Zpomaleny pc + Antivirus Avntispyware 2011

Zpráva

trusi · #1 Příspěvek od **trusi** » 27 úno 2011 07:23

Čau, poslední dobou mám zpomalený počítač, projevuje se častým fps drop při hraní her.
K tomu se mi včera nevím jak dostal do počítače AniVirus AntiSpyware 2011, který byl v
procesech pod názvem covering software. Včera jsem to několikrát vypnul, dnes ráno mi
při startu windows naběhlo okno, že můj počítač je používán k multi spamu, bla bla bla a
že budu odpojen od internetu, což je samozřejmě blbost

Díky moc
Log:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Honza at 2011-02-27 07:19:46
Microsoft Windows 7 Home Premium
System drive C: has 221 GB (74%) free of 299 GB
Total RAM: 4087 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:20:01, on 27.2.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\PSPad editor\PSPad.exe
C:\Program Files\trend micro\Honza.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file)
R3 - URLSearchHook: (no name) - {fd3d3852-dcda-468c-8995-8ced7333918a} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocná služba pro prihlášení ke službe Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
O2 - BHO: (no name) - {fd3d3852-dcda-468c-8995-8ced7333918a} - (no file)
O3 - Toolbar: (no name) - {fd3d3852-dcda-468c-8995-8ced7333918a} - (no file)
O4 - HKLM\..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
O4 - HKLM\..\Run: [scanner] C:\Users\Honza\Downloads\scanner.exe
O4 - HKLM\..\RunServices: [scanner] C:\Users\Honza\Downloads\scanner.exe
O4 - HKCU\..\Run: [AntiVirus AntiSpyware 2011] "C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\AntiVirus AntiSpyware.exe" /STARTUP
O4 - HKCU\..\Run: [AntiVirus AntiSpyware 2011 Security] C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\securitymanager.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zarízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zarízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} (Java Plug-in 1.6.0_15) -
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll,C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13506 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
winlogon.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\WLANExt.exe 23159104
\??\C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" -r
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\SysWOW64\svchost.exe -k netsvcs
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"taskhost.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\wmi64.exe" "UPDATE" "{2C4D4BC6-0793-4956-A9F9-E252435469C0}" "3" "512"
WLIDSvcM.exe 2768
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
taskeng.exe {8BCDF422-3E5D-4796-9BD4-9961AAE63B59}
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe" /Start
"C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"C:\Program Files\DigitalPersona\Bin\DPAgent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_750ms_queue_prefetch/DnsParallelism/parallel_6/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_http/ --channel=1176.0076FC00.793798875 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_750ms_queue_prefetch/DnsParallelism/parallel_6/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_http/ --channel=1176.00768D80.25896180 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_750ms_queue_prefetch/DnsParallelism/parallel_6/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_http/ --channel=1176.00768000.371967845 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_750ms_queue_prefetch/DnsParallelism/parallel_6/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_http/ --channel=1176.0076F180.2055462684 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_750ms_queue_prefetch/DnsParallelism/parallel_6/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_http/ --channel=1176.0076F000.1927777596 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_750ms_queue_prefetch/DnsParallelism/parallel_6/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_http/ --channel=1176.0076FD80.769316399 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_750ms_queue_prefetch/DnsParallelism/parallel_6/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_http/ --channel=1176.00778D80.1366393746 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_750ms_queue_prefetch/DnsParallelism/parallel_6/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_http/ --channel=1176.00778C00.1467873976 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_750ms_queue_prefetch/DnsParallelism/parallel_6/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_http/ --channel=1176.00778A80.651249221 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_750ms_queue_prefetch/DnsParallelism/parallel_6/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_http/ --channel=1176.00778900.1243079594 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Honza\AppData\Local\Google\Chrome\Application\9.0.597.98\gcswf32.dll" --lang=cs --plugin-data-dir="C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default" --channel=1176.092E0C4C.2130254635 /prefetch:4
