Dlouhý start WIN 7

Zpráva

MAO · #1 Příspěvek od **MAO** » 23 srp 2010 15:28

Zdravím Vás všechy, asi 2 mám problém s PC, Dříve jsem měl starty OS (WIN7 x64) do cca jedné minuty, nyní mi proběhne krásná animace a PC se zasekne na černé obrazovce, zde je cca 3-5 minut a pak naskočí vítací modrá obrazovka a ihned se načte plocha a vše funguje (alespon to tak vypada) v poradku.

Zde prikladam log a dekuji za jakekoliv rady...

Kód: Vybrat vše

Logfile of random's system information tool 1.08 (written by random/random)
Run by MAO at 2010-08-23 16:24:14
Microsoft Windows 7 Ultimate  
System drive C: has 15 GB (30%) free of 50 GB
Total RAM: 5120 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:24:26, on 23.8.2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\RocketDock\RocketDock.exe
D:\Instalačky\Rapget.RS_Public_v1.1.0.2_cz\RapgetRS.exe
C:\Program Files (x86)\CursorXP\CursorXP.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\QIP\qip.exe
D:\Instalačky\Everest Ultimate Edition 5.02.1856\everest.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\MAO.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Rapget.RS] D:\Instalačky\Rapget.RS_Public_v1.1.0.2_cz\RapgetRS.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files (x86)\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [RGSC] E:\HRY\Social Club\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Steam] "c:\program files (x86)\steam\steam.exe" -silent
O4 - HKCU\..\Run: [QIP2005] C:\Program Files\QIP\qip.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\MAO\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\..\{B3433417-4C0F-45DE-B021-E6FF425B244F}: NameServer = 82.144.143.254,82.144.143.1
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - E:\HRY\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7275 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
winlogon.exe
"C:\Program Files\Microsoft Security Essentials\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\RAVCpl64.exe" 
"C:\Windows\WindowsMobile\wmdc.exe" 
"C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
"C:\Program Files (x86)\RocketDock\RocketDock.exe" 
C:\Windows\system32\svchost.exe -k WindowsMobile
"D:\Instalačky\Rapget.RS_Public_v1.1.0.2_cz\RapgetRS.exe" 
"C:\Program Files (x86)\CursorXP\CursorXP.exe" 
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files\QIP\qip.exe" 
taskeng.exe {9E808B72-FFD9-4861-AF99-679C2FE4C763}
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"D:\Instalačky\Everest Ultimate Edition 5.02.1856\everest.exe" 
"C:\Program Files (x86)\Opera\opera.exe" 
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520 
"C:\Users\MAO\Desktop\RSITx64.exe" 
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RAVCpl64.exe [2008-07-24 6452256]
"Skytel"=C:\Windows\Skytel.exe [2008-07-24 1833504]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1446504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"Rapget.RS"=D:\Instalačky\Rapget.RS_Public_v1.1.0.2_cz\RapgetRS.exe [2010-07-07 1571720]
"CursorXP"=C:\Program Files (x86)\CursorXP\CursorXP.exe [2005-01-19 128000]
"RGSC"=E:\HRY\Social Club\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"Steam"=c:\program files (x86)\steam\steam.exe [2010-08-13 1238352]
"QIP2005"=C:\Program Files\QIP\qip.exe [2009-08-13 3276288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-23 16:24:15 ----D---- C:\Program Files\trend micro
2010-08-23 16:24:14 ----D---- C:\rsit
2010-08-19 20:23:33 ----D---- C:\Program Files (x86)\Microsoft Antimalware
2010-08-19 20:23:30 ----D---- C:\Program Files\Microsoft Security Essentials
2010-08-17 10:06:56 ----D---- C:\Users\MAO\AppData\Roaming\EleFun Games
2010-08-15 20:48:29 ----D---- C:\ProgramData\Blizzard Entertainment
2010-08-13 15:51:24 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2010-08-13 15:51:24 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2010-08-13 15:51:24 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2010-08-13 15:51:24 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2010-08-13 15:51:24 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2010-08-13 15:51:24 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2010-08-13 15:51:24 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2010-08-13 15:51:24 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2010-08-13 15:51:24 ----A---- C:\Windows\system32\XAudio2_7.dll
2010-08-13 15:51:24 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2010-08-13 15:51:24 ----A---- C:\Windows\system32\xactengine3_7.dll
2010-08-13 15:51:24 ----A---- C:\Windows\system32\D3DX9_43.dll
2010-08-13 15:51:24 ----A---- C:\Windows\system32\d3dx11_43.dll
2010-08-13 15:51:24 ----A---- C:\Windows\system32\d3dx10_43.dll
2010-08-13 15:51:24 ----A---- C:\Windows\system32\d3dcsx_43.dll
2010-08-13 15:51:24 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2010-08-13 14:57:34 ----D---- C:\Program Files (x86)\Steam
2010-08-11 04:00:33 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-08-11 04:00:33 ----A---- C:\Windows\system32\schannel.dll
2010-08-11 04:00:33 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-11 04:00:33 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-11 04:00:33 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-11 04:00:25 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-11 04:00:25 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-11 04:00:24 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2010-08-11 04:00:24 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2010-08-11 04:00:21 ----A---- C:\Windows\system32\mshtml.dll
2010-08-11 04:00:21 ----A---- C:\Windows\system32\ieframe.dll
2010-08-11 04:00:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-08-11 04:00:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-08-11 04:00:20 ----A---- C:\Windows\system32\urlmon.dll
2010-08-11 04:00:19 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-08-11 04:00:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-08-11 04:00:19 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-08-11 04:00:19 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-08-11 04:00:19 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-08-11 04:00:19 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-08-11 04:00:19 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-08-11 04:00:19 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-08-11 04:00:19 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-08-11 04:00:19 ----A---- C:\Windows\system32\wininet.dll
2010-08-11 04:00:19 ----A---- C:\Windows\system32\mstime.dll
2010-08-11 04:00:19 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-11 04:00:19 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-11 04:00:19 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-11 04:00:19 ----A---- C:\Windows\system32\ieui.dll
2010-08-11 04:00:19 ----A---- C:\Windows\system32\iepeers.dll
2010-08-11 04:00:19 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-11 04:00:15 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2010-08-11 04:00:15 ----A---- C:\Windows\system32\rtutils.dll
2010-08-11 04:00:14 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2010-08-11 04:00:13 ----A---- C:\Windows\system32\win32k.sys
2010-08-11 04:00:13 ----A---- C:\Windows\system32\msxml3.dll
2010-08-11 04:00:12 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2010-08-05 09:10:01 ----D---- C:\Program Files (x86)\Xilisoft
2010-08-04 23:02:13 ----D---- C:\Users\MAO\AppData\Roaming\BitTorrent
2010-08-04 23:02:07 ----D---- C:\Program Files (x86)\BitTorrent
2010-08-04 21:25:38 ----D---- C:\Users\MAO\AppData\Roaming\Nero
2010-08-03 06:59:48 ----A---- C:\Windows\SYSWOW64\shell32.dll
2010-08-03 06:59:48 ----A---- C:\Windows\system32\shell32.dll
2010-07-27 21:12:10 ----D---- C:\Users\MAO\AppData\Roaming\DVDVideoSoftIEHelpers
2010-07-27 21:12:02 ----D---- C:\Program Files (x86)\DVDVideoSoft
2010-07-25 17:40:13 ----D---- C:\Users\MAO\AppData\Roaming\FashionCrazeChech

