-1016-A173-D55ADD80C260}"
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Reader 9.3 - Slovak-->MsiExec.exe /I{AC76BA86-7AD7-1051-7B44-A93000000001}
Adobe Shockwave Player 11.5-->MsiExec.exe /X{9ECF7817-DB11-4FBA-9DF1-296A578D513A}
Adobe Shockwave Player 11.6-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Agatha Christie - Death on the Nile-->"C:\Program Files (x86)\HP Games\Agatha Christie - Death on the Nile\Uninstall.exe"
Asistent pri prihlasovaní v sieti Windows Live-->MsiExec.exe /I{A789920E-E183-4311-9DEB-972913AB2FBF}
Assassin's Creed II-->"C:\Program Files (x86)\InstallShield Installation Information\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}\setup.exe" -runfromtemp -l0x0005 -removeonly
ATI Catalyst Install Manager-->msiexec /q/x{34DA4817-68E1-CC8B-A9A5-392095FA28C9} REBOOT=ReallySuppress
AutoCAD 2012 - English-->C:\Program Files\Autodesk\AutoCAD\AutoCAD 2012 - English\Setup\Setup.exe /P {5783F2D7-A001-0409-0102-0060B0CE6BBA} /M ACAD /language en-US
AutoCAD 2012 - English-->C:\Program Files\Autodesk\AutoCAD\AutoCAD 2012 - English\Setup\Setup.exe /P {5783F2D7-A001-0409-0102-0060B0CE6BBA} /M ACAD /language en-US
Autodesk Content Service-->MsiExec.exe /X{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}
Autodesk Inventor Fusion 2012 Language Pack-->MsiExec.exe /X{FFF7F80F-929E-497F-A112-B070DE816128}
Autodesk Inventor Fusion 2012-->C:\Program Files\Autodesk\AutoCAD\Inventor Fusion 2012\Setup\Setup.exe /P {FFF5619F-6669-4EC5-A85E-9994F70A9E5D} /M INVENTORFUSION /LANG en-US
Autodesk Inventor Fusion 2012-->MsiExec.exe /X{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}
Autodesk Inventor Fusion plug-in for AutoCAD 2012-->C:\Program Files\Autodesk\ApplicationPlugins\FusionPlugin.bundle\Contents\Setup\Setup.exe /P {EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC} /M ACFUSION /LANG en-US
Autodesk Inventor Fusion plug-in for AutoCAD 2012-->MsiExec.exe /I{EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012-->MsiExec.exe /I{E552C39C-C70E-464F-9733-8311331BDD90}
Autodesk Material Library 2012-->MsiExec.exe /I{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}
Autodesk Material Library Base Resolution Image Library 2012-->MsiExec.exe /I{65420DC9-306E-4371-905F-F4DC3B418E52}
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Bejeweled 2 Deluxe-->"C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
Blackhawk Striker 2-->"C:\Program Files (x86)\HP Games\Blackhawk Striker 2\Uninstall.exe"
BS.Player FREE-->"C:\Program Files (x86)\Webteh\BSplayer\uninstall.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{543F949F-2B95-448F-9F2E-56F0C5FF8E2C}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CINEMA 4D Demo 13.017-->"C:\Program Files\MAXON\CINEMA 4D R13 Demo\CINEMA 4D Demo 64 Bit.exe" "C:\Program Files\MAXON\CINEMA 4D R13 Demo\resource\install20111114_211830.log" -uninstall
Connectify-->C:\Program Files (x86)\Connectify\Uninstall.exe
Contents-->MsiExec.exe /I{F6A76E9C-C299-4CFA-AD2A-57FE9DD68B70}
Corel PaintShop Photo Pro X3-->c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\Setup\{D1AEB5DB-04FA-489D-94EF-8600898B93EE}\SetupARP.exe /arp
Corel PaintShop Photo Pro X3-->MsiExec.exe /I{DA4BF4BE-3CDC-43B5-BBDA-DDDA73103111}
Corel VideoStudio Pro X3-->c:\Program Files (x86)\Corel\Corel VideoStudio Pro X3\Setup\{F072CA07-A781-45E4-9975-C033A73019CF}\SetupARP.exe /arp
Cortona3D Viewer-->MsiExec.exe /X{1A9F8849-80C5-4A50-BC4B-6889BAE0A351}
CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
DeviceIO-->MsiExec.exe /I{F4E9851F-765E-40B7-9859-237C2724E62C}
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall
Dora's Carnival Adventure-->"C:\Program Files (x86)\HP Games\Dora's Carnival Adventure\Uninstall.exe"
DVD Menu Pack for HP MediaSmart Video-->"C:\Program Files (x86)\InstallShield Installation Information\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}\setup.exe" /z-uninstall
DVD Menu Pack for HP MediaSmart Video-->"C:\Program Files (x86)\InstallShield Installation Information\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}\setup.exe" /z-uninstall /zMS
Emsa Save My Work 1.0-->"C:\Program Files (x86)\Emsa Save My Work\unins000.exe"
Energy Star Digital Logo-->MsiExec.exe /I{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}
Escape Rosecliff Island-->"C:\Program Files (x86)\HP Games\Escape Rosecliff Island\Uninstall.exe"
ESU for Microsoft Windows 7-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43}
FARO LS 1.1.406.58-->MsiExec.exe /I{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}
FATE-->"C:\Program Files (x86)\HP Games\FATE\Uninstall.exe"
Final Drive Nitro-->"C:\Program Files (x86)\HP Games\Final Drive Nitro\Uninstall.exe"
Hewlett-Packard ACLM.NET v1.1.1.0-->MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F}
HP 3D DriveGuard-->MsiExec.exe /X{34777F28-E52C-4664-A6D1-91872CA95655}
HP Advisor-->MsiExec.exe /X{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}
HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}
HP Documentation-->MsiExec.exe /X{7D4318AC-9560-46F0-910F-0B38D6CDC009}
HP DVB-T TV Tuner 8.0.64.43-->C:\Program Files (x86)\HP\HP DVB-T TV Tuner\uninst.exe
HP Game Console-->"C:\Program Files (x86)\HP Games\HP Game Console\Uninstall.exe"
HP Games-->"C:\Program Files (x86)\HP Games\Uninstall.exe"
HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall
HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall
HP MediaSmart Movies and TV-->MsiExec.exe /X{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}
HP MediaSmart Music-->"C:\Program Files (x86)\InstallShield Installation Information\{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}\setup.exe" /z-uninstall
HP MediaSmart Music-->"C:\Program Files (x86)\InstallShield Installation Information\{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}\setup.exe" /z-uninstall /zMS
HP MediaSmart Photo-->"C:\Program Files (x86)\InstallShield Installation Information\{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}\setup.exe" /z-uninstall
HP MediaSmart Photo-->"C:\Program Files (x86)\InstallShield Installation Information\{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}\setup.exe" /z-uninstall
HP MediaSmart SmartMenu-->MsiExec.exe /X{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}