"C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_6/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_750ms_queue_prefetch/DnsParallelism/parallel_6/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_http/ --channel=1176.07CFD600.477231199 /prefetch:3
"C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_6/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_750ms_queue_prefetch/DnsParallelism/parallel_6/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_http/ --channel=1176.07A04780.807918824 /prefetch:3
"taskhost.exe"
C:\Windows\ehome\ehmsas.exe -Embedding
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\PSPad editor\PSPad.exe" "C:\rsit\log.txt"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 548 552 560 65536 556
"C:\Users\Honza\Downloads\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1374301015-3030359024-3010537099-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1374301015-3030359024-3010537099-1000UA.job
C:\Windows\tasks\UpdateCheck.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
DigitalPersona Personal Extension - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-07-01 1888832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\ievkbd.dll [2010-10-05 61624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-09 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll [2010-10-05 234168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
DigitalPersona Personal Extension - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-07-01 1256512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll [2010-10-05 68280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro prihlášení ke službe Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-22 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-10-10 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll [2010-10-05 191160]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fd3d3852-dcda-468c-8995-8ced7333918a}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{fd3d3852-dcda-468c-8995-8ced7333918a}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 2096424]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-23 487424]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-01-15 8864584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AntiVirus AntiSpyware 2011"=C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\AntiVirus AntiSpyware.exe [2011-02-26 2794496]
"AntiVirus AntiSpyware 2011 Security"=C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\securitymanager.exe [2011-02-26 194560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-29 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR]
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-09-29 1685048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPCam_Menu]
c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2010-03-16 718208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-09 171520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XboxStat]
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-10-01 825184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Honza^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameRanger.lnk]
C:\Users\Honza\AppData\Roaming\GAMERA~1\GAMERA~2\GAMERA~1.EXE [2011-01-28 1257184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Honza^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
C:\PROGRA~2\Hamachi\hamachi.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Honza^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
C:\PROGRA~2\Xfire\Xfire.exe [2010-07-09 3493776]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DpAgent"=C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe [2009-07-01 842816]
""= []
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-08-20 322104]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [2010-11-02 365336]
"scanner"=C:\Users\Honza\Downloads\scanner.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\System32\klogon.dll [2010-10-05 233656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-01-08 52272]
"UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=28

