Prosím o Preventivní Kontrolu (Pomalé PC a chyby)

Zpráva

MH20 · #16 Příspěvek od **MH20** » 20 led 2010 16:59

má chyba

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/20 16:58
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================

Drivers
-------------------
Name: acpi.sys
Image Path: C:\Windows\system32\drivers\acpi.sys
Address: 0x8323C000 Size: 286720 File Visible: - Signed: -
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x82806000 Size: 3846144 File Visible: - Signed: -
Status: -

Name: afd.sys
Image Path: C:\Windows\system32\drivers\afd.sys
Address: 0x8FEEE000 Size: 294912 File Visible: - Signed: -
Status: -

Name: AmdLLD.sys
Image Path: C:\Windows\system32\DRIVERS\AmdLLD.sys
Address: 0x8B2B3000 Size: 61440 File Visible: - Signed: -
Status: -

Name: aswFsBlk.sys
Image Path: C:\Windows\system32\DRIVERS\aswFsBlk.sys
Address: 0x8AFEC000 Size: 32768 File Visible: - Signed: -
Status: -

Name: aswMonFlt.sys
Image Path: C:\Windows\system32\DRIVERS\aswMonFlt.sys
Address: 0x833B4000 Size: 94208 File Visible: - Signed: -
Status: -

Name: aswRdr.SYS
Image Path: C:\Windows\System32\Drivers\aswRdr.SYS
Address: 0x8FF36000 Size: 15136 File Visible: - Signed: -
Status: -

Name: aswSP.SYS
Image Path: C:\Windows\System32\Drivers\aswSP.SYS
Address: 0x8B3AF000 Size: 94208 File Visible: - Signed: -
Status: -

Name: aswTdi.SYS
Image Path: C:\Windows\System32\Drivers\aswTdi.SYS
Address: 0x8FEE5000 Size: 33632 File Visible: - Signed: -
Status: -

Name: asyncmac.sys
Image Path: C:\Windows\system32\DRIVERS\asyncmac.sys
Address: 0x9CCD6000 Size: 36864 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: C:\Windows\system32\drivers\atapi.sys
Address: 0x83347000 Size: 32768 File Visible: - Signed: -
Status: -

Name: ataport.SYS
Image Path: C:\Windows\system32\drivers\ataport.SYS
Address: 0x8334F000 Size: 122880 File Visible: - Signed: -
Status: -

Name: AtiHdmi.sys
Image Path: C:\Windows\system32\drivers\AtiHdmi.sys
Address: 0x8B329000 Size: 118784 File Visible: - Signed: -
Status: -

Name: atikmdag.sys
Image Path: C:\Windows\system32\DRIVERS\atikmdag.sys
Address: 0x8EC02000 Size: 5398528 File Visible: - Signed: -
Status: -

Name: Beep.SYS
Image Path: C:\Windows\System32\Drivers\Beep.SYS
Address: 0x8FE0F000 Size: 28672 File Visible: - Signed: -
Status: -

Name: BOOTVID.dll
Image Path: C:\Windows\system32\BOOTVID.dll
Address: 0x8308A000 Size: 32768 File Visible: - Signed: -
Status: -

Name: bowser.sys
Image Path: C:\Windows\system32\DRIVERS\bowser.sys
Address: 0x9CD69000 Size: 102400 File Visible: - Signed: -
Status: -

Name: cdd.dll
Image Path: C:\Windows\System32\cdd.dll
Address: 0x98650000 Size: 57344 File Visible: - Signed: -
Status: -

Name: cdrom.sys
Image Path: C:\Windows\system32\DRIVERS\cdrom.sys
Address: 0x8F322000 Size: 98304 File Visible: - Signed: -
Status: -

Name: CI.dll
Image Path: C:\Windows\system32\CI.dll
Address: 0x830D3000 Size: 917504 File Visible: - Signed: -
Status: -

Name: CLASSPNP.SYS
Image Path: C:\Windows\system32\drivers\CLASSPNP.SYS
Address: 0x8B19F000 Size: 135168 File Visible: - Signed: -
Status: -

Name: CLFS.SYS
Image Path: C:\Windows\system32\CLFS.SYS
Address: 0x83092000 Size: 266240 File Visible: - Signed: -
Status: -

Name: crashdmp.sys
Image Path: C:\Windows\System32\Drivers\crashdmp.sys
Address: 0x8B1C9000 Size: 53248 File Visible: - Signed: -
Status: -

Name: crcdisk.sys
Image Path: C:\Windows\system32\drivers\crcdisk.sys
Address: 0x8B1C0000 Size: 36864 File Visible: - Signed: -
Status: -

Name: dfsc.sys
Image Path: C:\Windows\System32\Drivers\dfsc.sys
Address: 0x8B398000 Size: 94208 File Visible: - Signed: -
Status: -

Name: disk.sys
Image Path: C:\Windows\system32\drivers\disk.sys
Address: 0x8B18E000 Size: 69632 File Visible: - Signed: -
Status: -

Name: drmk.sys
Image Path: C:\Windows\system32\drivers\drmk.sys
Address: 0x8B373000 Size: 151552 File Visible: - Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\Windows\System32\Drivers\dump_atapi.sys
Address: 0x8B1E1000 Size: 32768 File Visible: No Signed: -
Status: -

Name: dump_dumpata.sys
Image Path: C:\Windows\System32\Drivers\dump_dumpata.sys
Address: 0x8B1D6000 Size: 45056 File Visible: No Signed: -
Status: -

Name: Dxapi.sys
Image Path: C:\Windows\System32\drivers\Dxapi.sys
Address: 0x8B1E9000 Size: 40960 File Visible: - Signed: -
Status: -

Name: dxgkrnl.sys
Image Path: C:\Windows\System32\drivers\dxgkrnl.sys
Address: 0x8F128000 Size: 659456 File Visible: - Signed: -
Status: -

Name: ecache.sys
Image Path: C:\Windows\System32\drivers\ecache.sys
Address: 0x8B167000 Size: 159744 File Visible: - Signed: -
Status: -

Name: fastfat.SYS
Image Path: C:\Windows\System32\Drivers\fastfat.SYS
Address: 0x9CFC0000 Size: 163840 File Visible: - Signed: -
Status: -

Name: fdc.sys
Image Path: C:\Windows\system32\DRIVERS\fdc.sys
Address: 0x8F2FF000 Size: 45056 File Visible: - Signed: -
Status: -

Name: fileinfo.sys
Image Path: C:\Windows\system32\drivers\fileinfo.sys
Address: 0x8339F000 Size: 65536 File Visible: - Signed: -
Status: -

Name: flpydisk.sys
Image Path: C:\Windows\system32\DRIVERS\flpydisk.sys
Address: 0x8B30E000 Size: 40960 File Visible: - Signed: -
Status: -

Name: fltmgr.sys
Image Path: C:\Windows\system32\drivers\fltmgr.sys
Address: 0x8336D000 Size: 204800 File Visible: - Signed: -
Status: -

Name: Fs_Rec.SYS
Image Path: C:\Windows\System32\Drivers\Fs_Rec.SYS
Address: 0x8FDFF000 Size: 36864 File Visible: - Signed: -
Status: -

Name: FsUsbExDisk.SYS
Image Path: C:\Windows\system32\FsUsbExDisk.SYS
Address: 0x9CF96000 Size: 36608 File Visible: - Signed: -
Status: -

Name: fwpkclnt.sys
Image Path: C:\Windows\System32\drivers\fwpkclnt.sys
Address: 0x8AED6000 Size: 110592 File Visible: - Signed: -
Status: -

Name: hal.dll
Image Path: C:\Windows\system32\hal.dll
Address: 0x82BB1000 Size: 208896 File Visible: - Signed: -
Status: -

Name: hamachi.sys
Image Path: C:\Windows\system32\DRIVERS\hamachi.sys
Address: 0x8F3F5000 Size: 19456 File Visible: - Signed: -
Status: -

Name: HDAudBus.sys
Image Path: C:\Windows\system32\DRIVERS\HDAudBus.sys
Address: 0x8F1D5000 Size: 577536 File Visible: - Signed: -
Status: -

Name: HIDCLASS.SYS
Image Path: C:\Windows\system32\DRIVERS\HIDCLASS.SYS
Address: 0x8B3DD000 Size: 65536 File Visible: - Signed: -
Status: -

Name: HIDPARSE.SYS
Image Path: C:\Windows\system32\DRIVERS\HIDPARSE.SYS
Address: 0x8FE23000 Size: 28672 File Visible: - Signed: -
Status: -

Name: hidusb.sys
Image Path: C:\Windows\system32\DRIVERS\hidusb.sys
Address: 0x8FFF4000 Size: 36864 File Visible: - Signed: -
Status: -

Name: HTTP.sys
Image Path: C:\Windows\system32\drivers\HTTP.sys
Address: 0x9CCDF000 Size: 446464 File Visible: - Signed: -
Status: -

Name: intelide.sys
Image Path: C:\Windows\system32\drivers\intelide.sys
Address: 0x83322000 Size: 28672 File Visible: - Signed: -
Status: -

Name: intelppm.sys
Image Path: C:\Windows\system32\DRIVERS\intelppm.sys
Address: 0x8B208000 Size: 61440 File Visible: - Signed: -
Status: -