======List of files/folders modified in the last 1 months======

2010-08-23 16:24:26 ----D---- C:\Windows\Prefetch
2010-08-23 16:24:15 ----RD---- C:\Program Files
2010-08-23 16:18:26 ----D---- C:\Windows\Temp
2010-08-23 16:17:49 ----RD---- C:\Program Files (x86)
2010-08-23 16:17:06 ----D---- C:\Windows\System32
2010-08-23 16:17:06 ----D---- C:\Windows\inf
2010-08-23 16:17:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-23 16:12:58 ----D---- C:\Windows\system32\Tasks
2010-08-23 16:12:57 ----A---- C:\Windows\SYSWOW64\everest_cpl.ini
2010-08-23 16:12:38 ----D---- C:\ProgramData\NVIDIA
2010-08-23 08:07:28 ----D---- C:\Windows\Tasks
2010-08-23 08:07:28 ----D---- C:\Windows\SysWOW64
2010-08-23 08:07:28 ----D---- C:\Windows\system32\wfp
2010-08-23 08:07:28 ----D---- C:\Windows\system32\wbem
2010-08-23 08:07:28 ----D---- C:\Windows\system32\DriverStore
2010-08-23 08:07:28 ----D---- C:\Windows\system32\catroot2
2010-08-23 08:07:28 ----D---- C:\Windows\AppCompat
2010-08-23 08:07:28 ----D---- C:\Windows
2010-08-23 08:07:27 ----D---- C:\Windows\registration
2010-08-23 08:04:56 ----D---- C:\Windows\system32\LogFiles
2010-08-23 07:23:18 ----SHD---- C:\System Volume Information
2010-08-23 07:13:30 ----D---- C:\Windows\system32\config
2010-08-21 18:41:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-08-21 06:11:23 ----SHD---- C:\Windows\Installer
2010-08-21 06:11:20 ----D---- C:\ProgramData\Microsoft Help
2010-08-21 06:10:10 ----RSD---- C:\Windows\assembly
2010-08-20 03:18:33 ----D---- C:\Windows\system32\catroot
2010-08-20 03:13:37 ----D---- C:\Windows\winsxs
2010-08-20 03:01:42 ----RSD---- C:\Windows\Fonts
2010-08-20 03:01:29 ----D---- C:\Program Files (x86)\Microsoft Works
2010-08-20 03:00:53 ----A---- C:\Windows\win.ini
2010-08-19 21:45:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-08-19 20:41:29 ----D---- C:\Windows\system32\drivers
2010-08-19 20:23:33 ----SD---- C:\ProgramData\Microsoft
2010-08-15 20:54:50 ----HD---- C:\ProgramData
2010-08-15 20:54:50 ----D---- C:\Program Files (x86)\Common Files
2010-08-13 18:39:47 ----D---- C:\Program Files (x86)\Opera
2010-08-13 18:35:44 ----D---- C:\Windows\LiveKernelReports
2010-08-13 15:51:32 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-08-12 10:53:05 ----D---- C:\Windows\Microsoft.NET
2010-08-12 08:52:47 ----D---- C:\Windows\SYSWOW64\migration
2010-08-12 08:52:47 ----D---- C:\Windows\system32\migration
2010-08-12 08:52:47 ----D---- C:\Program Files\Internet Explorer
2010-08-12 08:52:47 ----D---- C:\Program Files (x86)\Internet Explorer
2010-08-04 10:01:02 ----SD---- C:\Users\MAO\AppData\Roaming\Microsoft
2010-08-02 09:44:35 ----D---- C:\ProgramData\BioWare
2010-08-02 09:29:31 ----D---- C:\ProgramData\Media Center Programs
2010-07-28 17:34:35 ----D---- C:\Windows\system32\drivers\UMDF
2010-07-28 06:38:33 ----D---- C:\Program Files (x86)\WinRAR
2010-07-28 06:31:17 ----D---- C:\Windows\SYSWOW64\drivers
2010-07-27 23:06:01 ----D---- C:\Users\MAO\AppData\Roaming\Adobe
2010-07-27 06:41:02 ----D---- C:\Users\MAO\AppData\Roaming\U3
2010-07-24 12:47:10 ----D---- C:\Program Files (x86)\JetAudio

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-22 828912]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 173984]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-07-27 90544]
R3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\D:\Instalačky\Everest Ultimate Edition 5.02.1856\kerneld.amd64 [2009-09-05 26240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2008-07-24 1488032]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 40832]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 art92t0u;art92t0u; C:\Windows\system32\drivers\art92t0u.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WINUSB;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17424]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-05-15 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-05-21 159336]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe [2010-07-22 488960]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-05-21 240232]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; E:\HRY\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-21 654848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-22 1255736]
S4 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 23 srp 2010 16:46

Vyčistěte PC CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 a proveďte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log a předem nic nemažte.