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 months======

2011-02-26 17:02:14 ----D---- C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011
2011-02-24 06:42:55 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2011-02-24 06:42:55 ----A---- C:\Windows\system32\wcncsvc.dll
2011-02-23 14:15:42 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-02-23 14:15:42 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-02-23 14:15:42 ----A---- C:\Windows\system32\XpsPrint.dll
2011-02-23 14:15:42 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-02-13 19:54:38 ----D---- C:\Program Files (x86)\Veetle
2011-02-10 19:34:22 ----D---- C:\Windows\SYSWOW64\directx
2011-02-10 18:58:54 ----D---- C:\Program Files (x86)\Atari
2011-02-10 07:16:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-02-10 07:16:41 ----A---- C:\Windows\system32\mshtml.dll
2011-02-10 07:16:35 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-02-10 07:16:34 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-02-10 07:16:34 ----A---- C:\Windows\system32\msfeeds.dll
2011-02-10 07:16:34 ----A---- C:\Windows\system32\iedkcs32.dll
2011-02-10 07:16:33 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-02-10 07:16:33 ----A---- C:\Windows\system32\mstime.dll
2011-02-10 07:16:33 ----A---- C:\Windows\system32\iertutil.dll
2011-02-10 07:16:32 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-02-10 07:16:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-02-10 07:16:32 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-02-10 07:16:32 ----A---- C:\Windows\system32\mshtmled.dll
2011-02-10 07:16:32 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-02-10 07:16:32 ----A---- C:\Windows\system32\iepeers.dll
2011-02-10 07:16:31 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-02-10 07:16:31 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-02-10 07:16:31 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-02-10 07:16:31 ----A---- C:\Windows\system32\msfeedssync.exe
2011-02-10 07:16:31 ----A---- C:\Windows\system32\licmgr10.dll
2011-02-10 07:16:28 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2011-02-10 07:16:28 ----A---- C:\Windows\system32\kerberos.dll
2011-02-10 07:16:27 ----A---- C:\Windows\system32\win32k.sys
2011-02-10 07:16:25 ----A---- C:\Windows\SYSWOW64\upnp.dll
2011-02-10 07:16:25 ----A---- C:\Windows\system32\urlmon.dll
2011-02-10 07:16:25 ----A---- C:\Windows\system32\upnp.dll
2011-02-10 07:16:25 ----A---- C:\Windows\system32\msxml6.dll
2011-02-10 07:16:25 ----A---- C:\Windows\system32\msxml3.dll
2011-02-10 07:16:24 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-02-10 07:16:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-02-10 07:16:24 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2011-02-10 07:16:24 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2011-02-10 07:16:24 ----A---- C:\Windows\system32\wininet.dll
2011-02-10 07:16:24 ----A---- C:\Windows\system32\winhttp.dll
2011-02-10 07:16:24 ----A---- C:\Windows\system32\WebClnt.dll
2011-02-10 07:16:23 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2011-02-10 07:16:23 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2011-02-10 07:16:23 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2011-02-10 07:16:23 ----A---- C:\Windows\SYSWOW64\slwga.dll
2011-02-10 07:16:23 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-02-10 07:16:23 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2011-02-10 07:16:23 ----A---- C:\Windows\system32\wscapi.dll
2011-02-10 07:16:23 ----A---- C:\Windows\system32\slwga.dll
2011-02-10 07:16:23 ----A---- C:\Windows\system32\ieframe.dll
2011-02-10 07:16:23 ----A---- C:\Windows\system32\davclnt.dll
2011-02-10 07:16:22 ----A---- C:\Windows\system32\wscsvc.dll
2011-02-10 07:16:22 ----A---- C:\Windows\system32\winsrv.dll
2011-02-10 07:16:19 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-02-10 07:16:19 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-02-10 07:16:19 ----A---- C:\Windows\system32\cdd.dll
2011-02-10 07:16:17 ----A---- C:\Windows\system32\vbscript.dll
2011-02-10 07:16:17 ----A---- C:\Windows\system32\jscript.dll
2011-02-10 07:16:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-02-10 07:16:16 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-02-10 07:16:14 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-02-10 07:16:14 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-02-10 07:16:14 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2011-02-10 07:16:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-02-10 07:16:14 ----A---- C:\Windows\system32\ntdll.dll
2011-02-10 07:16:12 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-02-10 07:16:12 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-02-10 07:16:12 ----A---- C:\Windows\system32\atmlib.dll
2011-02-10 07:16:12 ----A---- C:\Windows\system32\atmfd.dll
2011-02-07 15:43:29 ----D---- C:\Users\Honza\AppData\Roaming\ZqWare
2011-02-07 15:22:44 ----A---- C:\Windows\SYSWOW64\SPORDER.DLL
2011-02-06 10:54:39 ----D---- C:\Program Files (x86)\Windows SideShow
2011-02-06 10:25:35 ----D---- C:\Users\Honza\AppData\Roaming\Spyware Terminator
2011-02-06 10:25:35 ----D---- C:\ProgramData\Spyware Terminator
2011-02-06 10:24:43 ----D---- C:\Program Files (x86)\Spyware Terminator
2011-02-06 10:17:08 ----D---- C:\!KillBox
2011-02-05 22:30:41 ----D---- C:\Program Files\Speccy
2011-02-02 20:03:08 ----HD---- C:\CanonMP
2011-02-02 20:01:33 ----D---- C:\Program Files (x86)\Canon
2011-02-02 20:00:26 ----HD---- C:\ProgramData\CanonBJ
2011-02-01 16:04:37 ----D---- C:\Users\Honza\AppData\Roaming\Ubisoft
2011-01-31 17:10:57 ----D---- C:\Program Files (x86)\Ubisoft
2011-01-29 08:01:08 ----D---- C:\Programmi