HP MediaSmart Video-->"C:\Program Files (x86)\InstallShield Installation Information\{D12E3E7F-1B13-4933-A915-16C7DD37A095}\setup.exe" /z-uninstall
HP MediaSmart Video-->"C:\Program Files (x86)\InstallShield Installation Information\{D12E3E7F-1B13-4933-A915-16C7DD37A095}\setup.exe" /z-uninstall
HP MediaSmart Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
HP MediaSmart Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
HP Power Manager-->MsiExec.exe /I{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}
HP Quick Launch-->MsiExec.exe /I{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}
HP Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{72D90DB3-A16A-4545-B555-868471101833}\setup.exe" -l0x9 -removeonly
HP SimplePass Identity Protection-->MsiExec.exe /I{1F6B7CB0-66D8-4B31-BF1F-D2318E58080E}
HP Software Framework-->MsiExec.exe /X{235E545D-013A-4622-B615-35A9BD640E6F}
HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP Wireless Assistant-->MsiExec.exe /X{1E990336-E620-4B14-A7B4-4DA369330355}
Chuzzle Deluxe-->"C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe"
ICA-->MsiExec.exe /I{D1AEB5DB-04FA-489D-94EF-8600898B93EE}
ICA-->MsiExec.exe /I{F072CA07-A781-45E4-9975-C033A73019CF}
IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -remove -removeonly
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
IPM_PSP_Pro-->MsiExec.exe /I{DCD941B6-F2E7-4FAF-B102-F7D4DE5FF99A}
IPM_VS_Pro-->MsiExec.exe /I{FD67D9F3-FED6-4A2E-9D6C-8C8C44DEF8FF}
IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe
ISCOM-->MsiExec.exe /I{D1F80EFD-A032-4E8E-A367-70C44AD4DCE0}
ISCOM-->MsiExec.exe /I{FE661711-E392-4B3F-A4A7-02C747C09134}
Java(TM) 6 Update 20 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86416020FF}
Java(TM) 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
Jewel Quest - Heritage-->"C:\Program Files (x86)\HP Games\Jewel Quest - Heritage\Uninstall.exe"
Junk Mail filter update-->MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE906D59619}
LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
LightScribe System Software-->MsiExec.exe /X{07E49BC1-24FF-4D7A-AC74-727BE95801AF}
Magic Desktop-->C:\Windows\system32\ezMDUninstall.exe
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /x64 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
Microsoft Office Klikni a spusti 2010-->"C:\PROGRA~2\COMMON~1\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall
Microsoft Office Klikni a spusti 2010-->MsiExec.exe /I{90140000-006D-041B-1000-0000000FF1CE}
Microsoft Office Starter 2010 - Slovenčina-->C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe /uninstall {90140011-0066-041B-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Microsoft_VC90_MFCLOC_x86_x64-->MsiExec.exe /I{90BF0360-A1DB-4599-A643-95AB90A52C1E}
Microsoft_VC90_MFCLOC_x86-->MsiExec.exe /I{B6D38690-755E-4F40-A35A-23F8BC2B86AC}
Movie Theme Pack for HP MediaSmart Video-->"C:\Program Files (x86)\InstallShield Installation Information\{3023EBDA-BF1B-4831-B347-E5018555F26E}\setup.exe" /z-uninstall
Movie Theme Pack for HP MediaSmart Video-->"C:\Program Files (x86)\InstallShield Installation Information\{3023EBDA-BF1B-4831-B347-E5018555F26E}\setup.exe" /z-uninstall /zMS
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Odovzdávací nástroj lokality Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Penguins!-->"C:\Program Files (x86)\HP Games\Penguins!\Uninstall.exe"
PhotoNow!-->"C:\Program Files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall
PhotoNow!-->"C:\Program Files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall
Plants vs. Zombies-->"C:\Program Files (x86)\HP Games\Plants vs. Zombies\Uninstall.exe"
PlayReady PC Runtime amd64-->MsiExec.exe /X{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}
Poker Superstars III-->"C:\Program Files (x86)\HP Games\Poker Superstars III\Uninstall.exe"
Polar Bowler-->"C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe"
Polar Golfer-->"C:\Program Files (x86)\HP Games\Polar Golfer\Uninstall.exe"
Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
PSPPContent-->MsiExec.exe /I{DF8B9311-ADE7-4EDE-B121-326CAA3D225D}
PSPPRO_DCRAW-->MsiExec.exe /I{DCF1928A-FC01-48E7-A7E6-4651D42EF6A1}
PureHD-->MsiExec.exe /I{F8423392-2296-4748-9B66-344432459632}
Ralink Motorola BC4 Bluetooth 3.0+HS Adapter-->"C:\Program Files\Motorola\Bluetooth\unins000.exe"
Ralink RT3090 802.11b/g/n WiFi Adapter-->C:\Program Files (x86)\InstallShield Installation Information\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek Ethernet Controller Driver For Windows 7-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -removeonly
Recovery Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
Setup-->MsiExec.exe /I{D1612A3D-0DCC-4055-BB6A-0036F31158A0}
Setup-->MsiExec.exe /I{F069C491-69E6-4D9B-9A0C-B7894A1FA97C}
Share-->MsiExec.exe /I{F909BD3C-8684-4ACF-B7C3-33F4F9F901B7}
Share64-->MsiExec.exe /I{F6246243-CF06-4E40-8A37-C3B537695C36}
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
Sophos Anti-Rootkit 1.5.20-->C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\helper.exe remove
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Validity Sensors DDK-->MsiExec.exe /X{426FAE9F-7373-496E-A215-9DB7EF4398CF}
VIO-->MsiExec.exe /I{F95C8C1F-25BB-44EC-A7E6-5C17ABC6BC71}
Virtual Villagers - The Secret City-->"C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Uninstall.exe"
VLC media player 1.1.11-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
VSClassic-->MsiExec.exe /I{FB0B6DDD-DF3E-4CD6-927C-724AB854E322}
VSPro-->MsiExec.exe /I{F206FEC3-F5DD-43FD-A8CF-9C46B8A6A92C}
WIDCOMM Bluetooth Software 6.2.0.5800-->MsiExec.exe /X{E464702F-5433-46EC-8F65-159276C0A54F}
Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{C109F629-36BB-4F7B-9762-A038936CA457}
Windows Live Fotogaléria-->MsiExec.exe /X{1A64965D-FE4B-46D9-A600-384D964EFC8A}
Windows Live Mail-->MsiExec.exe /I{67114EC2-5C83-4FE9-A1EF-358459AB3640}
Windows Live Messenger-->MsiExec.exe /X{A62FA809-74EB-440B-B8A8-AF8A36807F19}
Windows Live Sync-->MsiExec.exe /X{28456131-01CD-4BE4-8D67-BDBDD1ED636A}
Windows Live Writer-->MsiExec.exe /X{CFEAF8DD-4BDF-4141-BF2B-02BCA2DEB7FB}
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
WinRAR 4.01 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe
Zuma Deluxe-->"C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe"