MAO · #3 Příspěvek od **MAO** » 23 srp 2010 18:44

Vyčištěno CCleanerem a zde je log z Malwarebytes' Anti-Malware. Pokud se neplete tak vše co program označil jsou key geny nebo cracky

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4466

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

23.8.2010 19:42:48
mbam-log-2010-08-23 (19-42-48).txt

Typ skenu: Úplný sken (B:\|C:\|D:\|E:\|F:\|)
Skenované objekty: 365906
Uplynulý čas: 58 minuta(y), 52 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 10

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
D:\HTC\Kaiser\OLD\Aplikace\Staré\gpsd253\GPSdash 2.53\KeyGen.exe (Hacktool.Gen) -> No action taken.
D:\Instalačky\GoldWave 5.52\Keymaker\keygen.exe (Malware.Packer.Gen) -> No action taken.
D:\Software\2009\Runtime GetDataBack for NTFS v3.69\bgdbn69a\bgdbn69\Keygen\Keygen.exe (RiskWare.Tool.CK) -> No action taken.
D:\Software\ANO\Alcohol 120%\říjen 07\Alcohol1201.9.6.5429Retail-by-includes-for-NWF.cz\Alcohol 120% 1.9.6.5429 Retail\Patch\_Alcohol.exe (Trojan.Agent) -> No action taken.
D:\Software\ANO\Ashampoo\12-2008\Ashampoo FireWall PRO 1.14\Keygen\Keygen.exe (Trojan.Downloader) -> No action taken.
D:\Software\ANO\Ashampoo\AntiSpyWare 1.60\Key+Crack\keygen.exe (Trojan.Downloader) -> No action taken.
D:\Software\EVEREST Ultimate Edition 2007 - (cracknute)\EVEREST\KeyfileGen.exe (Malware.Packer.Gen) -> No action taken.
E:\HRY\Heroes of Might and Magic V\bin\Unleashed.exe (Malware.Packer.Krunchy) -> No action taken.
F:\_-=IMAGE=-_\2007\Call of Duty 4 - Modern Warfare\rzr-cod4.exe (Trojan.Agent.CK) -> No action taken.
F:\_-=IMAGE=-_\2009\ANNO 1404 (CZ) [2009]\gdx-anno1404trn\gdx-anno1404trn.exe (Malware.Packer) -> No action taken.

#4 Příspěvek od **Rudy** » 23 srp 2010 18:46

Pokud se neplete tak vše co program označil jsou key geny nebo cracky

Ano, jsou. Nicméně je smažte.

MAO · #5 Příspěvek od **MAO** » 23 srp 2010 20:01

Smazána, vyresetováno ale problém nezmizel, po uvdoní WIN7 animaci se rozsvítí všechny tři LED didody na klávesnici, v tomto stavu zůstane PC cca minutu a pak se sám normálně spustí, asi bude problém někde v OS, i tak děkuji za rady...

#6 Příspěvek od **Rudy** » 23 srp 2010 20:41

Dejte pro jistotu log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

MAO · #7 Příspěvek od **MAO** » 24 srp 2010 06:32

Bohužel mi to píše že ComboFix je jen pro 32-bitove verze OS

#8 Příspěvek od **Rudy** » 24 srp 2010 16:52

Ano, je to tak, přehlédl jsem, že máte 64b systém. Stáhněte OTL: http://oldtimer.geekstogo.com/OTL.exe . Uložte na plochu, klikněte prvým myšítkem a zadejte "spustit jako správce". Zaškrtněte "pro 64b systém", "pro všechny uživatele", "kontrola na havěť LOP" a "PURITY". Do spodního okna vložte:

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Klikněte na "Prohledat" a vložte logy OTL.txt. a Extras.txt.

MAO · #9 Příspěvek od **MAO** » 24 srp 2010 18:48

OTL logfile created on: 24.8.2010 19:40:56 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\MAO\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

5,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 68,00% Memory free
10,00 Gb Paging File | 8,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 15,47 Gb Free Space | 31,68% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 378,17 Gb Free Space | 81,19% Space Free | Partition Type: NTFS
Drive E: | 146,48 Gb Total Space | 72,08 Gb Free Space | 49,20% Space Free | Partition Type: NTFS
Drive F: | 736,20 Gb Total Space | 75,51 Gb Free Space | 10,26% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MAO-PC
Current User Name: MAO
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.08.24 19:39:55 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\MAO\Desktop\OTL.exe
PRC - [2010.08.24 06:27:53 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2010.08.09 15:27:06 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2010.07.22 05:19:58 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
PRC - [2010.07.07 20:35:34 | 001,571,720 | ---- | M] (RapidSharing.eu) -- D:\Instalačky\Rapget.RS_Public_v1.1.0.2_cz\RapgetRS.exe
PRC - [2010.05.21 18:49:12 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009.09.23 01:13:46 | 002,426,976 | ---- | M] (Lavalys, Inc.) -- D:\Instalačky\Everest Ultimate Edition 5.02.1856\everest.exe
PRC - [2009.08.13 11:43:54 | 003,276,288 | ---- | M] (The Author of QIP) -- C:\Program Files\QIP\qip.exe
PRC - [2009.05.15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
PRC - [2005.01.19 17:34:16 | 000,128,000 | ---- | M] ( ) -- C:\Program Files (x86)\CursorXP\CursorXP.exe