Name: kbdclass.sys
Image Path: C:\Windows\system32\DRIVERS\kbdclass.sys
Address: 0x8B273000 Size: 45056 File Visible: - Signed: -
Status: -

Name: kbdhid.sys
Image Path: C:\Windows\system32\DRIVERS\kbdhid.sys
Address: 0x8FC00000 Size: 36864 File Visible: - Signed: -
Status: -

Name: kdcom.dll
Image Path: C:\Windows\system32\kdcom.dll
Address: 0x83002000 Size: 28672 File Visible: - Signed: -
Status: -

Name: ks.sys
Image Path: C:\Windows\system32\DRIVERS\ks.sys
Address: 0x8B289000 Size: 172032 File Visible: - Signed: -
Status: -

Name: ksecdd.sys
Image Path: C:\Windows\System32\Drivers\ksecdd.sys
Address: 0x8AC0A000 Size: 462848 File Visible: - Signed: -
Status: -

Name: lltdio.sys
Image Path: C:\Windows\system32\DRIVERS\lltdio.sys
Address: 0x9CCB3000 Size: 65536 File Visible: - Signed: -
Status: -

Name: luafv.sys
Image Path: C:\Windows\system32\drivers\luafv.sys
Address: 0x8AFD1000 Size: 110592 File Visible: - Signed: -
Status: -

Name: mcupdate_GenuineIntel.dll
Image Path: C:\Windows\system32\mcupdate_GenuineIntel.dll
Address: 0x83009000 Size: 458752 File Visible: - Signed: -
Status: -

Name: monitor.sys
Image Path: C:\Windows\system32\DRIVERS\monitor.sys
Address: 0x8AFC2000 Size: 61440 File Visible: - Signed: -
Status: -

Name: mouclass.sys
Image Path: C:\Windows\system32\DRIVERS\mouclass.sys
Address: 0x8B27E000 Size: 45056 File Visible: - Signed: -
Status: -

Name: mouhid.sys
Image Path: C:\Windows\system32\DRIVERS\mouhid.sys
Address: 0x8FE1A000 Size: 32768 File Visible: - Signed: -
Status: -

Name: mountmgr.sys
Image Path: C:\Windows\System32\drivers\mountmgr.sys
Address: 0x83337000 Size: 65536 File Visible: - Signed: -
Status: -

Name: mpsdrv.sys
Image Path: C:\Windows\System32\drivers\mpsdrv.sys
Address: 0x9CD82000 Size: 86016 File Visible: - Signed: -
Status: -

Name: mrxdav.sys
Image Path: C:\Windows\system32\drivers\mrxdav.sys
Address: 0x9CD97000 Size: 135168 File Visible: - Signed: -
Status: -

Name: mrxsmb.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb.sys
Address: 0x9CDB8000 Size: 126976 File Visible: - Signed: -
Status: -

Name: mrxsmb10.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb10.sys
Address: 0x9CDD7000 Size: 233472 File Visible: - Signed: -
Status: -

Name: mrxsmb20.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb20.sys
Address: 0x9CE10000 Size: 98304 File Visible: - Signed: -
Status: -

Name: Msfs.SYS
Image Path: C:\Windows\System32\Drivers\Msfs.SYS
Address: 0x8FE67000 Size: 45056 File Visible: - Signed: -
Status: -

Name: msisadrv.sys
Image Path: C:\Windows\system32\drivers\msisadrv.sys
Address: 0x8328B000 Size: 32768 File Visible: - Signed: -
Status: -

Name: msiscsi.sys
Image Path: C:\Windows\system32\DRIVERS\msiscsi.sys
Address: 0x8F349000 Size: 192512 File Visible: - Signed: -
Status: -

Name: msrpc.sys
Image Path: C:\Windows\system32\drivers\msrpc.sys
Address: 0x8AD86000 Size: 176128 File Visible: - Signed: -
Status: -

Name: mssmbios.sys
Image Path: C:\Windows\system32\DRIVERS\mssmbios.sys
Address: 0x8B2C2000 Size: 40960 File Visible: - Signed: -
Status: -

Name: MTictwl.sys
Image Path: C:\Windows\system32\drivers\MTictwl.sys
Address: 0x8FE16000 Size: 13184 File Visible: - Signed: -
Status: -

Name: mup.sys
Image Path: C:\Windows\System32\Drivers\mup.sys
Address: 0x8B158000 Size: 61440 File Visible: - Signed: -
Status: -

Name: ndis.sys
Image Path: C:\Windows\system32\drivers\ndis.sys
Address: 0x8AC7B000 Size: 1093632 File Visible: - Signed: -
Status: -

Name: ndistapi.sys
Image Path: C:\Windows\system32\DRIVERS\ndistapi.sys
Address: 0x8F3DB000 Size: 45056 File Visible: - Signed: -
Status: -

Name: ndiswan.sys
Image Path: C:\Windows\system32\DRIVERS\ndiswan.sys
Address: 0x8B217000 Size: 143360 File Visible: - Signed: -
Status: -

Name: NDProxy.SYS
Image Path: C:\Windows\System32\Drivers\NDProxy.SYS
Address: 0x8B318000 Size: 69632 File Visible: - Signed: -
Status: -

Name: netbios.sys
Image Path: C:\Windows\system32\DRIVERS\netbios.sys
Address: 0x8FF50000 Size: 57344 File Visible: - Signed: -
Status: -

Name: netbt.sys
Image Path: C:\Windows\System32\DRIVERS\netbt.sys
Address: 0x8FE9F000 Size: 204800 File Visible: - Signed: -
Status: -

Name: NETIO.SYS
Image Path: C:\Windows\system32\drivers\NETIO.SYS
Address: 0x8ADB1000 Size: 241664 File Visible: - Signed: -
Status: -

Name: Npfs.SYS
Image Path: C:\Windows\System32\Drivers\Npfs.SYS
Address: 0x8FE72000 Size: 57344 File Visible: - Signed: -
Status: -

Name: nsiproxy.sys
Image Path: C:\Windows\system32\drivers\nsiproxy.sys
Address: 0x8FFE8000 Size: 40960 File Visible: - Signed: -
Status: -

Name: Ntfs.sys
Image Path: C:\Windows\System32\Drivers\Ntfs.sys
Address: 0x8B007000 Size: 1114112 File Visible: - Signed: -
Status: -

Name: NTGLM7X.sys
Image Path: C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys
Address: 0x9CF9F000 Size: 53248 File Visible: - Signed: -
Status: -

Name: ntoskrnl.exe
Image Path: C:\Windows\system32\ntoskrnl.exe
Address: 0x82806000 Size: 3846144 File Visible: - Signed: -
Status: -

Name: Null.SYS
Image Path: C:\Windows\System32\Drivers\Null.SYS
Address: 0x8FE08000 Size: 28672 File Visible: - Signed: -
Status: -

Name: pacer.sys
Image Path: C:\Windows\system32\DRIVERS\pacer.sys
Address: 0x8FF3A000 Size: 90112 File Visible: - Signed: -
Status: -

Name: parport.sys
Image Path: C:\Windows\system32\DRIVERS\parport.sys
Address: 0x8F30A000 Size: 98304 File Visible: - Signed: -
Status: -

Name: partmgr.sys
Image Path: C:\Windows\System32\drivers\partmgr.sys
Address: 0x832BA000 Size: 61440 File Visible: - Signed: -
Status: -

Name: parvdm.sys
Image Path: C:\Windows\system32\DRIVERS\parvdm.sys
Address: 0x9CE9B000 Size: 28672 File Visible: - Signed: -
Status: -

Name: pci.sys
Image Path: C:\Windows\system32\drivers\pci.sys
Address: 0x83293000 Size: 159744 File Visible: - Signed: -
Status: -

Name: PCIIDEX.SYS
Image Path: C:\Windows\system32\drivers\PCIIDEX.SYS
Address: 0x83329000 Size: 57344 File Visible: - Signed: -
Status: -

Name: peauth.sys
Image Path: C:\Windows\system32\drivers\peauth.sys
Address: 0x9CEA2000 Size: 909312 File Visible: - Signed: -
Status: -

Name: PFC027.SYS
Image Path: C:\Windows\system32\DRIVERS\PFC027.SYS
Address: 0x8AF2C000 Size: 611584 File Visible: - Signed: -
Status: -

Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x82806000 Size: 3846144 File Visible: - Signed: -
Status: -

Name: portcls.sys
Image Path: C:\Windows\system32\drivers\portcls.sys
Address: 0x8B346000 Size: 184320 File Visible: - Signed: -
Status: -

Name: PSHED.dll
Image Path: C:\Windows\system32\PSHED.dll
Address: 0x83079000 Size: 69632 File Visible: - Signed: -
Status: -

Name: PxHelp20.sys
Image Path: C:\Windows\system32\DRIVERS\PxHelp20.sys
Address: 0x833AF000 Size: 19392 File Visible: - Signed: -
Status: -

Name: rasacd.sys
Image Path: C:\Windows\System32\DRIVERS\rasacd.sys
Address: 0x8FE80000 Size: 36864 File Visible: - Signed: -
Status: -

Name: rasl2tp.sys
Image Path: C:\Windows\system32\DRIVERS\rasl2tp.sys
Address: 0x8F3C4000 Size: 94208 File Visible: - Signed: -
Status: -

Name: raspppoe.sys
Image Path: C:\Windows\system32\DRIVERS\raspppoe.sys
Address: 0x8F3E6000 Size: 61440 File Visible: - Signed: -
Status: -