======Hosts File======

127.0.0.1 static3.cdn.ubi.com
127.0.0.1 ubisoft-orbit.s3.amazonaws.com
127.0.0.1 onlineconfigservice.ubi.com
127.0.0.1 orbitservice.ubi.com
127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com

======System event log======

Computer Name: Jakub-HP
Event Code: 1001
Message: Počítač sa po kontrole chýb reštartoval. Kontrola chýb: 0x00000019 (0x0000000000000003, 0xfffffa8003c61ee0, 0xfffffa8003c61ee0, 0xfffffa8003c65ee0). Výpis sa uložil do súboru: C:\Windows\MEMORY.DMP. Identifikácia hlásenia: 121311-20264-01.
Record Number: 253794
Source Name: Microsoft-Windows-WER-SystemErrorReporting
Time Written: 20111212232042.000000-000
Event Type: Error
User:

Computer Name: Jakub-HP
Event Code: 6008
Message: The previous system shutdown at 0:19:11 on ‎13. ‎12. ‎2011 was unexpected.
Record Number: 253788
Source Name: EventLog
Time Written: 20111212232035.000000-000
Event Type: Error
User:

Computer Name: Jakub-HP
Event Code: 7034
Message: Služba HP Wireless Assistant Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Record Number: 253482
Source Name: Service Control Manager
Time Written: 20111212230355.476498-000
Event Type: Error
User:

Computer Name: Jakub-HP
Event Code: 1014
Message: Name resolution for the name download882.avast.com timed out after none of the configured DNS servers responded.
Record Number: 253429
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20111212230138.910259-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: Jakub-HP
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.

Record Number: 253354
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20111212230044.281762-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: Jakub-HP
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
4 user registry handles leaked from \Registry\User\S-1-5-21-3549042208-1486824535-2607294990-1000:
Process 2564 (\Device\HarddiskVolume2\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe) has opened key \REGISTRY\USER\S-1-5-21-3549042208-1486824535-2607294990-1000
Process 2564 (\Device\HarddiskVolume2\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe) has opened key \REGISTRY\USER\S-1-5-21-3549042208-1486824535-2607294990-1000
Process 2564 (\Device\HarddiskVolume2\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe) has opened key \REGISTRY\USER\S-1-5-21-3549042208-1486824535-2607294990-1000
Process 2564 (\Device\HarddiskVolume2\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe) has opened key \REGISTRY\USER\S-1-5-21-3549042208-1486824535-2607294990-1000

Record Number: 13145
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110919205241.410768-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Jakub-HP
Event Code: 100
Message: Iba informácie. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1017) is found on the machine; skipping installation...
Record Number: 13119
Source Name: CVHSVC
Time Written: 20110919145834.000000-000
Event Type: Warning
User:

Computer Name: Jakub-HP
Event Code: 100
Message: Iba informácie. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Record Number: 13118
Source Name: CVHSVC
Time Written: 20110919145834.000000-000
Event Type: Warning
User:

Computer Name: Jakub-HP
Event Code: 3057
Message: {tid=AF8}
Jadro klienta virtualizácie aplikácie sa spustilo správne.
Nainštalovaný produkt:
Verzia: 4.6.1.10263
Inštalačná cesta: C:\Program Files (x86)\Microsoft Application Virtualization Client
Adresár globálnych údajov: C:\ProgramData\Microsoft\Application Virtualization Client\
Názov prístroja: JAKUB-HP
Operačný systém: Windows 7 64-bit Service Pack 0.0 Build 7600
OSD Príkaz:
Record Number: 13096
Source Name: Application Virtualization Client
Time Written: 20110919144827.000000-000
Event Type: Warning
User:

Computer Name: Jakub-HP
Event Code: 3191
Message: {tid=AF8}
-------------------------------------------------------- Protokol klienta je spustený (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Record Number: 13094
Source Name: Application Virtualization Client
Time Written: 20110919144822.000000-000
Event Type: Warning
User:

=====Security event log=====

Computer Name: Jakub-HP
Event Code: 4648
Message: A logon was attempted using explicit credentials.

Subject:
Security ID: S-1-5-18
Account Name: JAKUB-HP$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:
Account Name: Jakub
Account Domain: Jakub-HP
Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:
Target Server Name: localhost
Additional Information: localhost

Process Information:
Process ID: 0x394
Process Name: C:\Windows\System32\winlogon.exe

Network Information:
Network Address: 127.0.0.1
Port: 0

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 14468
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111009130753.934625-000
Event Type: Audit Success
User:

Computer Name: Jakub-HP
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-21-3549042208-1486824535-2607294990-1000
Account Name: Jakub
Account Domain: Jakub-HP
Logon ID: 0x155ff3

Privileges: SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 14467
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111009113638.219590-000
Event Type: Audit Success
User:

Computer Name: Jakub-HP
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: JAKUB-HP$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 2

New Logon:
Security ID: S-1-5-21-3549042208-1486824535-2607294990-1000
Account Name: Jakub
Account Domain: Jakub-HP
Logon ID: 0x156013
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x394
Process Name: C:\Windows\System32\winlogon.exe

Network Information:
Workstation Name: JAKUB-HP
Source Network Address: 127.0.0.1
Source Port: 0

Detailed Authentication Information:
Logon Process: User32
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon}request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 14466
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111009113638.219590-000
Event Type: Audit Success
User:

Computer Name: Jakub-HP
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: JAKUB-HP$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 2

New Logon:
Security ID: S-1-5-21-3549042208-1486824535-2607294990-1000
Account Name: Jakub
Account Domain: Jakub-HP
Logon ID: 0x155ff3
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x394
Process Name: C:\Windows\System32\winlogon.exe

Network Information:
Workstation Name: JAKUB-HP
Source Network Address: 127.0.0.1
Source Port: 0

Detailed Authentication Information:
Logon Process: User32
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 14465
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111009113638.219590-000
Event Type: Audit Success
User:

Computer Name: Jakub-HP
Event Code: 4648
Message: A logon was attempted using explicit credentials.