======List of files/folders modified in the last 1 months======

2011-02-27 07:19:56 ----D---- C:\Windows\Temp
2011-02-27 07:19:56 ----D---- C:\Program Files\trend micro
2011-02-27 07:16:06 ----D---- C:\Windows\system32\config
2011-02-27 07:16:04 ----D---- C:\Windows\system32\Tasks
2011-02-27 07:07:36 ----RAD---- C:\Program Files (x86)
2011-02-27 07:06:38 ----D---- C:\ProgramData\Kaspersky Lab
2011-02-27 07:06:36 ----A---- C:\ProgramData\HPWALog.txt
2011-02-27 07:06:32 ----HD---- C:\ProgramData
2011-02-27 07:06:18 ----D---- C:\Windows\SysWOW64
2011-02-27 07:05:24 ----D---- C:\Windows
2011-02-26 21:54:55 ----D---- C:\Users\Honza\AppData\Roaming\Xfire
2011-02-26 17:14:48 ----SHD---- C:\System Volume Information
2011-02-26 16:47:49 ----D---- C:\Windows\System32
2011-02-26 16:47:49 ----D---- C:\Windows\inf
2011-02-26 16:47:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-02-26 16:11:03 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-02-26 14:27:25 ----D---- C:\Users\Honza\AppData\Roaming\AIMP
2011-02-26 12:44:29 ----D---- C:\Windows\Prefetch
2011-02-25 07:02:05 ----D---- C:\Windows\system32\catroot2
2011-02-25 07:02:05 ----D---- C:\Windows\system32\catroot
2011-02-25 06:58:37 ----D---- C:\Windows\winsxs
2011-02-22 19:03:59 ----D---- C:\Users\Honza\AppData\Roaming\uTorrent
2011-02-20 10:25:48 ----D---- C:\Users\Honza\AppData\Roaming\vlc
2011-02-20 10:18:23 ----D---- C:\Program Files (x86)\Total Video Converter
2011-02-19 10:22:24 ----D---- C:\ProgramData\Xfire
2011-02-15 18:00:32 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-02-15 17:01:34 ----SHD---- C:\Windows\Installer
2011-02-14 19:41:01 ----D---- C:\Users\Honza\AppData\Roaming\My Battle for Middle-earth(tm) II Files
2011-02-13 11:54:47 ----D---- C:\Program Files (x86)\Advanced Tactical Center
2011-02-11 15:57:01 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-02-10 19:36:19 ----HD---- C:\Windows\msdownld.tmp
2011-02-10 19:27:02 ----RSD---- C:\Windows\assembly
2011-02-10 19:10:45 ----D---- C:\Instalace
2011-02-10 08:17:49 ----D---- C:\Program Files\Internet Explorer
2011-02-10 08:17:49 ----D---- C:\Program Files (x86)\Internet Explorer
2011-02-10 08:17:47 ----D---- C:\Windows\system32\drivers
2011-02-10 07:40:50 ----D---- C:\ProgramData\Microsoft Help
2011-02-10 07:36:13 ----D---- C:\Windows\debug
2011-02-10 07:36:10 ----A---- C:\Windows\system32\MRT.exe
2011-02-09 21:11:23 ----D---- C:\Users\Honza\AppData\Roaming\GetRightToGo
2011-02-09 21:01:25 ----D---- C:\Windows\pss
2011-02-09 20:15:12 ----D---- C:\Users\Honza\AppData\Roaming\TS3Client
2011-02-06 20:40:49 ----D---- C:\Users\Honza\AppData\Roaming\_MDLogs
2011-02-06 10:17:51 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-02-05 22:32:34 ----D---- C:\Windows\system32\DriverStore
2011-02-05 22:32:28 ----D---- C:\Windows\Driver Cache
2011-02-05 22:32:18 ----RD---- C:\Program Files
2011-02-05 19:52:34 ----D---- C:\Program Files (x86)\Winamp
2011-02-05 12:24:24 ----D---- C:\Windows\Minidump
2011-02-02 17:11:20 ----N---- C:\Windows\system32\MpSigStub.exe
2011-02-01 16:04:37 ----D---- C:\ProgramData\Ubisoft
2011-01-31 22:35:20 ----D---- C:\Windows\system32\NDF
2011-01-31 15:56:29 ----D---- C:\Windows\system32\drivers\etc
2011-01-31 15:24:45 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-01-29 19:34:45 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2011-01-29 16:08:25 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-08 408600]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2010-06-09 460888]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-29 834544]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-01-15 250008]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-01-15 39888]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-01-15 89840]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2010-06-09 11864]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2011-01-27 556120]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2010-04-22 27736]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2010-07-07 50696]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 41272]
R3 BCM43XX;Ovladac sítového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-02-24 2838008]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-11-02 22544]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-09-07 155752]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-10-03 258560]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 320560]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 40448]
S2 IoHw32;IoHw32 Kernel Driver; \??\C:\Program Files (x86)\HInfoCPU\IoHw32.sys []
S3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2009-05-22 311424]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zarízení Bluetooth (sít PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladac portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Ovladac rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-09-17 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-09-17 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-09-17 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-09-17 21160]
S3 cpuz132;cpuz132; \??\C:\Users\Honza\AppData\Local\Temp\cpuz132\cpuz132_x64.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys []
S3 RFCOMM;Zarízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 usbscan;Ovladac skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-21 79976]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
R2 AVP;Kaspersky Anti-Virus Service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [2010-11-02 365336]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-09-04 873248]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-01-15 2421736]
R2 DpHost;@C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe [2009-07-01 322624]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2009-10-15 120832]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 30520]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-10-16 989800]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-01-29 75136]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe [2011-02-06 948775]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [2010-03-23 247808]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2009-07-12 1924400]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2009-06-06 250616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-29 1255736]
S4 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-19 2011944]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 27 úno 2011 08:47