Name: raspptp.sys
Image Path: C:\Windows\system32\DRIVERS\raspptp.sys
Address: 0x8B23A000 Size: 81920 File Visible: - Signed: -
Status: -

Name: rassstp.sys
Image Path: C:\Windows\system32\DRIVERS\rassstp.sys
Address: 0x8B24E000 Size: 86016 File Visible: - Signed: -
Status: -

Name: RAW
Image Path: \FileSystem\RAW
Address: 0x82806000 Size: 3846144 File Visible: - Signed: -
Status: -

Name: rdbss.sys
Image Path: C:\Windows\system32\DRIVERS\rdbss.sys
Address: 0x8FFAC000 Size: 245760 File Visible: - Signed: -
Status: -

Name: RDPCDD.sys
Image Path: C:\Windows\System32\DRIVERS\RDPCDD.sys
Address: 0x8FE57000 Size: 32768 File Visible: - Signed: -
Status: -

Name: rdpencdd.sys
Image Path: C:\Windows\system32\drivers\rdpencdd.sys
Address: 0x8FE5F000 Size: 32768 File Visible: - Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0x9CFF1000 Size: 49152 File Visible: No Signed: -
Status: -

Name: rspndr.sys
Image Path: C:\Windows\system32\DRIVERS\rspndr.sys
Address: 0x9CCC3000 Size: 77824 File Visible: - Signed: -
Status: -

Name: RTKVHDA.sys
Image Path: C:\Windows\system32\drivers\RTKVHDA.sys
Address: 0x8FC09000 Size: 2056128 File Visible: - Signed: -
Status: -

Name: Rtlh86.sys
Image Path: C:\Windows\system32\DRIVERS\Rtlh86.sys
Address: 0x8F262000 Size: 135168 File Visible: - Signed: -
Status: -

Name: RushTop.sys
Image Path: C:\Program Files\MSI\DualCoreCenter\RushTop.sys
Address: 0x9CFAC000 Size: 81920 File Visible: - Signed: -
Status: -

Name: secdrv.SYS
Image Path: C:\Windows\System32\Drivers\secdrv.SYS
Address: 0x9CF80000 Size: 40960 File Visible: - Signed: -
Status: -

Name: serenum.sys
Image Path: C:\Windows\system32\DRIVERS\serenum.sys
Address: 0x8F2F5000 Size: 40960 File Visible: - Signed: -
Status: -

Name: serial.sys
Image Path: C:\Windows\system32\DRIVERS\serial.sys
Address: 0x8F2DB000 Size: 106496 File Visible: - Signed: -
Status: -

Name: smb.sys
Image Path: C:\Windows\system32\DRIVERS\smb.sys
Address: 0x8FED1000 Size: 81920 File Visible: - Signed: -
Status: -

Name: spldr.sys
Image Path: C:\Windows\System32\Drivers\spldr.sys
Address: 0x8B150000 Size: 32768 File Visible: - Signed: -
Status: -

Name: spsys.sys
Image Path: C:\Windows\system32\drivers\spsys.sys
Address: 0x9CC03000 Size: 720896 File Visible: - Signed: -
Status: -

Name: srv.sys
Image Path: C:\Windows\System32\DRIVERS\srv.sys
Address: 0x9CE4F000 Size: 311296 File Visible: - Signed: -
Status: -

Name: srv2.sys
Image Path: C:\Windows\System32\DRIVERS\srv2.sys
Address: 0x9CE28000 Size: 159744 File Visible: - Signed: -
Status: -

Name: srvnet.sys
Image Path: C:\Windows\System32\DRIVERS\srvnet.sys
Address: 0x9CD4C000 Size: 118784 File Visible: - Signed: -
Status: -

Name: storport.sys
Image Path: C:\Windows\system32\DRIVERS\storport.sys
Address: 0x8F378000 Size: 266240 File Visible: - Signed: -
Status: -

Name: STREAM.SYS
Image Path: C:\Windows\system32\DRIVERS\STREAM.SYS
Address: 0x8B3ED000 Size: 53248 File Visible: - Signed: -
Status: -

Name: swenum.sys
Image Path: C:\Windows\system32\DRIVERS\swenum.sys
Address: 0x8F3FA000 Size: 4992 File Visible: - Signed: -
Status: -

Name: tcpip.sys
Image Path: C:\Windows\System32\drivers\tcpip.sys
Address: 0x8ADEC000 Size: 958464 File Visible: - Signed: -
Status: -

Name: tcpipreg.sys
Image Path: C:\Windows\System32\drivers\tcpipreg.sys
Address: 0x9CF8A000 Size: 49152 File Visible: - Signed: -
Status: -

Name: TDI.SYS
Image Path: C:\Windows\system32\DRIVERS\TDI.SYS
Address: 0x8F3B9000 Size: 45056 File Visible: - Signed: -
Status: -

Name: tdx.sys
Image Path: C:\Windows\system32\DRIVERS\tdx.sys
Address: 0x8FE89000 Size: 90112 File Visible: - Signed: -
Status: -

Name: termdd.sys
Image Path: C:\Windows\system32\DRIVERS\termdd.sys
Address: 0x8B263000 Size: 65536 File Visible: - Signed: -
Status: -

Name: TSDDD.dll
Image Path: C:\Windows\System32\TSDDD.dll
Address: 0x98630000 Size: 36864 File Visible: - Signed: -
Status: -

Name: tunmp.sys
Image Path: C:\Windows\system32\DRIVERS\tunmp.sys
Address: 0x8B1FF000 Size: 36864 File Visible: - Signed: -
Status: -

Name: tunnel.sys
Image Path: C:\Windows\system32\DRIVERS\tunnel.sys
Address: 0x8B1F4000 Size: 45056 File Visible: - Signed: -
Status: -

Name: udfs.sys
Image Path: C:\Windows\system32\DRIVERS\udfs.sys
Address: 0x8AEF1000 Size: 241664 File Visible: - Signed: -
Status: -

Name: umbus.sys
Image Path: C:\Windows\system32\DRIVERS\umbus.sys
Address: 0x8B2CC000 Size: 53248 File Visible: - Signed: -
Status: -

Name: usbccgp.sys
Image Path: C:\Windows\system32\DRIVERS\usbccgp.sys
Address: 0x8B3C6000 Size: 94208 File Visible: - Signed: -
Status: -

Name: USBD.SYS
Image Path: C:\Windows\system32\DRIVERS\USBD.SYS
Address: 0x8FFF2000 Size: 8192 File Visible: - Signed: -
Status: -

Name: usbehci.sys
Image Path: C:\Windows\system32\DRIVERS\usbehci.sys
Address: 0x8F2CC000 Size: 61440 File Visible: - Signed: -
Status: -

Name: usbhub.sys
Image Path: C:\Windows\system32\DRIVERS\usbhub.sys
Address: 0x8B2D9000 Size: 217088 File Visible: - Signed: -
Status: -

Name: USBPORT.SYS
Image Path: C:\Windows\system32\DRIVERS\USBPORT.SYS
Address: 0x8F28E000 Size: 253952 File Visible: - Signed: -
Status: -

Name: usbuhci.sys
Image Path: C:\Windows\system32\DRIVERS\usbuhci.sys
Address: 0x8F283000 Size: 45056 File Visible: - Signed: -
Status: -

Name: vga.sys
Image Path: C:\Windows\System32\drivers\vga.sys
Address: 0x8FE2A000 Size: 49152 File Visible: - Signed: -
Status: -

Name: VIDEOPRT.SYS
Image Path: C:\Windows\System32\drivers\VIDEOPRT.SYS
Address: 0x8FE36000 Size: 135168 File Visible: - Signed: -
Status: -

Name: vmm.sys
Image Path: C:\Windows\system32\Drivers\vmm.sys
Address: 0x8FF71000 Size: 241664 File Visible: - Signed: -
Status: -

Name: VMNetSrv.sys
Image Path: C:\Windows\system32\DRIVERS\VMNetSrv.sys
Address: 0x8F33A000 Size: 61440 File Visible: - Signed: -
Status: -

Name: volmgr.sys
Image Path: C:\Windows\system32\drivers\volmgr.sys
Address: 0x832C9000 Size: 61440 File Visible: - Signed: -
Status: -

Name: volmgrx.sys
Image Path: C:\Windows\System32\drivers\volmgrx.sys
Address: 0x832D8000 Size: 303104 File Visible: - Signed: -
Status: -

Name: volsnap.sys
Image Path: C:\Windows\system32\drivers\volsnap.sys
Address: 0x8B117000 Size: 233472 File Visible: - Signed: -
Status: -

Name: wanarp.sys
Image Path: C:\Windows\system32\DRIVERS\wanarp.sys
Address: 0x8FF5E000 Size: 77824 File Visible: - Signed: -
Status: -

Name: watchdog.sys
Image Path: C:\Windows\System32\drivers\watchdog.sys
Address: 0x8F1C9000 Size: 49152 File Visible: - Signed: -
Status: -

Name: Wdf01000.sys
Image Path: C:\Windows\system32\drivers\Wdf01000.sys
Address: 0x831B3000 Size: 507904 File Visible: - Signed: -
Status: -

Name: WDFLDR.SYS
Image Path: C:\Windows\system32\drivers\WDFLDR.SYS
Address: 0x8322F000 Size: 53248 File Visible: - Signed: -
Status: -

Name: Win32k
Image Path: \Driver\Win32k
Address: 0x98410000 Size: 2105344 File Visible: - Signed: -
Status: -

Name: win32k.sys
Image Path: C:\Windows\System32\win32k.sys
Address: 0x98410000 Size: 2105344 File Visible: - Signed: -
Status: -

Name: WMILIB.SYS
Image Path: C:\Windows\system32\drivers\WMILIB.SYS
Address: 0x83282000 Size: 36864 File Visible: - Signed: -
Status: -

Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x82806000 Size: 3846144 File Visible: - Signed: -
Status: -

#17 Příspěvek od **motji** » 20 led 2010 20:57

Otestujte na www.virustotal.com
C:\Windows\system32\CI.dll

MH20 · #18 Příspěvek od **MH20** » 21 led 2010 14:37

Zcela Čistý =o)
0/40 0.00%
.......