Subject:
Security ID: S-1-5-18
Account Name: JAKUB-HP$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:
Account Name: Jakub
Account Domain: Jakub-HP
Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:
Target Server Name: localhost
Additional Information: localhost

Process Information:
Process ID: 0x394
Process Name: C:\Windows\System32\winlogon.exe

Network Information:
Network Address: 127.0.0.1
Port: 0

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 14464
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111009113638.219590-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Common Files\Ulead Systems\MPEG;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=8
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=1e05
"OnlineServices"=Online Services
"Platform"=MCD
"PCBRAND"=Pavilion
"CM2012DIR"=C:\Program Files (x86)\Common Files\Autodesk Shared\Materials\
"ILBDIR"=C:\Program Files (x86)\Common Files\Autodesk Shared\Materials\
"SAFEBOOT_OPTION"=NETWORK

-----------------EOF-----------------

[jakub214]

log z TDSSKiller



15:30:13.0414 2284 TDSS rootkit removing tool 2.7.9.0 Feb 1 2012 09:28:49
15:30:13.0484 2284 ============================================================
15:30:13.0484 2284 Current date / time: 2012/02/06 15:30:13.0484
15:30:13.0484 2284 SystemInfo:
15:30:13.0484 2284
15:30:13.0485 2284 OS Version: 6.1.7600 ServicePack: 0.0
15:30:13.0485 2284 Product type: Workstation
15:30:13.0485 2284 ComputerName: JAKUB-HP
15:30:13.0485 2284 UserName: Jakub
15:30:13.0485 2284 Windows directory: C:\Windows
15:30:13.0485 2284 System windows directory: C:\Windows
15:30:13.0485 2284 Running under WOW64
15:30:13.0485 2284 Processor architecture: Intel x64
15:30:13.0485 2284 Number of processors: 8
15:30:13.0485 2284 Page size: 0x1000
15:30:13.0485 2284 Boot type: Safe boot with network
15:30:13.0485 2284 ============================================================
15:30:13.0976 2284 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:30:13.0980 2284 \Device\Harddisk0\DR0:
15:30:13.0980 2284 MBR used
15:30:13.0980 2284 Initialize success
15:30:13.0980 2284 ============================================================
15:30:18.0888 2236 ============================================================
15:30:18.0888 2236 Scan started
15:30:18.0888 2236 Mode: Manual;
15:30:18.0888 2236 ============================================================
15:30:18.0953 2236 1394ohci - ok
15:30:18.0976 2236 Accelerometer - ok
15:30:18.0980 2236 ACPI - ok
15:30:18.0993 2236 AcpiPmi - ok
15:30:18.0999 2236 adp94xx - ok
15:30:19.0003 2236 adpahci - ok
15:30:19.0006 2236 adpu320 - ok
15:30:19.0039 2236 AFD - ok
15:30:19.0043 2236 agp440 - ok
15:30:19.0065 2236 aliide - ok
15:30:19.0076 2236 amdide - ok
15:30:19.0080 2236 AmdK8 - ok
15:30:19.0101 2236 amdkmdag - ok
15:30:19.0105 2236 amdkmdap - ok
15:30:19.0109 2236 AmdPPM - ok
15:30:19.0122 2236 amdsata - ok
15:30:19.0126 2236 amdsbs - ok
15:30:19.0129 2236 amdxata - ok
15:30:19.0139 2236 AppID - ok
15:30:19.0165 2236 arc - ok
15:30:19.0178 2236 arcsas - ok
15:30:19.0201 2236 aswFsBlk - ok
15:30:19.0227 2236 aswMonFlt - ok
15:30:19.0231 2236 aswRdr - ok
15:30:19.0235 2236 aswSnx - ok
15:30:19.0245 2236 aswSP - ok
15:30:19.0248 2236 aswTdi - ok
15:30:19.0252 2236 AsyncMac - ok
15:30:19.0259 2236 atapi - ok
15:30:19.0295 2236 AtiHdmiService - ok
15:30:19.0326 2236 AVerAF35 - ok
15:30:19.0371 2236 b06bdrv - ok
15:30:19.0375 2236 b57nd60a - ok
15:30:19.0392 2236 Beep - ok
15:30:19.0418 2236 blbdrive - ok
15:30:19.0434 2236 bowser - ok
15:30:19.0449 2236 BrFiltLo - ok
15:30:19.0453 2236 BrFiltUp - ok
15:30:19.0476 2236 Brserid - ok
15:30:19.0480 2236 BrSerWdm - ok
15:30:19.0483 2236 BrUsbMdm - ok
15:30:19.0487 2236 BrUsbSer - ok
15:30:19.0497 2236 BthEnum - ok
15:30:19.0501 2236 BTHMODEM - ok
15:30:19.0505 2236 BthPan - ok
15:30:19.0508 2236 BTHPORT - ok
15:30:19.0519 2236 BTHUSB - ok
15:30:19.0540 2236 BTMCOM - ok
15:30:19.0553 2236 BTMNET - ok
15:30:19.0562 2236 BTMUSB - ok
15:30:19.0601 2236 cdfs - ok
15:30:19.0616 2236 cdrom - ok
15:30:19.0662 2236 circlass - ok
15:30:19.0666 2236 CLFS - ok
15:30:19.0703 2236 clwvd - ok
15:30:19.0707 2236 CmBatt - ok
15:30:19.0727 2236 cmdide - ok