Zdravim a pekny den preji

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 5 az 10 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

trusi · #3 Příspěvek od **trusi** » 27 úno 2011 11:49

OTL Extras logfile created on: 27.2.2011 11:14:59 - Run 1
OTL by OldTimer - Version 3.2.22.1 Folder = C:\Users\Honza\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 291,95 Gb Total Space | 214,67 Gb Free Space | 73,53% Space Free | Partition Type: NTFS
Drive D: | 286,85 Gb Total Space | 118,95 Gb Free Space | 41,47% Space Free | Partition Type: NTFS
Drive E: | 99,34 Mb Total Space | 98,64 Mb Free Space | 99,30% Space Free | Partition Type: FAT32
Drive G: | 17,08 Gb Total Space | 2,74 Gb Free Space | 16,04% Space Free | Partition Type: NTFS

Computer Name: HONZA-NTB | User Name: Honza | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416015FF}" = Java(TM) 6 Update 15 (64-bit)
"{33DBA3CA-4E9D-4087-9911-359E45263D92}" = HP 3D DriveGuard
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{62A20ECA-920E-4052-BF77-88C78DD20FAA}" = Validity Sensors DDK
"{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java(TM) SE Development Kit 6 Update 15 (64-bit)
"{701D8EE6-6A5A-4509-9740-35F551193CE0}" = Windows Live Family Safety
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.1.9.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DD3BF908-F6B0-45A5-BED3-79E8888DDA93}" = DigitalPersona Personal 4.10
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"6B8550A319DDC8B17F35F4A89988705E4592349B" = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"nbi-glassfish-mod-3.0.1.22.0" = GlassFish Server Open Source Edition 3.0.1
"nbi-nb-base-6.9.1.0.0" = NetBeans IDE 6.9.1
"Speccy" = Speccy
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{06F22256-8A8D-4F3F-B22C-6E07313D0FD1}" = HP Support Assistant
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = The Battle for Middle-earth (tm) II
"{2EBA8202-FBD5-4004-81EA-BDC38C054CE2}" = HP User Guides 0153
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{4669544E-20E4-4E56-8B44-2E6E1200051F}" = Canon MP Toolbox 4.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{58F8C6D9-5B55-486A-A322-4E8D87670031}" = Canon MP Drivers
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Anti-Virus 2011
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{81DD0597-29EB-4FA0-8223-4F41362B2E72}" = NBA 2K11
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95140000-007A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{99BEB67F-B288-44F5-8B2A-23F5A52FA1AE}_is1" = Universal AntiCheat 3 v1.021 r3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A5647D9D-9B26-496D-9A08-67E36042F777}" = Game Fire
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.1 - Czech
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4DA04B6-3EC4-4DFD-A14E-44959EF36D5B}" = Feed Viewer for Windows SideShow
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = VideoStudio
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FE7FDB2F-4AFC-4B11-A2BE-95318CCA20F8}_is1" = Hide Folders v2.2
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIMP2" = AIMP2
"ATC_is1" = Advanced Tactical Center™ 1.0
"ClientMod_SWAT4_v1.1_is1" = Client Mod v13 for SWAT 4 v1.1
"Counter-Strike 1.6" = Counter-Strike 1.6
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Anti-Virus 2011
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MP4 to MP3 Converter 3" = MP4 to MP3 Converter 3
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"Spyware Terminator_is1" = Spyware Terminator
"TeamViewer 5" = TeamViewer 5
"The KMPlayer" = The KMPlayer (remove only)
"Total Video Converter 3.12_is1" = Total Video Converter 3.12 080330
"Total Video Player_is1" = Total Video Player 1.0
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"Veetle TV" = Veetle TV 0.9.18
"VLC media player" = VLC media player 1.0.1
"WildTangent hp Master Uninstall" = HP Games
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"Xfire" = Xfire (remove only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1374301015-3030359024-3010537099-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GameRanger" = GameRanger
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5.2.2011 6:16:46 | Computer Name = Honza-ntb | Source = Application Hang | ID = 1002
Description = Program winamp.exe verze 5.5.8.2985 prestal spolupracovat se systémem
Windows a byl ukoncen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1798 Cas spuštení: 01cbc51db236a8bc Cas ukoncení: 16 Cesta k aplikaci: C:\Program
Files (x86)\Winamp\winamp.exe ID hlášení: 07f84069-3111-11e0-8803-0026825a6eb7

Error - 5.2.2011 10:56:25 | Computer Name = Honza-ntb | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Swat4.exe, verze: 1.0.31973.0, casové razítko:
0x42167d74 Název chybujícího modulu: xfire_toucan_43121.dll, verze: 1.0.0.43094,
casové razítko: 0x4c376f00 Kód výjimky: 0xc0000005 Posun chyby: 0x00047908 ID chybujícího
procesu: 0x8e4 Cas spuštení chybující aplikace: 0x01cbc538e7a5a198 Cesta k chybující
aplikaci: D:\Hry\Swat 4 1.0\Content\System\Swat4.exe Cesta k chybujícímu modulu:
C:\Program Files (x86)\Xfire\xfire_toucan_43121.dll ID zprávy: 19b24924-3138-11e0-8bf6-c80aa91d3ba1