#19 Příspěvek od **motji** » 21 led 2010 19:32

Já nikde nic nevidím..jak to vypadá s počítačem?
Poprosím o aktuální log ze Rsitu

MH20 · #20 Příspěvek od **MH20** » 21 led 2010 19:49

Malinko se to zlepšilo chyby jsou furt stejné no co se dá dělat

Logfile of random's system information tool 1.06 (written by random/random)
Run by MH20 at 2010-01-21 19:48:13
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 153 GB (32%) free of 477 GB
Total RAM: 3199 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:48:22, on 21.1.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Keyboard Driver\OEMDriver.exe
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\MagicTune Premium\GammaTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\conime.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\eMule\emule.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\MH20\Desktop\Moje\Programy\RSIT.exe
C:\Program Files\trend micro\MH20.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KBDriver] C:\Program Files\Keyboard Driver\OEMDriver.exe
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [Google Updater] "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -systray -startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: ImpulseNow.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
O4 - Startup: reguser.lnk = C:\Windows\System32\reguser.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: DualCoreCenter.lnk = C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
O4 - Global Startup: GammaTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: NCProTray.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {7A0D1738-10EA-47FF-92BE-4E137B5BE1A4} (Stm Class) - https://mpsnare.iesnare.com/StmOCX.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate1ca145bff052e4b) (gupdate1ca145bff052e4b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 12419 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{C9B45C64-ECD0-426B-9FD0-67B0A7DA00B5}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-07-15 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-01-14 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo Layers - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll [2009-11-20 194912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-02-13 4915200]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"KBDriver"=C:\Program Files\Keyboard Driver\OEMDriver.exe [2006-07-25 151552]
"Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"YSearchProtection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-04 98304]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-21 215552]
"Google Updater"=C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2010-01-14 160752]
"NPSStartup"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2289664]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Steam"=c:\program files\steam\steam.exe [2009-10-24 1217808]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2009-10-04 306088]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2009-11-16 172792]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-01-15 102400]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
DualCoreCenter.lnk - C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
GammaTray.lnk - C:\Program Files\MagicTune Premium\GammaTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
NCProTray.lnk - C:\Program Files\SEC\Natural Color Pro\NCProTray.exe

C:\Users\MH20\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
ImpulseNow.lnk - C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
reguser.lnk - C:\Windows\System32\reguser.exe
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2009-10-01 87552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-01-17 19:00:28 ----A---- C:\Windows\ntbtlog.txt
2010-01-16 11:03:01 ----D---- C:\Windows\Minidump
2010-01-15 23:33:10 ----A---- C:\Windows\SWXCACLS.exe
2010-01-15 23:07:43 ----A---- C:\Windows\MBR.exe
2010-01-15 23:02:13 ----A---- C:\Windows\system32\CF20482.exe
2010-01-15 23:02:08 ----A---- C:\Windows\system32\swsc.exe
2010-01-15 16:03:39 ----D---- C:\Users\MH20\AppData\Roaming\PC Suite
2010-01-15 16:03:39 ----D---- C:\ProgramData\PC Suite
2010-01-15 15:59:40 ----D---- C:\Program Files\MarkAnyContentSAFER
2010-01-15 15:30:00 ----A---- C:\Windows\system32\nmwcdcls.dll
2010-01-15 15:29:57 ----D---- C:\Program Files\DIFX
2010-01-15 15:28:40 ----D---- C:\Windows\system32\Samsung_USB_Drivers
2010-01-15 15:28:07 ----A---- C:\Windows\system32\FsUsbExService.Exe
2010-01-15 15:28:07 ----A---- C:\Windows\system32\FsUsbExDevice.Dll
2010-01-15 15:27:53 ----D---- C:\Users\MH20\AppData\Roaming\Samsung
2010-01-15 15:27:21 ----D---- C:\Program Files\MarkAny
2010-01-15 15:27:18 ----D---- C:\Program Files\PC Connectivity Solution
2010-01-15 15:26:42 ----D---- C:\Program Files\Samsung
2010-01-13 16:53:39 ----A---- C:\Windows\system32\t2embed.dll
2010-01-13 16:53:39 ----A---- C:\Windows\system32\fontsub.dll
2010-01-08 22:09:46 ----A---- C:\Windows\system32\aswBoot.exe
2009-12-27 15:25:59 ----D---- C:\Program Files\OpenAL
2009-12-27 15:25:59 ----A---- C:\Windows\system32\wrap_oal.dll
2009-12-27 15:25:59 ----A---- C:\Windows\system32\OpenAL32.dll
2009-12-25 16:37:03 ----D---- C:\Program Files\Microsoft WSE
2009-12-24 11:36:54 ----D---- C:\Program Files\S.W.A.T. 4
2009-12-23 15:21:22 ----D---- C:\Program Files\Dark Messiah of Might and Magic
2009-12-23 00:59:32 ----A---- C:\Windows\system32\xfcodec.dll
2009-12-22 19:35:37 ----A---- C:\Windows\system32\tsccvid.dll
2009-12-22 19:35:34 ----D---- C:\Windows\system32\QuickTime
2009-12-22 19:34:44 ----D---- C:\Program Files\Common Files\TechSmith Shared

======List of files/folders modified in the last 1 months======

2010-01-21 19:48:14 ----D---- C:\Windows\temp
2010-01-21 19:48:14 ----D---- C:\Program Files\trend micro
2010-01-21 19:19:12 ----SHD---- C:\Windows\Installer
2010-01-21 18:47:46 ----D---- C:\Windows\System32
2010-01-21 18:47:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-21 18:47:45 ----D---- C:\Windows\inf
2010-01-21 16:37:22 ----D---- C:\Windows\Tasks
2010-01-21 16:09:06 ----D---- C:\Users\MH20\AppData\Roaming\uTorrent
2010-01-21 15:11:35 ----SHD---- C:\System Volume Information
2010-01-21 14:20:02 ----D---- C:\Program Files\Common Files\Steam
2010-01-21 14:19:19 ----D---- C:\Users\MH20\AppData\Roaming\ICQ
2010-01-21 14:18:57 ----D---- C:\Program Files\Steam
2010-01-20 17:52:55 ----D---- C:\Windows\Prefetch
2010-01-20 16:58:43 ----D---- C:\Windows\system32\drivers
2010-01-20 16:36:13 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-20 16:35:00 ----RD---- C:\Users
2010-01-20 13:50:02 ----D---- C:\Users\MH20\AppData\Roaming\Xfire
2010-01-20 13:38:52 ----RD---- C:\Program Files
2010-01-20 13:38:51 ----D---- C:\ProgramData\NOS
2010-01-20 13:38:49 ----SD---- C:\Windows\Downloaded Program Files
2010-01-18 17:16:57 ----D---- C:\Program Files\Google
2010-01-18 17:16:26 ----D---- C:\Windows\system32\Tasks
2010-01-17 20:11:00 ----D---- C:\Program Files\ATI
2010-01-17 19:00:28 ----D---- C:\Windows
2010-01-17 18:52:31 ----D---- C:\Windows\system32\LogFiles
2010-01-16 19:39:20 ----D---- C:\Program Files\Rockstar Games
2010-01-16 19:39:18 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-16 18:58:11 ----D---- C:\Program Files\Mozilla Firefox
2010-01-16 15:28:52 ----D---- C:\Windows\ModemLogs
2010-01-16 15:28:38 ----SD---- C:\Users\MH20\AppData\Roaming\Microsoft
2010-01-16 11:04:37 ----D---- C:\Windows\system32\catroot2
2010-01-16 11:02:53 ----D---- C:\ProgramData
2010-01-16 11:00:11 ----D---- C:\ProgramData\Google Updater
2010-01-15 23:07:54 ----D---- C:\Qoobox
2010-01-15 23:02:13 ----D---- C:\Windows\system32\cs-CZ
2010-01-15 16:06:59 ----D---- C:\Windows\system32\catroot
2010-01-15 15:29:55 ----DC---- C:\Windows\system32\DRVSTORE
2010-01-15 15:21:03 ----D---- C:\Program Files\Common Files\Adobe
2010-01-14 16:40:15 ----D---- C:\ProgramData\Xfire
2010-01-14 16:12:11 ----D---- C:\Windows\winsxs
2010-01-14 16:07:18 ----D---- C:\Program Files\Windows Mail
2010-01-14 16:04:39 ----D---- C:\Windows\Debug
2010-01-14 15:56:23 ----D---- C:\Program Files\Yahoo!
2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-01-11 20:30:10 ----D---- C:\Windows\WindowsMobile
2010-01-09 23:21:53 ----D---- C:\Program Files\Game Cam
2010-01-09 18:25:03 ----D---- C:\ProgramData\Test Drive Unlimited
2010-01-05 13:27:31 ----D---- C:\Program Files\Xfire
2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe
2010-01-02 21:51:26 ----D---- C:\Program Files\DriftCity
2010-01-02 18:58:04 ----A---- C:\Windows\NeroDigital.ini
2009-12-30 11:18:48 ----D---- C:\Program Files\ICQ6.5
2009-12-25 16:37:08 ----RSD---- C:\Windows\assembly
2009-12-25 16:28:18 ----D---- C:\Program Files\Electronic Arts
2009-12-22 19:34:44 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-07-19 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 NCPro;NCPro; C:\Windows\system32\drivers\MTictwl.sys [2007-12-05 13184]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2007-02-18 232816]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 103440]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-11-04 5079040]
R3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys [2008-02-27 28160]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-04-23 26176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-02-14 2061528]
R3 PAC207;i-Look 111; C:\Windows\system32\DRIVERS\PFC027.SYS [2007-06-29 611584]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-14 118784]
R3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files\MSI\DualCoreCenter\RushTop.sys [2008-04-23 56320]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\Windows\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
S3 catchme;catchme; \??\C:\Users\MH20\AppData\Local\Temp\catchme.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MagicTune;MagicTune; C:\Windows\system32\drivers\MTiCtwl.sys [2007-12-05 13184]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2009-10-02 32768]
S3 TKFsAc;TKFsAc; \??\C:\Windows\system32\TKFsAc2k.sys []
S3 TKFsAv;TKFsAv; \??\C:\Windows\system32\TKFsAv2k.sys []
S3 TKFsFt;TKFsFt; \??\C:\Windows\system32\TKFsFt2k.sys []
S3 TKRgAc;TKRgAc; \??\C:\Windows\system32\TKRgAc2k.sys []
S3 TKRgFt;TKRgFt; \??\C:\Windows\system32\TKRgFtXp.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 w800bus;Sony Ericsson W800 driver (WDM); C:\Windows\system32\DRIVERS\w800bus.sys [2005-06-13 60768]
S3 w800mgmt;Sony Ericsson W800 USB WMC Device Management Drivers; C:\Windows\system32\DRIVERS\w800mgmt.sys [2005-05-24 79216]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-08-03 721904]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-11-04 172032]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]
R2 MagicTuneEngine;MagicTuneEngine; C:\Program Files\MagicTune Premium\MagicTuneEngine.exe [2007-08-23 45056]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-08-11 75064]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2009-12-16 185640]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-19 348344]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-01-20 326792]
S2 gupdate1ca145bff052e4b;Služba Google Update (gupdate1ca145bff052e4b); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-03 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-01-14 194032]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-08-04 68096]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-11-02 3341224]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