========== Modules (SafeList) ==========

MOD - [2010.08.24 19:39:55 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\MAO\Desktop\OTL.exe
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2007.09.02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll
MOD - [2005.01.19 17:34:24 | 000,014,848 | ---- | M] ( ) -- C:\Program Files (x86)\CursorXP\CurXP0.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010.03.25 23:48:42 | 000,017,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009.07.14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009.07.14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010.07.22 05:19:58 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.07.21 22:29:23 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.05.21 18:49:12 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009.12.15 22:07:16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- E:\HRY\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009.07.16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.05.15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2010.07.22 12:25:51 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2009.07.14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009.07.14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009.07.14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009.07.14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.09.05 19:27:16 | 000,026,240 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Instalačky\Everest Ultimate Edition 5.02.1856\kerneld.amd64 -- (EverestDriver)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2233781247-2085942903-3117302497-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CF 71 29 45 6E 34 CB 01 [binary data]
IE - HKU\S-1-5-21-2233781247-2085942903-3117302497-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2233781247-2085942903-3117302497-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.cz/ig?hl=cs&source=iglk"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: firetorrent@radicalsoft.com:2.0.1

FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.08.23 21:26:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.08.23 21:26:41 | 000,000,000 | ---D | M]

[2010.07.22 05:28:09 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\Mozilla\Extensions
[2010.08.24 11:09:41 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\Mozilla\Firefox\Profiles\sbhhihyw.default\extensions
[2010.07.27 21:12:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MAO\AppData\Roaming\Mozilla\Firefox\Profiles\sbhhihyw.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.04 22:15:51 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\Mozilla\Firefox\Profiles\sbhhihyw.default\extensions\firetorrent@radicalsoft.com
[2010.07.21 22:18:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.08.23 21:26:38 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.08.23 21:26:38 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.08.23 21:26:38 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.08.23 21:26:38 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.08.23 21:26:38 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2233781247-2085942903-3117302497-1001..\Run: [CursorXP] C:\Program Files (x86)\CursorXP\CursorXP.exe ( )
O4 - HKU\S-1-5-21-2233781247-2085942903-3117302497-1001..\Run: [QIP2005] C:\Program Files\QIP\qip.exe (The Author of QIP)
O4 - HKU\S-1-5-21-2233781247-2085942903-3117302497-1001..\Run: [Rapget.RS] D:\Instalačky\Rapget.RS_Public_v1.1.0.2_cz\RapgetRS.exe (RapidSharing.eu)
O4 - HKU\S-1-5-21-2233781247-2085942903-3117302497-1001..\Run: [RGSC] E:\HRY\Social Club\Rockstar Games Social Club\RGSCLauncher.exe File not found
O4 - HKU\S-1-5-21-2233781247-2085942903-3117302497-1001..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-2233781247-2085942903-3117302497-1001..\Run: [Steam] c:\program files (x86)\steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2233781247-2085942903-3117302497-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\MAO\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\MAO\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.124.1 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{db7d59bd-957c-11df-9a0b-0016e6808c46}\Shell - "" = AutoRun
O33 - MountPoints2\{db7d59bd-957c-11df-9a0b-0016e6808c46}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{db7d5cf5-957c-11df-9a0b-0016e6808c46}\Shell - "" = AutoRun
O33 - MountPoints2\{db7d5cf5-957c-11df-9a0b-0016e6808c46}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010.08.24 19:39:54 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\MAO\Desktop\OTL.exe
[2010.08.24 19:25:01 | 000,000,000 | ---D | C] -- C:\Users\MAO\Documents\Danuše
[2010.08.24 16:29:59 | 000,000,000 | ---D | C] -- C:\Users\MAO\Desktop\Mafia2_official_map
[2010.08.24 07:31:33 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2010.08.23 18:17:42 | 000,000,000 | ---D | C] -- C:\Users\MAO\AppData\Roaming\Malwarebytes
[2010.08.23 18:17:34 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.08.23 18:17:33 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.08.23 18:17:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.08.23 18:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.23 18:14:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010.08.23 16:24:15 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.08.23 16:24:14 | 000,000,000 | ---D | C] -- C:\rsit
[2010.08.21 07:15:38 | 000,000,000 | ---D | C] -- C:\Users\MAO\Desktop\mafia2libuse
[2010.08.20 19:27:07 | 000,000,000 | ---D | C] -- C:\Users\MAO\Desktop\MAFIA II OST
[2010.08.20 14:40:34 | 000,000,000 | ---D | C] -- C:\Users\MAO\Documents\My Games
[2010.08.19 20:23:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2010.08.19 20:23:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010.08.17 19:28:53 | 000,000,000 | ---D | C] -- C:\Users\MAO\Desktop\M2_trainer
[2010.08.17 10:06:56 | 000,000,000 | ---D | C] -- C:\Users\MAO\AppData\Roaming\EleFun Games
[2010.08.15 20:48:29 | 000,000,000 | ---D | C] -- C:\Users\MAO\Documents\StarCraft II
[2010.08.15 20:48:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010.08.15 20:48:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2010.08.13 15:52:52 | 000,000,000 | ---D | C] -- C:\Users\MAO\AppData\Local\2K Games
[2010.08.13 15:51:24 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2010.08.13 15:51:24 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2010.08.13 15:51:24 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2010.08.13 15:51:24 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2010.08.13 15:51:24 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2010.08.13 15:51:24 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2010.08.13 15:51:24 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2010.08.13 15:51:24 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2010.08.13 15:51:24 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2010.08.13 15:51:24 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2010.08.13 15:51:24 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2010.08.13 15:51:24 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2010.08.13 15:51:24 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2010.08.13 15:51:24 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2010.08.13 15:51:24 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2010.08.13 15:51:24 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2010.08.13 14:57:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010.08.13 14:57:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2010.08.11 04:00:25 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.08.11 04:00:24 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.08.11 04:00:24 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.08.11 04:00:19 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.08.11 04:00:19 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.08.11 04:00:19 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.08.11 04:00:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.08.11 04:00:19 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.08.11 04:00:19 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.08.11 04:00:15 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010.08.11 04:00:15 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010.08.11 04:00:14 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010.08.05 09:10:11 | 000,000,000 | ---D | C] -- C:\Users\MAO\Documents\Xilisoft Corporation