15:30:19.0731 2236 CNG - ok
15:30:19.0742 2236 Compbatt - ok
15:30:19.0758 2236 CompositeBus - ok
15:30:19.0790 2236 crcdisk - ok
15:30:19.0810 2236 DfsC - ok
15:30:19.0816 2236 discache - ok
15:30:19.0819 2236 Disk - ok
15:30:19.0861 2236 drmkaud - ok
15:30:19.0863 2236 dtsoftbus01 - ok
15:30:19.0873 2236 DXGKrnl - ok
15:30:19.0883 2236 ebdrv - ok
15:30:19.0923 2236 elxstor - ok
15:30:19.0923 2236 ErrDev - ok
15:30:19.0947 2236 exfat - ok
15:30:19.0953 2236 fastfat - ok
15:30:19.0982 2236 fdc - ok
15:30:19.0989 2236 FileInfo - ok
15:30:19.0993 2236 Filetrace - ok
15:30:20.0012 2236 flpydisk - ok
15:30:20.0019 2236 FltMgr - ok
15:30:20.0043 2236 FsDepends - ok
15:30:20.0047 2236 Fs_Rec - ok
15:30:20.0053 2236 fvevol - ok
15:30:20.0057 2236 gagp30kx - ok
15:30:20.0075 2236 hcw85cir - ok
15:30:20.0082 2236 HdAudAddService - ok
15:30:20.0104 2236 HDAudBus - ok
15:30:20.0114 2236 HECIx64 - ok
15:30:20.0118 2236 HidBatt - ok
15:30:20.0121 2236 HidBth - ok
15:30:20.0125 2236 HidIr - ok
15:30:20.0141 2236 HidUsb - ok
15:30:20.0206 2236 hpdskflt - ok
15:30:20.0226 2236 HPIR - ok
15:30:20.0266 2236 HpSAMD - ok
15:30:20.0307 2236 HTTP - ok
15:30:20.0311 2236 hwpolicy - ok
15:30:20.0327 2236 i8042prt - ok
15:30:20.0331 2236 iaStor - ok
15:30:20.0351 2236 iaStorV - ok
15:30:20.0360 2236 igfx - ok
15:30:20.0364 2236 iirsp - ok
15:30:20.0371 2236 intelide - ok
15:30:20.0381 2236 intelppm - ok
15:30:20.0386 2236 IpFilterDriver - ok
15:30:20.0392 2236 IPMIDRV - ok
15:30:20.0413 2236 IPNAT - ok
15:30:20.0420 2236 IRENUM - ok
15:30:20.0423 2236 isapnp - ok
15:30:20.0427 2236 iScsiPrt - ok
15:30:20.0432 2236 kbdclass - ok
15:30:20.0436 2236 kbdhid - ok
15:30:20.0442 2236 KSecDD - ok
15:30:20.0445 2236 KSecPkg - ok
15:30:20.0449 2236 ksthunk - ok
15:30:20.0546 2236 lltdio - ok
15:30:20.0577 2236 LSI_FC - ok
15:30:20.0580 2236 LSI_SAS - ok
15:30:20.0601 2236 LSI_SAS2 - ok
15:30:20.0605 2236 LSI_SCSI - ok
15:30:20.0620 2236 luafv - ok
15:30:20.0632 2236 megasas - ok
15:30:20.0635 2236 MegaSR - ok
15:30:20.0665 2236 MEMSWEEP2 - ok
15:30:20.0677 2236 Modem - ok
15:30:20.0685 2236 monitor - ok
15:30:20.0691 2236 mouclass - ok
15:30:20.0695 2236 mouhid - ok
15:30:20.0698 2236 mountmgr - ok
15:30:20.0702 2236 mpio - ok
15:30:20.0723 2236 mpsdrv - ok
15:30:20.0728 2236 MRxDAV - ok
15:30:20.0732 2236 mrxsmb - ok
15:30:20.0736 2236 mrxsmb10 - ok
15:30:20.0739 2236 mrxsmb20 - ok
15:30:20.0743 2236 msahci - ok
15:30:20.0747 2236 msdsm - ok
15:30:20.0756 2236 Msfs - ok
15:30:20.0759 2236 mshidkmdf - ok
15:30:20.0763 2236 msisadrv - ok
15:30:20.0787 2236 MSKSSRV - ok
15:30:20.0791 2236 MSPCLOCK - ok
15:30:20.0795 2236 MSPQM - ok
15:30:20.0799 2236 MsRPC - ok
15:30:20.0804 2236 mssmbios - ok
15:30:20.0808 2236 MSTEE - ok
15:30:20.0812 2236 MTConfig - ok
15:30:20.0829 2236 Mup - ok
15:30:20.0851 2236 NativeWifiP - ok
15:30:20.0860 2236 NDIS - ok
15:30:20.0875 2236 NdisCap - ok
15:30:20.0890 2236 NdisTapi - ok
15:30:20.0910 2236 Ndisuio - ok
15:30:20.0915 2236 NdisWan - ok
15:30:20.0918 2236 NDProxy - ok
15:30:20.0922 2236 NetBIOS - ok
15:30:20.0926 2236 NetBT - ok
15:30:20.0998 2236 netr28x - ok
15:30:21.0009 2236 netw5v64 - ok
15:30:21.0036 2236 nfrd960 - ok
15:30:21.0047 2236 Npfs - ok
15:30:21.0052 2236 nsiproxy - ok
15:30:21.0058 2236 Ntfs - ok
15:30:21.0062 2236 Null - ok
15:30:21.0077 2236 nvraid - ok
15:30:21.0097 2236 nvstor - ok
15:30:21.0101 2236 nv_agp - ok
15:30:21.0105 2236 ohci1394 - ok
15:30:21.0137 2236 Parport - ok
15:30:21.0141 2236 partmgr - ok
15:30:21.0163 2236 pci - ok
15:30:21.0166 2236 pciide - ok
15:30:21.0169 2236 pcmcia - ok
15:30:21.0173 2236 pcw - ok
15:30:21.0177 2236 PEAUTH - ok
15:30:21.0223 2236 PptpMiniport - ok
15:30:21.0227 2236 Processor - ok
15:30:21.0245 2236 Psched - ok
15:30:21.0249 2236 ql2300 - ok
15:30:21.0252 2236 ql40xx - ok
15:30:21.0258 2236 QWAVEdrv - ok
15:30:21.0262 2236 RasAcd - ok
15:30:21.0265 2236 RasAgileVpn - ok
15:30:21.0287 2236 Rasl2tp - ok
15:30:21.0293 2236 RasPppoe - ok
15:30:21.0297 2236 RasSstp - ok
15:30:21.0301 2236 rdbss - ok
15:30:21.0304 2236 rdpbus - ok
15:30:21.0308 2236 RDPCDD - ok
15:30:21.0314 2236 RDPENCDD - ok
15:30:21.0319 2236 RDPREFMP - ok
15:30:21.0323 2236 RDPWD - ok
15:30:21.0327 2236 rdyboost - ok