#21 Příspěvek od **motji** » 21 led 2010 22:57

Opravu přes vista manager jste zkoušel?

Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky

MH20 · #22 Příspěvek od **MH20** » 22 led 2010 13:03

ten už jse jednou měl ale tto bylo katastrofický nejenom že mi nějak zhoršil grafickou kartu (či co po odinstalování gráfka byla v pohodě asi to něco blokovalo) ale taky mi vista manager pohoršil IE ted vždy při startu načítání mého profilu to trvá 2x déle a mám černou obrazovku zda chci vymazat nastavení v ie dám ne a plocha se načte blbla bla chyby skripty vouáááu...nervy....radši to už nechci zkoušet předtím to taky nešlo

sken udělám přez noc =o)

jinak přeji pěkný víkend

#23 Příspěvek od **motji** » 22 led 2010 18:36

Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:9B285B76

:files
C:\Windows\System32\GameMon.des
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s 
C:\Program Files\Yahoo!\SoftwareUpdate
C:\Program Files\DAEMON Tools Toolbar

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes Anti-Malware (reboot)"=-
"NPSStartup"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-

:Services
YahooAUService
TKFsAc
TKFsAv
TKFsFt
TKRgAc
TKRgFt
nProtect GameGuard Service
catchme

:COMMANDS
[clearallrestorepoints]
[Reboot]

-klikněte na tlačítko Run fix.
-Následně se pc restartuje.
- Log vložte zde

Nepoužívám IE, ale někde v nastavení by měla být možnost nastavení, jestli při zavření IE mazat historii. Ještě to zkusím projít

edit - oprava skriptu

MH20 · #24 Příspěvek od **MH20** » 22 led 2010 18:39

mohl bych poprosit link na download OTL ?

#25 Příspěvek od **motji** » 22 led 2010 19:02

OTL by jste měl mít v pc, dělal jste z něj log

http://oldtimer.geekstogo.com/OTL.exe

#26 Příspěvek od **motji** » 23 led 2010 07:27

Měla jsech chybku ve skriptu

, pokud jste ho už dělal, udělejte ho prosím znovu

, už je opravený

MH20 · #27 Příspěvek od **MH20** » 23 led 2010 10:16

OTL logfile created on: 23.1.2010 10:05:45 - Run 2
OTL by OldTimer - Version 3.1.25.4 Folder = C:\Users\MH20\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 29,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 59,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 143,97 Gb Free Space | 30,91% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MH20-PC
Current User Name: MH20
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.01.22 21:41:07 | 00,547,840 | ---- | M] (OldTimer Tools) -- C:\Users\MH20\Desktop\OTL.exe
PRC - [2010.01.20 16:38:36 | 00,326,792 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2010.01.15 15:58:15 | 00,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2010.01.02 07:40:20 | 00,638,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009.12.23 00:59:28 | 03,192,720 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe
PRC - [2009.12.16 09:14:52 | 00,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2009.11.16 16:36:19 | 00,172,792 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ6.5\ICQ.exe
PRC - [2009.11.04 16:45:32 | 00,360,448 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.11.04 16:45:02 | 00,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.10.31 20:13:34 | 00,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
PRC - [2009.10.29 12:27:54 | 01,074,568 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2009.10.28 20:21:26 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009.10.28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009.10.28 04:31:14 | 00,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe
PRC - [2009.10.24 11:36:20 | 01,217,808 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2009.10.04 15:32:56 | 01,457,064 | ---- | M] (Take-Two Interactive Software, Inc.) -- C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
PRC - [2009.08.11 18:06:51 | 00,075,064 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe
PRC - [2009.07.29 20:20:35 | 00,365,872 | ---- | M] (Stardock Corporation) -- C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
PRC - [2009.07.09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009.05.19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009.04.22 17:38:50 | 00,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2009.04.22 17:37:16 | 00,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2009.04.11 07:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.03.31 09:39:36 | 00,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009.03.30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.03.30 16:28:36 | 00,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.02.23 14:05:34 | 00,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2009.02.06 17:21:00 | 00,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2009.02.06 16:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2008.12.12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008.11.09 21:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.07.19 16:38:34 | 00,078,008 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2008.07.19 16:38:28 | 00,147,640 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2008.07.19 16:38:04 | 00,250,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2008.07.19 16:34:56 | 00,348,344 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2008.07.19 16:25:06 | 00,016,056 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008.04.23 09:45:26 | 31,256,576 | ---- | M] () -- C:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe
PRC - [2008.03.25 19:49:02 | 00,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2008.03.25 19:49:00 | 00,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2008.03.25 19:40:42 | 00,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2008.02.28 16:07:58 | 01,828,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008.02.28 16:07:48 | 00,529,704 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
PRC - [2008.02.26 13:13:22 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2008.02.26 13:08:32 | 02,289,664 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2008.02.13 06:52:10 | 04,915,200 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.01.21 03:25:33 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 03:23:32 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008.01.21 03:23:24 | 00,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2007.08.23 14:05:18 | 00,045,056 | ---- | M] () -- C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
PRC - [2007.03.11 20:34:40 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2007.01.15 15:18:00 | 00,036,864 | ---- | M] () -- C:\Program Files\MagicTune Premium\GammaTray.exe
PRC - [2006.11.03 10:01:16 | 00,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\PAC207\Monitor.exe
PRC - [2006.07.25 19:07:30 | 00,151,552 | ---- | M] () -- C:\Program Files\Keyboard Driver\OEMDriver.exe
PRC - [2006.04.10 13:24:20 | 00,049,220 | ---- | M] (Samsung) -- C:\Program Files\SEC\Natural Color Pro\NCProTray.exe

========== Modules (SafeList) ==========

MOD - [2010.01.22 21:41:07 | 00,547,840 | ---- | M] (OldTimer Tools) -- C:\Users\MH20\Desktop\OTL.exe
MOD - [2009.12.23 00:59:40 | 00,938,384 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\xfire_toucan_40700.dll
MOD - [2009.04.11 07:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008.01.21 03:23:45 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
MOD - [2003.02.21 04:42:22 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSVCR71.dll