[2010.08.05 09:10:11 | 000,000,000 | ---D | C] -- C:\Users\MAO\Application Data
[2010.08.05 09:10:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xilisoft
[2010.08.04 23:02:13 | 000,000,000 | ---D | C] -- C:\Users\MAO\AppData\Roaming\BitTorrent
[2010.08.04 23:02:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2010.08.04 21:25:38 | 000,000,000 | ---D | C] -- C:\Users\MAO\AppData\Roaming\Nero
[2010.08.02 09:39:54 | 000,000,000 | ---D | C] -- C:\Users\MAO\Documents\BioWare
[2010.08.02 09:23:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2010.07.27 21:12:10 | 000,000,000 | ---D | C] -- C:\Users\MAO\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.07.27 21:12:07 | 000,000,000 | ---D | C] -- C:\Users\MAO\Documents\DVDVideoSoft
[2010.07.27 21:12:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2010.07.27 21:12:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2010.07.26 19:03:35 | 000,000,000 | ---D | C] -- C:\Users\MAO\Documents\GTA3 User Files
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.08.24 19:42:15 | 001,572,864 | -HS- | M] () -- C:\Users\MAO\ntuser.dat
[2010.08.24 19:39:55 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\MAO\Desktop\OTL.exe
[2010.08.24 19:24:55 | 010,637,975 | ---- | M] () -- C:\Users\MAO\Documents\Danuše.rar
[2010.08.24 07:37:21 | 001,445,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.08.24 07:37:21 | 000,622,422 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.08.24 07:37:21 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.08.24 07:37:21 | 000,118,604 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.08.24 07:37:21 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.08.24 06:47:49 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.24 06:47:49 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.24 06:28:02 | 000,000,062 | ---- | M] () -- C:\Windows\SysWow64\everest_cpl.ini
[2010.08.24 06:27:42 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.24 06:27:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.24 06:26:18 | 4026,179,584 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.23 21:28:27 | 002,808,384 | -H-- | M] () -- C:\Users\MAO\AppData\Local\IconCache.db
[2010.08.23 18:17:37 | 000,001,018 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.23 16:24:04 | 000,832,273 | ---- | M] () -- C:\Users\MAO\Desktop\RSITx64.exe
[2010.08.23 07:29:24 | 000,524,288 | -HS- | M] () -- C:\Users\MAO\ntuser.dat{72874b1b-ae74-11df-9fba-0016e6808c46}.TMContainer00000000000000000002.regtrans-ms
[2010.08.23 07:29:24 | 000,524,288 | -HS- | M] () -- C:\Users\MAO\ntuser.dat{72874b1b-ae74-11df-9fba-0016e6808c46}.TMContainer00000000000000000001.regtrans-ms
[2010.08.23 07:29:24 | 000,065,536 | -HS- | M] () -- C:\Users\MAO\ntuser.dat{72874b1b-ae74-11df-9fba-0016e6808c46}.TM.blf
[2010.08.20 03:20:06 | 000,084,920 | ---- | M] () -- C:\Users\MAO\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.08.20 03:20:02 | 002,269,744 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.08.20 03:00:53 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[2010.08.19 21:47:11 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\Heroes of Might and Magic V - Tribes of the East.lnk
[2010.08.19 21:44:10 | 000,000,814 | ---- | M] () -- C:\Users\Public\Desktop\Heroes of Might & Magic V - Hammers of Fate.lnk
[2010.08.19 21:41:32 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\Heroes of Might and Magic V.lnk
[2010.08.19 21:40:17 | 000,000,001 | ---- | M] () -- C:\Windows\SysWow64\SI.bin
[2010.08.19 20:41:14 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010.08.16 08:41:52 | 000,000,656 | ---- | M] () -- C:\Users\MAO\Desktop\LENKA.lnk
[2010.08.15 20:54:53 | 000,000,700 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2010.08.15 16:00:18 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010.08.15 16:00:18 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2010.08.13 18:39:49 | 000,000,838 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.08.13 18:38:54 | 000,001,473 | ---- | M] () -- C:\Users\MAO\Desktop\MAFIA II DEMO.lnk
[2010.08.13 15:01:24 | 000,000,998 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.08.07 14:00:33 | 000,010,251 | ---- | M] () -- C:\Users\MAO\Documents\Bábovka.docx
[2010.08.05 09:10:05 | 000,002,088 | ---- | M] () -- C:\Users\MAO\Desktop\Xilisoft MP4 Converter.lnk
[2010.08.04 21:23:39 | 000,000,678 | ---- | M] () -- C:\Users\MAO\Desktop\Stronghold Crusader.lnk
[2010.08.02 09:29:30 | 000,000,667 | ---- | M] () -- C:\Users\Public\Desktop\Dragon Age Prameny.lnk
[2010.07.29 08:30:34 | 000,082,944 | ---- | M] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010.07.28 17:34:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.07.27 21:12:09 | 000,001,248 | ---- | M] () -- C:\Users\MAO\Desktop\DVDVideoSoft Free Studio.lnk
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.08.24 19:24:18 | 010,637,975 | ---- | C] () -- C:\Users\MAO\Documents\Danuše.rar
[2010.08.23 18:17:37 | 000,001,018 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.23 16:24:03 | 000,832,273 | ---- | C] () -- C:\Users\MAO\Desktop\RSITx64.exe
[2010.08.23 07:10:01 | 000,524,288 | -HS- | C] () -- C:\Users\MAO\ntuser.dat{72874b1b-ae74-11df-9fba-0016e6808c46}.TMContainer00000000000000000002.regtrans-ms
[2010.08.23 07:10:01 | 000,524,288 | -HS- | C] () -- C:\Users\MAO\ntuser.dat{72874b1b-ae74-11df-9fba-0016e6808c46}.TMContainer00000000000000000001.regtrans-ms
[2010.08.23 07:10:01 | 000,065,536 | -HS- | C] () -- C:\Users\MAO\ntuser.dat{72874b1b-ae74-11df-9fba-0016e6808c46}.TM.blf
[2010.08.19 21:47:11 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\Heroes of Might and Magic V - Tribes of the East.lnk
[2010.08.19 21:44:10 | 000,000,814 | ---- | C] () -- C:\Users\Public\Desktop\Heroes of Might & Magic V - Hammers of Fate.lnk
[2010.08.19 21:41:32 | 000,000,802 | ---- | C] () -- C:\Users\Public\Desktop\Heroes of Might and Magic V.lnk
[2010.08.19 21:40:17 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2010.08.19 20:23:30 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010.08.16 08:41:54 | 000,000,656 | ---- | C] () -- C:\Users\MAO\Desktop\LENKA.lnk
[2010.08.15 20:48:29 | 000,000,700 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2010.08.15 16:00:11 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml
[2010.08.15 16:00:11 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2010.08.13 18:39:49 | 000,000,838 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.08.13 18:38:54 | 000,001,473 | ---- | C] () -- C:\Users\MAO\Desktop\MAFIA II DEMO.lnk
[2010.08.13 14:57:34 | 000,000,998 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.08.07 14:00:33 | 000,010,251 | ---- | C] () -- C:\Users\MAO\Documents\Bábovka.docx
[2010.08.05 09:10:05 | 000,002,088 | ---- | C] () -- C:\Users\MAO\Desktop\Xilisoft MP4 Converter.lnk
[2010.08.04 21:23:39 | 000,000,678 | ---- | C] () -- C:\Users\MAO\Desktop\Stronghold Crusader.lnk
[2010.08.02 09:29:30 | 000,000,667 | ---- | C] () -- C:\Users\Public\Desktop\Dragon Age Prameny.lnk
[2010.07.28 17:34:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.07.27 21:12:07 | 000,001,248 | ---- | C] () -- C:\Users\MAO\Desktop\DVDVideoSoft Free Studio.lnk
[2010.07.22 05:19:58 | 000,142,592 | ---- | C] () -- C:\Windows\SysWow64\drivers\sp_rsdrv2.sys
[2010.07.21 22:45:31 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.07.21 22:45:31 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.07.21 22:45:30 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.07.21 22:45:30 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.07.21 22:45:30 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2010.07.21 22:45:29 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.07.21 21:15:42 | 000,000,062 | ---- | C] () -- C:\Windows\SysWow64\everest_cpl.ini
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== LOP Check ==========