Error - 5.2.2011 14:52:03 | Computer Name = Honza-ntb | Source = Application Hang | ID = 1002
Description = Program winamp.exe verze 5.5.8.2985 prestal spolupracovat se systémem
Windows a byl ukoncen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1250 Cas spuštení: 01cbc563c0252215 Cas ukoncení: 12 Cesta k aplikaci: C:\Program
Files (x86)\Winamp\winamp.exe ID hlášení: 0262eba6-3159-11e0-8bf6-c80aa91d3ba1

Error - 6.2.2011 5:03:04 | Computer Name = Honza-ntb | Source = Application Hang | ID = 1002
Description = Program tvp.exe verze 1.0.6.704 prestal spolupracovat se systémem
Windows a byl ukoncen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
904 Cas spuštení: 01cbc5dc6a478bd8 Cas ukoncení: 49 Cesta k aplikaci: C:\Program Files
(x86)\Total Video Player\tvp.exe ID hlášení: c4ba9546-31cf-11e0-96c9-c80aa91d3ba1

Error - 6.2.2011 16:44:35 | Computer Name = Honza-ntb | Source = Application Hang | ID = 1002
Description = Program DLLHOST.EXE verze 6.1.7600.16385 prestal spolupracovat se
systémem Windows a byl ukoncen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: f4c Cas spuštení: 01cbc63e65576472 Cas ukoncení: 60000 Cesta k aplikaci:
C:\WINDOWS\SYSWOW64\DLLHOST.EXE ID hlášení: ba4764b7-3231-11e0-960b-c80aa91d3ba1

Error - 7.2.2011 13:35:30 | Computer Name = Honza-ntb | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Swat4.exe, verze: 1.0.31973.0, casové razítko:
0x42167d74 Název chybujícího modulu: xfire_toucan_43121.dll, verze: 1.0.0.43094,
casové razítko: 0x4c376f00 Kód výjimky: 0xc0000005 Posun chyby: 0x00047908 ID chybujícího
procesu: 0x8bc Cas spuštení chybující aplikace: 0x01cbc6da1ba6e5e7 Cesta k chybující
aplikaci: D:\Hry\Swat 4 1.0\Content\System\Swat4.exe Cesta k chybujícímu modulu:
C:\Program Files (x86)\Xfire\xfire_toucan_43121.dll ID zprávy: a82269d1-32e0-11e0-b13d-c80aa91d3ba1

Error - 7.2.2011 17:30:11 | Computer Name = Honza-ntb | Source = Application Hang | ID = 1002
Description = Program TVP.EXE verze 1.0.6.704 prestal spolupracovat se systémem
Windows a byl ukoncen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1348 Cas spuštení: 01cbc70de2134fac Cas ukoncení: 35 Cesta k aplikaci: C:\PROGRAM
FILES (X86)\TOTAL VIDEO PLAYER\TVP.EXE ID hlášení: 6b4e8fda-3301-11e0-b13d-c80aa91d3ba1

Error - 7.2.2011 18:28:56 | Computer Name = Honza-ntb | Source = Application Hang | ID = 1002
Description = Program TVP.EXE verze 1.0.6.704 prestal spolupracovat se systémem
Windows a byl ukoncen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1a78 Cas spuštení: 01cbc7160811e8ca Cas ukoncení: 32 Cesta k aplikaci: C:\PROGRAM
FILES (X86)\TOTAL VIDEO PLAYER\TVP.EXE ID hlášení: a22c8742-3309-11e0-b13d-c80aa91d3ba1

Error - 8.2.2011 11:15:21 | Computer Name = Honza-ntb | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Swat4.exe, verze: 1.0.31973.0, casové razítko:
0x42167d74 Název chybujícího modulu: xfire_toucan_43121.dll, verze: 1.0.0.43094,
casové razítko: 0x4c376f00 Kód výjimky: 0xc0000005 Posun chyby: 0x00047908 ID chybujícího
procesu: 0x83c Cas spuštení chybující aplikace: 0x01cbc79b5d7d85d3 Cesta k chybující
aplikaci: D:\Hry\Swat 4 1.0\Content\System\Swat4.exe Cesta k chybujícímu modulu:
C:\Program Files (x86)\Xfire\xfire_toucan_43121.dll ID zprávy: 3e8a2f3b-3396-11e0-83cb-c80aa91d3ba1