15:30:21.0364 2236 RFCOMM - ok
15:30:21.0373 2236 rspndr - ok
15:30:21.0381 2236 RSUSBSTOR - ok
15:30:21.0410 2236 RTL8167 - ok
15:30:21.0416 2236 sbp2port - ok
15:30:21.0421 2236 scfilter - ok
15:30:21.0429 2236 sdbus - ok
15:30:21.0444 2236 secdrv - ok
15:30:21.0473 2236 Serenum - ok
15:30:21.0477 2236 Serial - ok
15:30:21.0480 2236 sermouse - ok
15:30:21.0491 2236 sffdisk - ok
15:30:21.0495 2236 sffp_mmc - ok
15:30:21.0499 2236 sffp_sd - ok
15:30:21.0503 2236 sfloppy - ok
15:30:21.0516 2236 Sftfs - ok
15:30:21.0538 2236 Sftplay - ok
15:30:21.0547 2236 Sftredir - ok
15:30:21.0551 2236 Sftvol - ok
15:30:21.0569 2236 SiSRaid2 - ok
15:30:21.0573 2236 SiSRaid4 - ok
15:30:21.0598 2236 Smb - ok
15:30:21.0612 2236 spldr - ok
15:30:21.0621 2236 srv - ok
15:30:21.0625 2236 srv2 - ok
15:30:21.0629 2236 SrvHsfHDA - ok
15:30:21.0632 2236 SrvHsfV92 - ok
15:30:21.0636 2236 SrvHsfWinac - ok
15:30:21.0640 2236 srvnet - ok
15:30:21.0668 2236 stexstor - ok
15:30:21.0678 2236 STHDA - ok
15:30:21.0688 2236 swenum - ok
15:30:21.0703 2236 SynTP - ok
15:30:21.0735 2236 Tcpip - ok
15:30:21.0741 2236 TCPIP6 - ok
15:30:21.0746 2236 tcpipreg - ok
15:30:21.0752 2236 TDPIPE - ok
15:30:21.0756 2236 TDTCP - ok
15:30:21.0763 2236 tdx - ok
15:30:21.0767 2236 TermDD - ok
15:30:21.0798 2236 tssecsrv - ok
15:30:21.0816 2236 tunnel - ok
15:30:21.0819 2236 uagp35 - ok
15:30:21.0823 2236 udfs - ok
15:30:21.0849 2236 uliagpkx - ok
15:30:21.0857 2236 umbus - ok
15:30:21.0861 2236 UmPass - ok
15:30:21.0872 2236 usbccgp - ok
15:30:21.0880 2236 usbcir - ok
15:30:21.0884 2236 usbehci - ok
15:30:21.0888 2236 usbhub - ok
15:30:21.0891 2236 usbohci - ok
15:30:21.0912 2236 usbprint - ok
15:30:21.0916 2236 USBSTOR - ok
15:30:21.0920 2236 usbuhci - ok
15:30:21.0933 2236 usbvideo - ok
15:30:21.0946 2236 vdrvroot - ok
15:30:21.0952 2236 vga - ok
15:30:21.0972 2236 VgaSave - ok
15:30:21.0974 2236 vhdmp - ok
15:30:21.0974 2236 viaide - ok
15:30:21.0984 2236 volmgr - ok
15:30:21.0984 2236 volmgrx - ok
15:30:21.0984 2236 volsnap - ok
15:30:21.0994 2236 vsmraid - ok
15:30:21.0994 2236 vwifibus - ok
15:30:22.0004 2236 vwififlt - ok
15:30:22.0016 2236 vwifimp - ok
15:30:22.0040 2236 WacomPen - ok
15:30:22.0043 2236 WANARP - ok
15:30:22.0047 2236 Wanarpv6 - ok
15:30:22.0068 2236 Wd - ok
15:30:22.0071 2236 Wdf01000 - ok
15:30:22.0125 2236 WfpLwf - ok
15:30:22.0128 2236 WIMMount - ok
15:30:22.0170 2236 WinUSB - ok
15:30:22.0175 2236 WmiAcpi - ok
15:30:22.0197 2236 ws2ifsl - ok
15:30:22.0224 2236 WudfPf - ok
15:30:22.0237 2236 WUDFRd - ok
15:30:22.0252 2236 yukonw7 - ok
15:30:22.0321 2236 MBR (0x1B8) (85c05976d1a68cb69c23a59bdfe32395) \Device\Harddisk0\DR0
15:30:22.0379 2236 \Device\Harddisk0\DR0 - ok
15:30:22.0379 2236 ============================================================
15:30:22.0379 2236 Scan finished
15:30:22.0379 2236 ============================================================
15:30:22.0388 1320 Detected object count: 0
15:30:22.0388 1320 Actual detected object count: 0
15:30:33.0642 1184 ============================================================
15:30:33.0642 1184 Scan started
15:30:33.0642 1184 Mode: Manual; SigCheck; TDLFS;
15:30:33.0642 1184 ============================================================
15:30:33.0715 1184 1394ohci - ok
15:30:33.0719 1184 Accelerometer - ok
15:30:33.0722 1184 ACPI - ok
15:30:33.0726 1184 AcpiPmi - ok
15:30:33.0730 1184 adp94xx - ok
15:30:33.0734 1184 adpahci - ok
15:30:33.0737 1184 adpu320 - ok
15:30:33.0746 1184 AFD - ok
15:30:33.0767 1184 agp440 - ok
15:30:33.0772 1184 aliide - ok
15:30:33.0778 1184 amdide - ok
15:30:33.0781 1184 AmdK8 - ok
15:30:33.0785 1184 amdkmdag - ok
15:30:33.0789 1184 amdkmdap - ok
15:30:33.0793 1184 AmdPPM - ok
15:30:33.0796 1184 amdsata - ok
15:30:33.0800 1184 amdsbs - ok
15:30:33.0804 1184 amdxata - ok
15:30:33.0808 1184 AppID - ok
15:30:33.0831 1184 arc - ok
15:30:33.0835 1184 arcsas - ok
15:30:33.0844 1184 aswFsBlk - ok
15:30:33.0848 1184 aswMonFlt - ok
15:30:33.0851 1184 aswRdr - ok
15:30:33.0855 1184 aswSnx - ok
15:30:33.0859 1184 aswSP - ok
15:30:33.0863 1184 aswTdi - ok
15:30:33.0866 1184 AsyncMac - ok
15:30:33.0870 1184 atapi - ok
15:30:33.0891 1184 AtiHdmiService - ok
15:30:33.0902 1184 AVerAF35 - ok
15:30:33.0908 1184 b06bdrv - ok