[2010.08.07 23:12:27 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\BitTorrent
[2010.07.22 05:28:13 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\CheckPoint
[2010.07.21 21:31:51 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\COWON
[2010.07.21 21:40:26 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\DAEMON Tools Lite
[2010.07.27 21:12:10 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.08.17 10:06:56 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\EleFun Games
[2010.07.25 17:41:04 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\FashionCrazeChech
[2010.07.21 21:49:06 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\GHISLER
[2010.07.21 21:00:38 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\Opera
[2010.07.22 05:21:34 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\Spyware Terminator
[2009.07.14 07:08:49 | 000,014,320 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RocketDock" = "C:\Program Files (x86)\RocketDock\RocketDock.exe" -- [2007.09.02 13:58:52 | 000,495,616 | ---- | M] ()
"Rapget.RS" = D:\Instalačky\Rapget.RS_Public_v1.1.0.2_cz\RapgetRS.exe -- [2010.07.07 20:35:34 | 001,571,720 | ---- | M] (RapidSharing.eu)
"CursorXP" = C:\Program Files (x86)\CursorXP\CursorXP.exe -- [2005.01.19 17:34:16 | 000,128,000 | ---- | M] ( )
"RGSC" = E:\HRY\Social Club\Rockstar Games Social Club\RGSCLauncher.exe /silent -- File not found
"Steam" = "c:\program files (x86)\steam\steam.exe" -silent -- [2010.08.24 06:27:53 | 001,242,448 | ---- | M] (Valve Corporation)
"QIP2005" = C:\Program Files\QIP\qip.exe -- [2009.08.13 11:43:54 | 003,276,288 | ---- | M] (The Author of QIP)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.07.27 23:06:01 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\Adobe
[2010.08.07 23:12:27 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\BitTorrent
[2010.07.22 05:28:13 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\CheckPoint
[2010.07.21 21:31:51 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\COWON
[2010.07.21 21:40:26 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\DAEMON Tools Lite
[2010.07.27 21:12:10 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.08.17 10:06:56 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\EleFun Games
[2010.07.25 17:41:04 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\FashionCrazeChech
[2010.07.21 21:49:06 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\GHISLER
[2010.07.21 20:51:59 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\Identities
[2010.07.21 21:31:09 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\InstallShield
[2010.07.21 21:07:47 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\Macromedia
[2010.08.23 18:17:42 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\Malwarebytes
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\Media Center Programs
[2010.07.21 22:45:44 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\Media Player Classic
[2010.08.04 10:01:02 | 000,000,000 | --SD | M] -- C:\Users\MAO\AppData\Roaming\Microsoft
[2010.07.22 05:28:09 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\Mozilla
[2010.08.04 21:26:09 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\Nero
[2010.07.23 08:58:08 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\NVIDIA
[2010.07.21 21:00:38 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\Opera
[2010.07.22 05:46:41 | 000,000,000 | RH-D | M] -- C:\Users\MAO\AppData\Roaming\SecuROM
[2010.07.22 05:21:34 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\Spyware Terminator
[2010.07.27 06:41:02 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\U3
[2010.07.21 21:53:55 | 000,000,000 | ---D | M] -- C:\Users\MAO\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2009.09.23 13:55:40 | 000,116,008 | ---- | M] (U3 LLC) -- C:\Users\MAO\AppData\Roaming\U3\temp\cleanup.exe
[2009.09.23 13:55:56 | 003,413,288 | -H-- | M] (SanDisk Corporation) -- C:\Users\MAO\AppData\Roaming\U3\temp\Launchpad Removal.exe

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010.04.09 13:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2010.04.09 09:56:29 | 001,892,232 | ---- | M] (Microsoft Corporation) MD5=A9C0F786AC1F736891D05CE0A1D29DEB -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 03:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll
[2009.07.14 03:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 03:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll
[2009.07.14 03:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.08.24 06:28:02 | 000,000,062 | ---- | M] () -- C:\Windows\SysWOW64\everest_cpl.ini
< End of report >

MAO · #10 Příspěvek od **MAO** » 24 srp 2010 18:49

OTL Extras logfile created on: 24.8.2010 19:40:56 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\MAO\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