========== Win32 Services (SafeList) ==========

SRV - [2010.01.20 16:38:36 | 00,326,792 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.01.14 17:14:24 | 00,194,032 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009.12.16 09:14:52 | 00,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009.11.04 16:45:02 | 00,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.11.02 22:51:00 | 03,341,224 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009.10.29 12:27:54 | 01,074,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2009.10.28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009.09.25 02:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.08.11 18:06:51 | 00,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009.08.05 21:48:42 | 00,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009.08.04 21:57:32 | 00,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2009.08.03 18:01:05 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1ca145bff052e4b) Služba Google Update (gupdate1ca145bff052e4b)
SRV - [2009.07.09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009.05.19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009.03.31 09:39:36 | 00,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.03.30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.02.18 19:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.12.12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008.11.19 18:23:16 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2008.11.09 21:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008.07.19 16:38:28 | 00,147,640 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2008.07.19 16:38:04 | 00,250,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2008.07.19 16:34:56 | 00,348,344 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2008.07.19 16:25:06 | 00,016,056 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.07.18 12:13:20 | 00,053,760 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\System32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2008.07.18 12:13:20 | 00,044,032 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\System32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2008.04.07 09:17:30 | 00,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.03.25 20:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008.02.28 16:07:48 | 00,529,704 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2008.02.26 13:13:22 | 00,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2008.01.21 03:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.21 03:23:24 | 00,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008.01.21 03:23:24 | 00,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.08.23 14:05:18 | 00,045,056 | ---- | M] () [Auto | Running] -- C:\Program Files\MagicTune Premium\MagicTuneEngine.exe -- (MagicTuneEngine)
SRV - [2006.11.02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2005.04.04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.07.28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

========== Driver Services (SafeList) ==========

DRV - [2009.11.04 17:16:46 | 05,079,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.10.02 00:41:44 | 00,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2009.09.30 15:31:46 | 00,103,440 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.08.05 21:48:42 | 00,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009.08.05 12:11:02 | 00,344,064 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\TKFsAv.dll -- (TKFsAv)
DRV - [2009.08.05 12:11:02 | 00,155,648 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\TKFsAc.dll -- (TKFsAc)
DRV - [2009.08.05 12:11:02 | 00,147,456 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\TKRgAc.dll -- (TKRgAc)
DRV - [2009.08.05 12:11:02 | 00,143,360 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\TKRgFt.dll -- (TKRgFt)
DRV - [2009.08.05 12:11:02 | 00,143,360 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\TKFsFt.dll -- (TKFsFt)
DRV - [2009.08.03 19:15:55 | 00,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009.05.18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009.04.23 10:15:06 | 00,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.04.11 05:42:52 | 00,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009.03.31 09:39:36 | 00,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 10:01:26 | 00,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 10:01:26 | 00,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009.03.20 10:01:26 | 00,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2008.07.19 16:37:42 | 00,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008.07.19 16:36:03 | 00,051,280 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2008.07.19 16:35:18 | 00,078,416 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2008.07.19 16:33:42 | 00,023,152 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008.07.19 16:32:36 | 00,042,912 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2008.04.23 09:38:50 | 00,056,320 | ---- | M] (Your Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\DualCoreCenter\RushTop.sys -- (RushTopDevice2)
DRV - [2008.02.27 07:08:04 | 00,028,160 | ---- | M] (MICRO-STAR INT'L CO., LTD.) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys -- (DualCoreCenter)
DRV - [2008.02.14 10:03:10 | 02,061,528 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.02.14 07:56:02 | 00,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.01.21 03:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 03:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 03:23:27 | 00,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 03:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 03:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 03:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 03:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 03:23:25 | 00,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 03:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 03:23:24 | 00,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 03:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 03:23:23 | 00,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 03:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 03:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 03:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 03:23:22 | 00,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 03:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 03:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 03:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 03:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 03:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 03:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 03:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.12.05 15:01:06 | 00,013,184 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Running] -- C:\Windows\system32\drivers\MTictwl.sys -- (NCPro)
DRV - [2007.12.05 15:01:06 | 00,013,184 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MTiCtwl.sys -- (MagicTune)
DRV - [2007.09.17 15:53:26 | 00,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.29 15:32:08 | 00,611,584 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2007.06.29 13:47:34 | 00,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007.02.18 00:15:34 | 00,232,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VMM.sys -- (vmm)
DRV - [2007.01.29 06:20:34 | 00,059,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2006.11.02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2005.06.13 09:03:12 | 00,060,768 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\w800bus.sys -- (w800bus) Sony Ericsson W800 driver (WDM)
DRV - [2005.05.24 15:00:56 | 00,079,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\w800mgmt.sys -- (w800mgmt)
DRV - [2004.05.07 15:01:14 | 00,020,016 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\PxHelp20.sys -- (PxHelp20)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/def ... earch.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {9565115d-c7d6-46d3-bd63-b67b481a4368}:2.4.0.4
FF - prefs.js..extensions.enabledItems: plugin@yontoo.com:1.10.01
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.01.16 18:58:11 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.01.22 18:22:59 | 00,000,000 | ---D | M]

[2009.12.01 15:39:47 | 00,000,000 | ---D | M] -- C:\Users\MH20\AppData\Roaming\Mozilla\Extensions
[2009.12.01 15:39:47 | 00,000,000 | ---D | M] -- C:\Users\MH20\AppData\Roaming\Mozilla\Extensions\IMVUClientXUL@imvu.com
[2010.01.14 17:46:47 | 00,000,000 | ---D | M] -- C:\Users\MH20\AppData\Roaming\Mozilla\Firefox\Profiles\rjr6if9x.default\extensions
[2009.11.23 20:44:52 | 00,000,000 | ---D | M] (PageRage Toolbar) -- C:\Users\MH20\AppData\Roaming\Mozilla\Firefox\Profiles\rjr6if9x.default\extensions\{9565115d-c7d6-46d3-bd63-b67b481a4368}
[2009.11.23 20:44:49 | 00,000,000 | ---D | M] -- C:\Users\MH20\AppData\Roaming\Mozilla\Firefox\Profiles\rjr6if9x.default\extensions\plugin@yontoo.com
[2009.08.07 22:40:05 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.07.02 23:34:44 | 00,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
[2009.07.30 23:15:16 | 00,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.07.30 23:15:16 | 00,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.07.30 23:15:16 | 00,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.07.30 23:15:16 | 00,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.07.30 23:15:16 | 00,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2006.09.18 22:41:30 | 00,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll (Yontoo Technology, Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Google Updater] C:\Program Files\Google\Google Updater\GoogleUpdater.exe (Google)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KBDriver] C:\Program Files\Keyboard Driver\OEMDriver.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\MH20\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ImpulseNow.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe (Stardock Corporation)
O4 - Startup: C:\Users\MH20\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\reguser.lnk = C:\Windows\System32\reguser.exe (Microsoft Corporation)
O4 - Startup: C:\Users\MH20\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7A0D1738-10EA-47FF-92BE-4E137B5BE1A4} https://mpsnare.iesnare.com/StmOCX.cab (Stm Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\MH20\Documents\Pictures\So Annoyin\techno-utopia.jpg
O24 - Desktop BackupWallPaper: C:\Users\MH20\Documents\Pictures\So Annoyin\techno-utopia.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
OTL cannot clear restorepoints on Vista OSs!