15:30:33.0912 1184 b57nd60a - ok
15:30:33.0919 1184 Beep - ok
15:30:33.0926 1184 blbdrive - ok
15:30:33.0953 1184 bowser - ok
15:30:33.0957 1184 BrFiltLo - ok
15:30:33.0961 1184 BrFiltUp - ok
15:30:33.0967 1184 Brserid - ok
15:30:33.0970 1184 BrSerWdm - ok
15:30:33.0974 1184 BrUsbMdm - ok
15:30:33.0978 1184 BrUsbSer - ok
15:30:33.0982 1184 BthEnum - ok
15:30:33.0986 1184 BTHMODEM - ok
15:30:33.0990 1184 BthPan - ok
15:30:33.0993 1184 BTHPORT - ok
15:30:34.0016 1184 BTHUSB - ok
15:30:34.0020 1184 BTMCOM - ok
15:30:34.0025 1184 BTMNET - ok
15:30:34.0029 1184 BTMUSB - ok
15:30:34.0035 1184 cdfs - ok
15:30:34.0039 1184 cdrom - ok
15:30:34.0044 1184 circlass - ok
15:30:34.0048 1184 CLFS - ok
15:30:34.0059 1184 clwvd - ok
15:30:34.0080 1184 CmBatt - ok
15:30:34.0084 1184 cmdide - ok
15:30:34.0087 1184 CNG - ok
15:30:34.0091 1184 Compbatt - ok
15:30:34.0095 1184 CompositeBus - ok
15:30:34.0101 1184 crcdisk - ok
15:30:34.0115 1184 DfsC - ok
15:30:34.0121 1184 discache - ok
15:30:34.0141 1184 Disk - ok
15:30:34.0151 1184 drmkaud - ok
15:30:34.0155 1184 dtsoftbus01 - ok
15:30:34.0158 1184 DXGKrnl - ok
15:30:34.0164 1184 ebdrv - ok
15:30:34.0173 1184 elxstor - ok
15:30:34.0177 1184 ErrDev - ok
15:30:34.0202 1184 exfat - ok
15:30:34.0208 1184 fastfat - ok
15:30:34.0213 1184 fdc - ok
15:30:34.0220 1184 FileInfo - ok
15:30:34.0224 1184 Filetrace - ok
15:30:34.0232 1184 flpydisk - ok
15:30:34.0235 1184 FltMgr - ok
15:30:34.0243 1184 FsDepends - ok
15:30:34.0246 1184 Fs_Rec - ok
15:30:34.0267 1184 fvevol - ok
15:30:34.0270 1184 gagp30kx - ok
15:30:34.0278 1184 hcw85cir - ok
15:30:34.0282 1184 HdAudAddService - ok
15:30:34.0286 1184 HDAudBus - ok
15:30:34.0289 1184 HECIx64 - ok
15:30:34.0293 1184 HidBatt - ok
15:30:34.0297 1184 HidBth - ok
15:30:34.0301 1184 HidIr - ok
15:30:34.0306 1184 HidUsb - ok
15:30:34.0337 1184 hpdskflt - ok
15:30:34.0341 1184 HPIR - ok
15:30:34.0346 1184 HpSAMD - ok
15:30:34.0353 1184 HTTP - ok
15:30:34.0357 1184 hwpolicy - ok
15:30:34.0361 1184 i8042prt - ok
15:30:34.0365 1184 iaStor - ok
15:30:34.0368 1184 iaStorV - ok
15:30:34.0390 1184 igfx - ok
15:30:34.0394 1184 iirsp - ok
15:30:34.0402 1184 intelide - ok
15:30:34.0406 1184 intelppm - ok
15:30:34.0411 1184 IpFilterDriver - ok
15:30:34.0417 1184 IPMIDRV - ok
15:30:34.0420 1184 IPNAT - ok
15:30:34.0424 1184 IRENUM - ok
15:30:34.0428 1184 isapnp - ok
15:30:34.0432 1184 iScsiPrt - ok
15:30:34.0435 1184 kbdclass - ok
15:30:34.0456 1184 kbdhid - ok
15:30:34.0461 1184 KSecDD - ok
15:30:34.0465 1184 KSecPkg - ok
15:30:34.0469 1184 ksthunk - ok
15:30:34.0482 1184 lltdio - ok
15:30:34.0492 1184 LSI_FC - ok
15:30:34.0496 1184 LSI_SAS - ok
15:30:34.0516 1184 LSI_SAS2 - ok
15:30:34.0520 1184 LSI_SCSI - ok
15:30:34.0524 1184 luafv - ok
15:30:34.0531 1184 megasas - ok
15:30:34.0535 1184 MegaSR - ok
15:30:34.0539 1184 MEMSWEEP2 - ok
15:30:34.0544 1184 Modem - ok
15:30:34.0548 1184 monitor - ok
15:30:34.0552 1184 mouclass - ok
15:30:34.0556 1184 mouhid - ok
15:30:34.0559 1184 mountmgr - ok
15:30:34.0579 1184 mpio - ok
15:30:34.0583 1184 mpsdrv - ok
15:30:34.0588 1184 MRxDAV - ok
15:30:34.0592 1184 mrxsmb - ok
15:30:34.0596 1184 mrxsmb10 - ok
15:30:34.0600 1184 mrxsmb20 - ok
15:30:34.0604 1184 msahci - ok
15:30:34.0607 1184 msdsm - ok
15:30:34.0616 1184 Msfs - ok
15:30:34.0620 1184 mshidkmdf - ok
15:30:34.0640 1184 msisadrv - ok
15:30:34.0648 1184 MSKSSRV - ok
15:30:34.0652 1184 MSPCLOCK - ok
15:30:34.0656 1184 MSPQM - ok
15:30:34.0659 1184 MsRPC - ok
15:30:34.0665 1184 mssmbios - ok
15:30:34.0669 1184 MSTEE - ok
15:30:34.0672 1184 MTConfig - ok
15:30:34.0676 1184 Mup - ok
15:30:34.0682 1184 NativeWifiP - ok
15:30:34.0702 1184 NDIS - ok
15:30:34.0706 1184 NdisCap - ok
15:30:34.0710 1184 NdisTapi - ok
15:30:34.0713 1184 Ndisuio - ok
15:30:34.0717 1184 NdisWan - ok
15:30:34.0721 1184 NDProxy - ok
15:30:34.0725 1184 NetBIOS - ok
15:30:34.0729 1184 NetBT - ok
15:30:34.0741 1184 netr28x - ok
15:30:34.0765 1184 netw5v64 - ok
15:30:34.0769 1184 nfrd960 - ok
15:30:34.0774 1184 Npfs - ok
15:30:34.0780 1184 nsiproxy - ok
15:30:34.0785 1184 Ntfs - ok
15:30:34.0789 1184 Null - ok
15:30:34.0793 1184 nvraid - ok
15:30:34.0796 1184 nvstor - ok
15:30:34.0800 1184 nv_agp - ok
15:30:34.0804 1184 ohci1394 - ok