5,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 68,00% Memory free
10,00 Gb Paging File | 8,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 15,47 Gb Free Space | 31,68% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 378,17 Gb Free Space | 81,19% Space Free | Partition Type: NTFS
Drive E: | 146,48 Gb Total Space | 72,08 Gb Free Space | 49,20% Space Free | Partition Type: NTFS
Drive F: | 736,20 Gb Total Space | 75,51 Gb Free Space | 10,26% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MAO-PC
Current User Name: MAO
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{7B1AF68B-4606-4152-9991-1E9D4FF5F0FA}" = Microsoft Antimalware Service CS-CZ Language Pack
"{85C76689-536B-4CD4-AD94-2F5D259C084B}" = Free Launch Bar 64-bit Edition
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95C9C76F-ECF3-40FA-94F8-5DDFB6BAF40D}" = Microsoft Security Essentials
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"Microsoft Security Essentials" = Microsoft Security Essentials
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07BE4679-4318-4413-9701-B3D91354F10C}" = Heroes of Might & Magic V: Hammers of Fate
"{07BE4679-4318-4413-9701-B3D92354F11D}" = Heroes of Might and Magic V - Tribes of the East
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70858C67-8761-4444-895A-0A8B2E9E144E}" = Opera 10.61
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{aa6f15f8-e248-4375-a8a6-ba1009a07e82}" = Nero 9
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1029-7B44-A91000000001}" = Adobe Reader 9.1 - Czech
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Prameny
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic VX
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}" = Prince of Persia® Zapomenuté písky
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F68563C0-2CCD-4799-A014-017A370D627B}" = Sběratelská edice Heroes of Might and Magic V
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner (remove only)
"CursorXP" = CursorXP
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.7
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PowerISO" = PowerISO
"Qip2005 packverze: 8095" = Qip2005 pack verze: 8095
"RocketDock_is1" = RocketDock 1.3.5
"Spyware Terminator_is1" = Spyware Terminator
"StarCraft II" = StarCraft II
"Steam App 50280" = Mafia II - Demo
"Totalcmd" = Total Commander (Remove or Repair)
"Uninstall_is1" = Uninstall 1.0.0.1
"WinRAR archiver" = WinRAR
"Xilisoft MP4 Converter" = Xilisoft MP4 Converter

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 15.8.2010 9:13:01 | Computer Name = MAO-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: DAOrigins.exe, verze: 1.4.12393.0, časové
razítko: 0x4c093423 Název chybujícího modulu: DAOrigins.exe, verze: 1.4.12393.0,
časové razítko: 0x4c093423 Kód výjimky: 0x40000015 Posun chyby: 0x0046ce56 ID chybujícího
procesu: 0x5d8 Čas spuštění chybující aplikace: 0x01cb3c7883f848ee Cesta k chybující
aplikaci: E:\HRY\Dragon Age\bin_ship\DAOrigins.exe Cesta k chybujícímu modulu: E:\HRY\Dragon
Age\bin_ship\DAOrigins.exe ID zprávy: d42c794a-a86e-11df-8381-0016e6808c46

Error - 18.8.2010 1:40:51 | Computer Name = MAO-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mafia2.exe, verze: 1.0.0.1, časové razítko:
0x4c51773a Název chybujícího modulu: mafia2.exe, verze: 1.0.0.1, časové razítko:
0x4c51773a Kód výjimky: 0xc0000005 Posun chyby: 0x00c5c06f ID chybujícího procesu:
0xe60 Čas spuštění chybující aplikace: 0x01cb3e96f6574145 Cesta k chybující aplikaci:
C:\Program Files (x86)\Steam\steamapps\common\mafia ii - public demo\pc\mafia2.exe
Cesta
k chybujícímu modulu: C:\Program Files (x86)\Steam\steamapps\common\mafia ii -
public demo\pc\mafia2.exe ID zprávy: 28b1e01b-aa8b-11df-b0b7-0016e6808c46

Error - 18.8.2010 11:58:37 | Computer Name = MAO-PC | Source = Application Hang | ID = 1002
Description = Program wmplayer.exe verze 12.0.7600.16415 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: e88 Čas spuštění: 01cb3eee0960e1a4 Čas ukončení: 61 Cesta k aplikaci: C:\Program
Files (x86)\Windows Media Player\wmplayer.exe ID hlášení: 72d6ad5e-aae1-11df-ac01-0016e6808c46

Error - 20.8.2010 8:26:26 | Computer Name = MAO-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: DAOrigins.exe, verze: 1.4.12393.0, časové
razítko: 0x4c093423 Název chybujícího modulu: DAOrigins.exe, verze: 1.4.12393.0,
časové razítko: 0x4c093423 Kód výjimky: 0xc0000005 Posun chyby: 0x0019a04e ID chybujícího
procesu: 0xf34 Čas spuštění chybující aplikace: 0x01cb4062796c3e6d Cesta k chybující
aplikaci: E:\HRY\Dragon Age\bin_ship\DAOrigins.exe Cesta k chybujícímu modulu: E:\HRY\Dragon
Age\bin_ship\DAOrigins.exe ID zprávy: 266847dc-ac56-11df-978e-0016e6808c46

Error - 21.8.2010 13:11:30 | Computer Name = MAO-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mafia2.exe, verze: 1.0.0.1, časové razítko:
0x4c6ce6eb Název chybujícího modulu: mafia2.exe, verze: 1.0.0.1, časové razítko:
0x4c6ce6eb Kód výjimky: 0x80000003 Posun chyby: 0x00b35c27 ID chybujícího procesu:
0x4d0 Čas spuštění chybující aplikace: 0x01cb4153add39f5f Cesta k chybující aplikaci:
c:\program files (x86)\steam\steamapps\common\mafia ii - public demo\pc\mafia2.exe
Cesta
k chybujícímu modulu: c:\program files (x86)\steam\steamapps\common\mafia ii -
public demo\pc\mafia2.exe ID zprávy: 237fd4ba-ad47-11df-9c94-0016e6808c46