========== Files/Folders - Created Within 30 Days ==========

[2010.01.22 21:41:01 | 00,547,840 | ---- | C] (OldTimer Tools) -- C:\Users\MH20\Desktop\OTL.exe
[2010.01.22 19:33:03 | 00,000,000 | ---D | C] -- C:\Users\MH20\AppData\Local\wanted
[2010.01.22 19:22:04 | 00,000,000 | ---D | C] -- C:\Program Files\Resident Evil 3
[2010.01.22 19:01:47 | 00,000,000 | ---D | C] -- C:\Program Files\Wanted Weapons of Fate
[2010.01.22 12:45:11 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.01.22 12:45:11 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.01.22 12:45:10 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.01.22 12:45:10 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.01.22 12:45:10 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.01.22 12:45:10 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.01.22 12:45:10 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.01.22 12:45:10 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.01.22 12:45:10 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.01.22 12:45:09 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.01.22 12:45:09 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.01.22 12:45:09 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.01.22 12:45:09 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.01.22 12:45:09 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.01.16 16:09:14 | 00,000,000 | ---D | C] -- C:\Users\MH20\Desktop\samsung games
[2010.01.16 11:03:01 | 00,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.01.15 23:33:10 | 00,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010.01.15 23:02:13 | 00,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CF20482.exe
[2010.01.15 23:02:08 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\swsc.exe
[2010.01.15 20:32:57 | 00,000,000 | ---D | C] -- C:\Users\MH20\Documents\My Art
[2010.01.15 16:04:16 | 00,000,000 | ---D | C] -- C:\Users\MH20\Documents\NPS
[2010.01.15 16:03:39 | 00,000,000 | ---D | C] -- C:\Users\MH20\AppData\Roaming\PC Suite
[2010.01.15 16:03:39 | 00,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2010.01.15 15:59:40 | 00,000,000 | ---D | C] -- C:\Program Files\MarkAnyContentSAFER
[2010.01.15 15:30:00 | 00,090,624 | ---- | C] (Nokia) -- C:\Windows\System32\nmwcdcls.dll
[2010.01.15 15:29:57 | 00,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010.01.15 15:29:55 | 00,021,632 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2010.01.15 15:29:24 | 00,121,856 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdm.sys
[2010.01.15 15:29:24 | 00,090,112 | ---- | C] (MCCI) -- C:\Windows\System32\drivers\ss_bbus.sys
[2010.01.15 15:29:24 | 00,014,976 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdfl.sys
[2010.01.15 15:29:24 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwhnt.sys
[2010.01.15 15:29:24 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwh.sys
[2010.01.15 15:29:24 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcmnt.sys
[2010.01.15 15:29:24 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcm.sys
[2010.01.15 15:28:40 | 00,000,000 | ---D | C] -- C:\Windows\System32\Samsung_USB_Drivers
[2010.01.15 15:28:07 | 00,233,472 | ---- | C] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
[2010.01.15 15:28:06 | 00,000,000 | ---D | C] -- C:\Users\MH20\Documents\My NPS Files
[2010.01.15 15:27:53 | 00,000,000 | ---D | C] -- C:\Users\MH20\AppData\Roaming\Samsung
[2010.01.15 15:27:21 | 00,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2010.01.15 15:27:18 | 00,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010.01.15 15:26:42 | 00,000,000 | ---D | C] -- C:\Program Files\Samsung
[2010.01.15 15:21:53 | 00,000,000 | ---D | C] -- C:\Users\MH20\AppData\Local\Downloaded Installations
[2010.01.13 16:53:39 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.01.13 16:53:39 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.01.08 22:10:20 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010.01.08 22:10:19 | 00,042,912 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010.01.08 22:10:04 | 00,094,392 | ---- | C] (ALWIL Software) -- C:\Windows\System32\AvastSS.scr
[2010.01.08 22:10:04 | 00,078,416 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010.01.08 22:10:04 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010.01.08 22:09:46 | 01,163,960 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010.01.08 22:09:46 | 00,051,280 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2009.12.27 18:30:53 | 00,000,000 | ---D | C] -- C:\Users\MH20\AppData\Local\kaneandlynch
[2009.12.27 15:25:59 | 00,409,600 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2009.12.27 15:25:59 | 00,114,688 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2009.12.27 15:25:59 | 00,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2009.12.25 19:22:39 | 00,000,000 | ---D | C] -- C:\Users\MH20\Documents\Electronic Arts
[2009.12.25 16:37:03 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE
[2009.12.25 16:02:44 | 00,000,000 | ---D | C] -- C:\Users\MH20\Desktop\the sims 3
[2009.12.24 11:36:54 | 00,000,000 | ---D | C] -- C:\Program Files\S.W.A.T. 4
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.01.23 10:10:07 | 04,456,448 | -HS- | M] () -- C:\Users\MH20\ntuser.dat
[2010.01.23 09:44:05 | 00,000,464 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C9B45C64-ECD0-426B-9FD0-67B0A7DA00B5}.job
[2010.01.23 09:42:07 | 00,000,972 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.01.23 09:38:21 | 00,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.01.23 09:38:12 | 00,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.01.23 09:38:12 | 00,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.01.23 09:38:11 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.01.23 09:38:03 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.01.23 09:37:37 | 33,546,48576 | -HS- | M] () -- C:\hiberfil.sys
[2010.01.23 08:19:06 | 00,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.01.23 08:16:14 | 01,393,902 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.01.23 08:16:14 | 00,600,270 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.01.23 08:16:14 | 00,587,654 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.01.23 08:16:14 | 00,115,502 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.01.23 08:16:14 | 00,101,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.01.22 21:55:36 | 00,524,288 | -HS- | M] () -- C:\Users\MH20\ntuser.dat{7af6d4f6-c084-11de-ba25-001d9297f0be}.TMContainer00000000000000000001.regtrans-ms
[2010.01.22 21:55:36 | 00,065,536 | -HS- | M] () -- C:\Users\MH20\ntuser.dat{7af6d4f6-c084-11de-ba25-001d9297f0be}.TM.blf
[2010.01.22 21:55:21 | 03,584,858 | -H-- | M] () -- C:\Users\MH20\AppData\Local\IconCache.db
[2010.01.22 21:41:07 | 00,547,840 | ---- | M] (OldTimer Tools) -- C:\Users\MH20\Desktop\OTL.exe
[2010.01.22 19:28:40 | 00,019,094 | ---- | M] () -- C:\Users\MH20\Desktop\Fotografie0117jj.jpg
[2010.01.22 17:53:20 | 00,007,836 | ---- | M] () -- C:\Users\MH20\AppData\Local\d3d9caps.dat
[2010.01.22 16:23:50 | 58,809,856 | ---- | M] () -- C:\Users\MH20\Documents\y ghfcy -sk8z.avi
[2010.01.22 16:20:41 | 02,197,601 | ---- | M] () -- C:\Users\MH20\Documents\3.wmv
[2010.01.22 16:20:27 | 02,149,601 | ---- | M] () -- C:\Users\MH20\Documents\2.wmv
[2010.01.22 16:19:59 | 02,173,601 | ---- | M] () -- C:\Users\MH20\Documents\1.wmv
[2010.01.22 16:18:18 | 02,109,589 | ---- | M] () -- C:\Users\MH20\Documents\movie2.wmv
[2010.01.22 16:17:46 | 02,109,589 | ---- | M] () -- C:\Users\MH20\Documents\movie3.wmv
[2010.01.22 16:17:44 | 02,117,595 | ---- | M] () -- C:\Users\MH20\Documents\movie1.wmv
[2010.01.22 16:17:41 | 17,609,632 | ---- | M] () -- C:\Users\MH20\Desktop\Mango - Kisses (Original Mix).mp3
[2010.01.22 16:17:11 | 02,109,589 | ---- | M] () -- C:\Users\MH20\Documents\movie4.wmv
[2010.01.22 16:02:08 | 02,165,589 | ---- | M] () -- C:\Users\MH20\Documents\04.wmv
[2010.01.22 16:01:27 | 02,173,589 | ---- | M] () -- C:\Users\MH20\Documents\03.wmv
[2010.01.22 16:01:15 | 02,165,595 | ---- | M] () -- C:\Users\MH20\Documents\01.wmv
[2010.01.22 16:01:04 | 02,165,589 | ---- | M] () -- C:\Users\MH20\Documents\02.wmv
[2010.01.21 21:19:15 | 00,169,984 | ---- | M] () -- C:\Users\MH20\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.21 18:12:32 | 10,652,176 | ---- | M] () -- C:\Users\MH20\Desktop\new subject.mp3
[2010.01.20 21:58:51 | 16,817,074 | ---- | M] () -- C:\Users\MH20\Desktop\Faxin' It By Plox (MH20's Last Edit).mp3
[2010.01.17 20:08:14 | 00,417,200 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.01.16 18:00:54 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010.01.16 11:02:53 | 19,591,8953 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.01.15 23:01:57 | 00,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CF20482.exe
[2010.01.15 15:57:58 | 00,005,632 | ---- | M] () -- C:\Windows\System32\drivers\StarOpen.sys
[2010.01.14 11:12:06 | 00,181,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.01.12 16:03:42 | 00,000,552 | ---- | M] () -- C:\Users\MH20\AppData\Local\d3d8caps.dat
[2010.01.11 20:30:58 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
[2010.01.09 15:23:24 | 20,272,08104 | ---- | M] () -- C:\Users\MH20\Desktop\[NGC]Resident Evil Zero[PAL][Multi6][ESPALWii.com].rar
[2010.01.08 22:10:06 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010.01.08 16:11:58 | 03,745,391 | ---- | M] () -- C:\Users\MH20\Desktop\Miley Cyrus When I look at you me singing.wmv
[2010.01.07 15:44:32 | 00,372,672 | ---- | M] () -- C:\Users\MH20\Documents\BuddyPokeCards1
[2010.01.07 15:43:15 | 00,331,300 | ---- | M] () -- C:\Users\MH20\Documents\BuddyPokeCards.pdf
[2010.01.02 18:58:04 | 00,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.01.02 15:41:19 | 05,169,113 | ---- | M] () -- C:\Users\MH20\Desktop\New Yorker TV Spot 2009 Drop Dead Gorgeous.wmv
[2010.01.02 07:33:32 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.01.02 07:33:32 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.01.02 07:32:51 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.01.02 07:32:46 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.01.02 07:32:33 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.01.02 07:32:33 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.01.02 07:32:33 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.01.02 07:32:32 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.01.02 07:32:32 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.01.02 07:32:26 | 00,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.01.02 05:57:00 | 00,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.01.02 05:56:50 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.01.02 05:56:14 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.01.02 05:55:54 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009.12.27 15:25:59 | 00,409,600 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2009.12.27 15:25:59 | 00,114,688 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