Error - 8.2.2011 17:28:48 | Computer Name = Honza-ntb | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Swat4.exe, verze: 1.0.31973.0, casové razítko:
0x42167d74 Název chybujícího modulu: xfire_toucan_43121.dll, verze: 1.0.0.43094,
casové razítko: 0x4c376f00 Kód výjimky: 0xc0000005 Posun chyby: 0x00047908 ID chybujícího
procesu: 0x10a8 Cas spuštení chybující aplikace: 0x01cbc7c9f9f3986f Cesta k chybující
aplikaci: D:\Hry\Swat 4 1.0\Content\System\Swat4.exe Cesta k chybujícímu modulu:
C:\Program Files (x86)\Xfire\xfire_toucan_43121.dll ID zprávy: 69eab5db-33ca-11e0-af29-c80aa91d3ba1

[ DigitalPersona Pro Events ]
Error - 18.2.2011 2:07:29 | Computer Name = Honza-ntb | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 18.2.2011 2:07:31 | Computer Name = Honza-ntb | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 19.2.2011 0:41:35 | Computer Name = Honza-ntb | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 19.2.2011 0:41:38 | Computer Name = Honza-ntb | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 19.2.2011 0:41:40 | Computer Name = Honza-ntb | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 19.2.2011 11:35:54 | Computer Name = Honza-ntb | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 19.2.2011 11:35:57 | Computer Name = Honza-ntb | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 19.2.2011 11:36:00 | Computer Name = Honza-ntb | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 19.2.2011 11:36:02 | Computer Name = Honza-ntb | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 24.2.2011 1:47:04 | Computer Name = Honza-ntb | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

[ Hewlett-Packard Events ]
Error - 6.9.2010 14:46:18 | Computer Name = Honza-ntb | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Soubor C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml
nebyl nalezen. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)

v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamReader..ctor(String
path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize)

v System.IO.StreamReader..ctor(String path, Encoding encoding) v System.IO.File.ReadAllText(String
path, Encoding encoding) v n.a(Object A_0, EventArgs A_1)

Error - 4.10.2010 16:06:44 | Computer Name = Honza-ntb | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Soubor C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml
nebyl nalezen. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)

v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamReader..ctor(String
path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize)

v System.IO.StreamReader..ctor(String path, Encoding encoding) v System.IO.File.ReadAllText(String
path, Encoding encoding) v n.a(Object A_0, EventArgs A_1)

Error - 4.10.2010 16:06:45 | Computer Name = Honza-ntb | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Soubor C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml
nebyl nalezen. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)

v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamReader..ctor(String
path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize)

v System.IO.StreamReader..ctor(String path, Encoding encoding) v System.IO.File.ReadAllText(String
path, Encoding encoding) v n.a(Object A_0, EventArgs A_1)

Error - 15.10.2010 12:10:23 | Computer Name = Honza-ntb | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Soubor C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml
nebyl nalezen. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)

v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamReader..ctor(String
path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize)

v System.IO.StreamReader..ctor(String path, Encoding encoding) v System.IO.File.ReadAllText(String
path, Encoding encoding) v n.a(Object A_0, EventArgs A_1)

Error - 15.10.2010 12:10:23 | Computer Name = Honza-ntb | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Soubor C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml
nebyl nalezen. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)

v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamReader..ctor(String
path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize)

v System.IO.StreamReader..ctor(String path, Encoding encoding) v System.IO.File.ReadAllText(String
path, Encoding encoding) v n.a(Object A_0, EventArgs A_1)

Error - 13.12.2010 15:10:26 | Computer Name = Honza-ntb | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Soubor C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml
nebyl nalezen. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)

v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamReader..ctor(String
path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize)

v System.IO.StreamReader..ctor(String path, Encoding encoding) v System.IO.File.ReadAllText(String
path, Encoding encoding) v n.a(Object A_0, EventArgs A_1)

Error - 13.12.2010 15:10:27 | Computer Name = Honza-ntb | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Soubor C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml
nebyl nalezen. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)

v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamReader..ctor(String
path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize)

v System.IO.StreamReader..ctor(String path, Encoding encoding) v System.IO.File.ReadAllText(String
path, Encoding encoding) v n.a(Object A_0, EventArgs A_1)