Error - 21.8.2010 13:12:44 | Computer Name = MAO-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mafia2.exe, verze: 1.0.0.1, časové razítko:
0x4c6ce6eb Název chybujícího modulu: mafia2.exe, verze: 1.0.0.1, časové razítko:
0x4c6ce6eb Kód výjimky: 0x80000003 Posun chyby: 0x00b35c27 ID chybujícího procesu:
0x454 Čas spuštění chybující aplikace: 0x01cb4153f0098b5d Cesta k chybující aplikaci:
c:\program files (x86)\steam\steamapps\common\mafia ii - public demo\pc\mafia2.exe
Cesta
k chybujícímu modulu: c:\program files (x86)\steam\steamapps\common\mafia ii -
public demo\pc\mafia2.exe ID zprávy: 4f92189d-ad47-11df-9c94-0016e6808c46

Error - 23.8.2010 12:20:04 | Computer Name = MAO-PC | Source = Application Hang | ID = 1002
Description = Program mbam.exe verze 1.46.0.1 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
444 Čas spuštění: 01cb42dec42951aa Čas ukončení: 8 Cesta k aplikaci: C:\Program Files
(x86)\Malwarebytes' Anti-Malware\mbam.exe ID hlášení: 472fb46e-aed2-11df-91d9-0016e6808c46

Error - 23.8.2010 12:21:58 | Computer Name = MAO-PC | Source = Application Hang | ID = 1002
Description = Program mbam.exe verze 1.46.0.1 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
82c Čas spuštění: 01cb42df0ffc2ae9 Čas ukončení: 60000 Cesta k aplikaci: C:\Program
Files (x86)\Malwarebytes' Anti-Malware\mbam.exe ID hlášení: 61287433-aed2-11df-91d9-0016e6808c46

Error - 23.8.2010 12:25:05 | Computer Name = MAO-PC | Source = Application Hang | ID = 1002
Description = Program mbam.exe verze 1.46.0.1 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
cfc Čas spuštění: 01cb42df7a78803c Čas ukončení: 16 Cesta k aplikaci: C:\Program Files
(x86)\Malwarebytes' Anti-Malware\mbam.exe ID hlášení: fb214db4-aed2-11df-91d9-0016e6808c46

Error - 24.8.2010 2:41:40 | Computer Name = MAO-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: DAOrigins.exe, verze: 1.4.12393.0, časové
razítko: 0x4c093423 Název chybujícího modulu: DAOrigins.exe, verze: 1.4.12393.0,
časové razítko: 0x4c093423 Kód výjimky: 0xc0000005 Posun chyby: 0x0044b392 ID chybujícího
procesu: 0x4b8 Čas spuštění chybující aplikace: 0x01cb4354783e8133 Cesta k chybující
aplikaci: E:\HRY\Dragon Age\bin_ship\DAOrigins.exe Cesta k chybujícímu modulu: E:\HRY\Dragon
Age\bin_ship\DAOrigins.exe ID zprávy: a62bd8c8-af4a-11df-a7ad-0016e6808c46

[ System Events ]
Error - 23.8.2010 10:32:31 | Computer Name = MAO-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk3\DR4.

Error - 23.8.2010 10:33:07 | Computer Name = MAO-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby LanmanServer bylo dosaženo časového
limitu (30000 ms).

Error - 23.8.2010 10:33:37 | Computer Name = MAO-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo
časového limitu (30000 ms).

Error - 23.8.2010 10:34:07 | Computer Name = MAO-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo
časového limitu (30000 ms).

Error - 23.8.2010 12:21:05 | Computer Name = MAO-PC | Source = Service Control Manager | ID = 7031
Description = Služba Microsoft Antimalware Service byla nečekaně ukončena. Stalo
se to 1 krát. Následující opravná akce bude spuštěna za 15000 milisekund: Restartovat
službu.

Error - 23.8.2010 12:21:20 | Computer Name = MAO-PC | Source = Service Control Manager | ID = 7032
Description = Správce služeb se pokusil o opravnou akci (Restartovat službu) po
nečekaném ukončení služby Microsoft Antimalware Service, ale tato akce selhala kvůli
následující chybě: %%1056

Error - 23.8.2010 14:59:26 | Computer Name = MAO-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk3\DR3.

Error - 24.8.2010 0:27:50 | Computer Name = MAO-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk3\DR3.

Error - 24.8.2010 1:35:36 | Computer Name = MAO-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk4\DR4.

Error - 24.8.2010 6:39:41 | Computer Name = MAO-PC | Source = VDS Basic Provider | ID = 33554433
Description =

< End of report >

#11 Příspěvek od **Rudy** » 24 srp 2010 19:00

Váš problém nebude způsoben virem. Patrně se něco při startu spouští delší dobu. Zkuste provést optimalizaci pomocí Win7Manageru: http://www.yamicsoft.com/windows7manager/ .

MAO · #12 Příspěvek od **MAO** » 25 srp 2010 05:24

Windows 7 Manager vypada na velice povedeny programek avsak moje PC znalosti koni tam kde vidim jake aplikace se spousti po startu PC tech tam mam 6 a mam je tam uz delsi dobu kdy vsechny fungovalo jak ma, a na hrabani v registrech nemam odvahu, bohuzel WIN7 mi ukazuje body obnovy az s datumem kdy problem nastal takze asi zvolim reinstalaci OS. Dekuji za rady...

#13 Příspěvek od **Rudy** » 25 srp 2010 16:47

Nemáte zač!

VIRY.CZ

Dlouhý start WIN 7

Dlouhý start WIN 7

Re: Dlouhý start WIN 7

Re: Dlouhý start WIN 7

Re: Dlouhý start WIN 7

Re: Dlouhý start WIN 7

Re: Dlouhý start WIN 7

Re: Dlouhý start WIN 7

Re: Dlouhý start WIN 7

Re: Dlouhý start WIN 7

Re: Dlouhý start WIN 7

Re: Dlouhý start WIN 7

Re: Dlouhý start WIN 7

Re: Dlouhý start WIN 7