15:30:34.0831 1184 Parport - ok
15:30:34.0835 1184 partmgr - ok
15:30:34.0841 1184 pci - ok
15:30:34.0844 1184 pciide - ok
15:30:34.0848 1184 pcmcia - ok
15:30:34.0852 1184 pcw - ok
15:30:34.0856 1184 PEAUTH - ok
15:30:34.0897 1184 PptpMiniport - ok
15:30:34.0901 1184 Processor - ok
15:30:34.0909 1184 Psched - ok
15:30:34.0912 1184 ql2300 - ok
15:30:34.0916 1184 ql40xx - ok
15:30:34.0921 1184 QWAVEdrv - ok
15:30:34.0925 1184 RasAcd - ok
15:30:34.0929 1184 RasAgileVpn - ok
15:30:34.0951 1184 Rasl2tp - ok
15:30:34.0957 1184 RasPppoe - ok
15:30:34.0961 1184 RasSstp - ok
15:30:34.0964 1184 rdbss - ok
15:30:34.0968 1184 rdpbus - ok
15:30:34.0972 1184 RDPCDD - ok
15:30:34.0977 1184 RDPENCDD - ok
15:30:34.0983 1184 RDPREFMP - ok
15:30:34.0987 1184 RDPWD - ok
15:30:34.0990 1184 rdyboost - ok
15:30:35.0014 1184 RFCOMM - ok
15:30:35.0023 1184 rspndr - ok
15:30:35.0027 1184 RSUSBSTOR - ok
15:30:35.0031 1184 RTL8167 - ok
15:30:35.0036 1184 sbp2port - ok
15:30:35.0042 1184 scfilter - ok
15:30:35.0049 1184 sdbus - ok
15:30:35.0054 1184 secdrv - ok
15:30:35.0080 1184 Serenum - ok
15:30:35.0084 1184 Serial - ok
15:30:35.0087 1184 sermouse - ok
15:30:35.0098 1184 sffdisk - ok
15:30:35.0102 1184 sffp_mmc - ok
15:30:35.0106 1184 sffp_sd - ok
15:30:35.0110 1184 sfloppy - ok
15:30:35.0113 1184 Sftfs - ok
15:30:35.0119 1184 Sftplay - ok
15:30:35.0139 1184 Sftredir - ok
15:30:35.0143 1184 Sftvol - ok
15:30:35.0152 1184 SiSRaid2 - ok
15:30:35.0156 1184 SiSRaid4 - ok
15:30:35.0160 1184 Smb - ok
15:30:35.0169 1184 spldr - ok
15:30:35.0178 1184 srv - ok
15:30:35.0181 1184 srv2 - ok
15:30:35.0201 1184 SrvHsfHDA - ok
15:30:35.0205 1184 SrvHsfV92 - ok
15:30:35.0209 1184 SrvHsfWinac - ok
15:30:35.0213 1184 srvnet - ok
15:30:35.0222 1184 stexstor - ok
15:30:35.0225 1184 STHDA - ok
15:30:35.0231 1184 swenum - ok
15:30:35.0238 1184 SynTP - ok
15:30:35.0265 1184 Tcpip - ok
15:30:35.0269 1184 TCPIP6 - ok
15:30:35.0275 1184 tcpipreg - ok
15:30:35.0280 1184 TDPIPE - ok
15:30:35.0284 1184 TDTCP - ok
15:30:35.0288 1184 tdx - ok
15:30:35.0291 1184 TermDD - ok
15:30:35.0305 1184 tssecsrv - ok
15:30:35.0326 1184 tunnel - ok
15:30:35.0330 1184 uagp35 - ok
15:30:35.0333 1184 udfs - ok
15:30:35.0342 1184 uliagpkx - ok
15:30:35.0346 1184 umbus - ok
15:30:35.0350 1184 UmPass - ok
15:30:35.0357 1184 usbccgp - ok
15:30:35.0361 1184 usbcir - ok
15:30:35.0364 1184 usbehci - ok
15:30:35.0368 1184 usbhub - ok
15:30:35.0389 1184 usbohci - ok
15:30:35.0392 1184 usbprint - ok
15:30:35.0396 1184 USBSTOR - ok
15:30:35.0400 1184 usbuhci - ok
15:30:35.0404 1184 usbvideo - ok
15:30:35.0413 1184 vdrvroot - ok
15:30:35.0419 1184 vga - ok
15:30:35.0422 1184 VgaSave - ok
15:30:35.0426 1184 vhdmp - ok
15:30:35.0430 1184 viaide - ok
15:30:35.0450 1184 volmgr - ok
15:30:35.0454 1184 volmgrx - ok
15:30:35.0458 1184 volsnap - ok
15:30:35.0462 1184 vsmraid - ok
15:30:35.0467 1184 vwifibus - ok
15:30:35.0471 1184 vwififlt - ok
15:30:35.0475 1184 vwifimp - ok
15:30:35.0482 1184 WacomPen - ok
15:30:35.0486 1184 WANARP - ok
15:30:35.0489 1184 Wanarpv6 - ok
15:30:35.0519 1184 Wd - ok
15:30:35.0519 1184 Wdf01000 - ok
15:30:35.0537 1184 WfpLwf - ok
15:30:35.0541 1184 WIMMount - ok
15:30:35.0575 1184 WinUSB - ok
15:30:35.0581 1184 WmiAcpi - ok
15:30:35.0594 1184 ws2ifsl - ok
15:30:35.0605 1184 WudfPf - ok
15:30:35.0608 1184 WUDFRd - ok
15:30:35.0617 1184 yukonw7 - ok
15:30:35.0677 1184 MBR (0x1B8) (85c05976d1a68cb69c23a59bdfe32395) \Device\Harddisk0\DR0
15:30:36.0588 1184 \Device\Harddisk0\DR0 - ok
15:30:36.0588 1184 ============================================================
15:30:36.0588 1184 Scan finished
15:30:36.0589 1184 ============================================================
15:30:36.0596 2656 Detected object count: 0
15:30:36.0596 2656 Actual detected object count: 0
15:30:44.0311 2360 Deinitialize success

[motji]

To vypadá všechno ok, otestujte zvlášt každou RAmku, poprosila jsem kolegu přes HW ať mrkne na dumpy.

[MiliNess]

Otestuj paměť podle instrukcí v SZ, pak budeme pokračovat.

[motji]

A ještě otestujeme disk

Stahněte HD tune http://www.slunecnice.cz/sw/hd-tune/
-zvolete poslední záložku Error scan
-dejte skenovat, trvá to kolem hodiny.
-pak napište jestli jste měl nějaká políčka červená