MH20 · #28 Příspěvek od **MH20** » 23 led 2010 10:18

========== Files Created - No Company Name ==========

[2010.01.22 19:28:22 | 00,019,094 | ---- | C] () -- C:\Users\MH20\Desktop\Fotografie0117jj.jpg
[2010.01.22 16:23:48 | 58,809,856 | ---- | C] () -- C:\Users\MH20\Documents\ Tvghgfy -sk8z.avi
[2010.01.22 16:20:40 | 02,197,601 | ---- | C] () -- C:\Users\MH20\Documents\3.wmv
[2010.01.22 16:20:27 | 02,149,601 | ---- | C] () -- C:\Users\MH20\Documents\2.wmv
[2010.01.22 16:19:58 | 02,173,601 | ---- | C] () -- C:\Users\MH20\Documents\1.wmv
[2010.01.22 16:18:18 | 02,109,589 | ---- | C] () -- C:\Users\MH20\Documents\movie2.wmv
[2010.01.22 16:17:46 | 02,109,589 | ---- | C] () -- C:\Users\MH20\Documents\movie3.wmv
[2010.01.22 16:17:44 | 02,117,595 | ---- | C] () -- C:\Users\MH20\Documents\movie1.wmv
[2010.01.22 16:17:11 | 02,109,589 | ---- | C] () -- C:\Users\MH20\Documents\movie4.wmv
[2010.01.22 16:02:08 | 02,165,589 | ---- | C] () -- C:\Users\MH20\Documents\04.wmv
[2010.01.22 16:01:27 | 02,173,589 | ---- | C] () -- C:\Users\MH20\Documents\03.wmv
[2010.01.22 16:01:15 | 02,165,595 | ---- | C] () -- C:\Users\MH20\Documents\01.wmv
[2010.01.22 16:01:00 | 02,165,589 | ---- | C] () -- C:\Users\MH20\Documents\02.wmv
[2010.01.22 14:08:13 | 17,609,632 | ---- | C] () -- C:\Users\MH20\Desktop\Mango - Kisses (Original Mix).mp3
[2010.01.20 21:34:52 | 16,817,074 | ---- | C] () -- C:\Users\MH20\Desktop\Faxin' It By Plox (MH20's Last Edit).mp3
[2010.01.17 20:07:58 | 33,546,48576 | -HS- | C] () -- C:\hiberfil.sys
[2010.01.17 11:17:19 | 10,652,176 | ---- | C] () -- C:\Users\MH20\Desktop\new subject.mp3
[2010.01.16 18:00:54 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010.01.16 11:02:53 | 19,591,8953 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.01.15 23:07:43 | 00,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010.01.15 15:28:07 | 00,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.01.15 15:28:07 | 00,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.01.11 20:30:58 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
[2010.01.08 22:09:46 | 00,380,928 | ---- | C] () -- C:\Windows\System32\actskin4.ocx
[2010.01.08 16:11:54 | 03,745,391 | ---- | C] () -- C:\Users\MH20\Desktop\Miley Cyrus When I look at you me singing.wmv
[2010.01.07 15:44:31 | 00,372,672 | ---- | C] () -- C:\Users\MH20\Documents\BuddyPokeCards1
[2010.01.07 15:43:12 | 00,331,300 | ---- | C] () -- C:\Users\MH20\Documents\BuddyPokeCards.pdf
[2010.01.02 15:41:06 | 05,169,113 | ---- | C] () -- C:\Users\MH20\Desktop\New Yorker TV Spot 2009 Drop Dead Gorgeous.wmv
[2009.12.23 00:59:32 | 00,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009.11.06 10:58:04 | 00,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.09.08 16:23:09 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.08.11 18:07:18 | 00,139,904 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.08.11 15:08:31 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.08 10:38:40 | 00,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.08.06 19:25:59 | 01,511,424 | ---- | C] () -- C:\Windows\System32\sn3win.dll
[2009.08.05 20:45:21 | 00,000,052 | ---- | C] () -- C:\Users\MH20\AppData\Local\Temp.vbs
[2009.08.03 21:21:05 | 00,169,984 | ---- | C] () -- C:\Users\MH20\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.08.03 19:54:20 | 00,000,552 | ---- | C] () -- C:\Users\MH20\AppData\Local\d3d8caps.dat
[2009.08.03 19:20:59 | 00,000,284 | ---- | C] () -- C:\Windows\System32\Remover.ini
[2009.08.03 18:24:02 | 00,003,842 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009.08.03 18:03:38 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.08.03 17:13:59 | 00,009,216 | ---- | C] () -- C:\Windows\System32\drivers\FlashSys.sys
[2009.08.03 17:13:23 | 00,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2009.08.03 17:01:23 | 00,007,836 | ---- | C] () -- C:\Users\MH20\AppData\Local\d3d9caps.dat
[2008.10.07 08:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 08:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.10.25 17:26:10 | 00,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007.06.29 10:07:36 | 00,000,566 | ---- | C] () -- C:\Windows\System32\SP207.ini
[2006.11.02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003.04.09 14:38:04 | 00,005,664 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[1993.07.23 18:31:02 | 00,210,944 | ---- | C] () -- C:\Windows\System32\Msvcrt10.dll

========== Custom Scans ==========

< :OTL >

< PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) >

< O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. >

< O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. >

< O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. >

< O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) >
Invalid Switch: gp.cab (Reg Error: Key error.)

< @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86 >

< @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:9B285B76 >

< >

< :files >

< C:\Windows\System32\GameMon.des >
[2009.11.02 22:51:00 | 03,341,224 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

< C:\WINDOWS\system32\*.tmp.dll /s >

< C:\WINDOWS\system32\SET*.tmp /s >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< C:\WINDOWS\*.tmp /s >
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[6 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[2 C:\WINDOWS\SoftwareDistribution\Download\606f251da9c513f463bc9226469202fb\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\606f251da9c513f463bc9226469202fb\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[32 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]

< C:\Program Files\Yahoo!\SoftwareUpdate >

< C:\Program Files\DAEMON Tools Toolbar >

< >

< :reg >

< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] >

< "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=- >

< [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] >

< "Malwarebytes Anti-Malware (reboot)"=- >

< "NPSStartup"=- >

< [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] >

< [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] >

< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] >

< "{32099AAC-C132-4136-9E9A-4E364A424E17}"=- >

< >

< :Services >

< YahooAUService >

< TKFsAc >

< TKFsAv >

< TKFsFt >

< TKRgAc >

< TKRgFt >

< nProtect GameGuard Service >

< catchme >

< >

< :COMMANDS >

< [Reboot] >

< >

========== Files - Unicode (All) ==========
[2009.12.25 20:21:30 | 37,714,41553 | ---- | M] ()(C:\Users\MH20\Desktop\[????].[PC-GAME][ENG].Kane.and.Lynch.Dead.Men.[RAS][RiP].rar) -- C:\Users\MH20\Desktop\[喋血双雄].[PC-GAME][ENG].Kane.and.Lynch.Dead.Men.[RAS][RiP].rar
[2009.11.28 01:03:00 | 29,842,23623 | ---- | M] ()(C:\Users\MH20\Desktop\[???:??????].Batman.Arkham.Asylum.movies.rar) -- C:\Users\MH20\Desktop\[蝙蝠侠：阿卡姆疯人院].Batman.Arkham.Asylum.movies.rar
[2009.11.08 12:47:16 | 20,793,672 | ---- | M] ()(C:\Users\MH20\Desktop\[???:??????].Batman.Arkham.Asylum.full.rip.rar) -- C:\Users\MH20\Desktop\[蝙蝠侠：阿卡姆疯人院].Batman.Arkham.Asylum.full.rip.rar
[2009.10.26 18:02:07 | 20,793,672 | ---- | C] ()(C:\Users\MH20\Desktop\[???:??????].Batman.Arkham.Asylum.full.rip.rar) -- C:\Users\MH20\Desktop\[蝙蝠侠：阿卡姆疯人院].Batman.Arkham.Asylum.full.rip.rar
[2009.10.26 18:02:04 | 29,842,23623 | ---- | C] ()(C:\Users\MH20\Desktop\[???:??????].Batman.Arkham.Asylum.movies.rar) -- C:\Users\MH20\Desktop\[蝙蝠侠：阿卡姆疯人院].Batman.Arkham.Asylum.movies.rar
[2009.10.09 20:26:25 | 37,714,41553 | ---- | C] ()(C:\Users\MH20\Desktop\[????].[PC-GAME][ENG].Kane.and.Lynch.Dead.Men.[RAS][RiP].rar) -- C:\Users\MH20\Desktop\[喋血双雄].[PC-GAME][ENG].Kane.and.Lynch.Dead.Men.[RAS][RiP].rar

========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:9B285B76

< End of report >

#29 Příspěvek od **motji** » 23 led 2010 10:25

Provedl jste ten skript správně?

MH20 · #30 Příspěvek od **MH20** » 23 led 2010 10:53

aó i když restart nebyl o.o podle čeho soudíte?

VIRY.CZ

Prosím o Preventivní Kontrolu (Pomalé PC a chyby)

Re: Prosím o Preventivní Kontrolu (Pomalé PC a chyby)

Re: Prosím o Preventivní Kontrolu (Pomalé PC a chyby)

Re: Prosím o Preventivní Kontrolu (Pomalé PC a chyby)

Re: Prosím o Preventivní Kontrolu (Pomalé PC a chyby)

Re: Prosím o Preventivní Kontrolu (Pomalé PC a chyby)

Re: Prosím o Preventivní Kontrolu (Pomalé PC a chyby)

Re: Prosím o Preventivní Kontrolu (Pomalé PC a chyby)

Re: Prosím o Preventivní Kontrolu (Pomalé PC a chyby)

Re: Prosím o Preventivní Kontrolu (Pomalé PC a chyby)

Re: Prosím o Preventivní Kontrolu (Pomalé PC a chyby)

Re: Prosím o Preventivní Kontrolu (Pomalé PC a chyby)

Re: Prosím o Preventivní Kontrolu (Pomalé PC a chyby)

Re: Prosím o Preventivní Kontrolu (Pomalé PC a chyby)

Re: Prosím o Preventivní Kontrolu (Pomalé PC a chyby)

Re: Prosím o Preventivní Kontrolu (Pomalé PC a chyby)