Error - 20.12.2010 15:45:15 | Computer Name = Honza-ntb | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Soubor C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml
nebyl nalezen. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)

v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamReader..ctor(String
path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize)

v System.IO.StreamReader..ctor(String path, Encoding encoding) v System.IO.File.ReadAllText(String
path, Encoding encoding) v n.a(Object A_0, EventArgs A_1)

Error - 20.12.2010 15:45:16 | Computer Name = Honza-ntb | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Soubor C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml
nebyl nalezen. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)

v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamReader..ctor(String
path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize)

v System.IO.StreamReader..ctor(String path, Encoding encoding) v System.IO.File.ReadAllText(String
path, Encoding encoding) v n.a(Object A_0, EventArgs A_1)

Error - 10.1.2011 15:40:08 | Computer Name = Honza-ntb | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Soubor C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml
nebyl nalezen. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)

v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamReader..ctor(String
path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize)

v System.IO.StreamReader..ctor(String path, Encoding encoding) v System.IO.File.ReadAllText(String
path, Encoding encoding) v n.a(Object A_0, EventArgs A_1)

[ Media Center Events ]
Error - 30.1.2011 6:27:12 | Computer Name = Honza-ntb | Source = MCUpdate | ID = 0
Description = 11:27:04 - Chyba pri pripojování k Internetu 11:27:04 - Nelze kontaktovat
server..

Error - 5.2.2011 7:34:48 | Computer Name = Honza-ntb | Source = MCUpdate | ID = 0
Description = 12:34:48 - Nactení položky Directory se nezdarilo. (Chyba: Ke vzdálenému
serveru se nelze pripojit.)

Error - 5.2.2011 7:35:46 | Computer Name = Honza-ntb | Source = MCUpdate | ID = 0
Description = 12:35:46 - Nactení položky Broadband se nezdarilo. (Chyba: Ke vzdálenému
serveru se nelze pripojit.)

Error - 5.2.2011 7:36:35 | Computer Name = Honza-ntb | Source = MCUpdate | ID = 0
Description = 12:36:28 - Nactení položky EpgListings se nezdarilo. (Chyba: Ke vzdálenému
serveru se nelze pripojit.)

Error - 23.2.2011 20:24:45 | Computer Name = Honza-ntb | Source = MCUpdate | ID = 0
Description = 1:24:45 - Chyba pri pripojování k Internetu 1:24:45 - Nelze kontaktovat
server..

Error - 23.2.2011 20:24:57 | Computer Name = Honza-ntb | Source = MCUpdate | ID = 0
Description = 1:24:50 - Chyba pri pripojování k Internetu 1:24:50 - Nelze kontaktovat
server..

Error - 23.2.2011 21:25:01 | Computer Name = Honza-ntb | Source = MCUpdate | ID = 0
Description = 2:25:01 - Chyba pri pripojování k Internetu 2:25:01 - Nelze kontaktovat
server..

Error - 23.2.2011 21:25:08 | Computer Name = Honza-ntb | Source = MCUpdate | ID = 0
Description = 2:25:06 - Chyba pri pripojování k Internetu 2:25:06 - Nelze kontaktovat
server..

Error - 24.2.2011 1:41:14 | Computer Name = Honza-ntb | Source = MCUpdate | ID = 0
Description = 6:41:14 - Chyba pri pripojování k Internetu 6:41:14 - Nelze kontaktovat
server..

Error - 24.2.2011 1:41:33 | Computer Name = Honza-ntb | Source = MCUpdate | ID = 0
Description = 6:41:19 - Chyba pri pripojování k Internetu 6:41:19 - Nelze kontaktovat
server..

[ System Events ]
Error - 26.2.2011 12:08:37 | Computer Name = Honza-ntb | Source = Service Control Manager | ID = 7031
Description = Služba HP Health Check Service byla necekane ukoncena. Stalo se to
1 krát. Následující opravná akce bude spuštena za 60000 milisekund: Restartovat
službu.

Error - 26.2.2011 12:08:58 | Computer Name = Honza-ntb | Source = Service Control Manager | ID = 7031
Description = Služba Služba zarazování tisku byla necekane ukoncena. Stalo se to
1 krát. Následující opravná akce bude spuštena za 60000 milisekund: Restartovat
službu.

Error - 26.2.2011 12:09:10 | Computer Name = Honza-ntb | Source = Service Control Manager | ID = 7034
Description = Služba hpqwmiex byla neocekávane ukoncena. Tento stav nastal již 1krát.

Error - 27.2.2011 2:05:29 | Computer Name = Honza-ntb | Source = Application Popup | ID = 1060
Description = Nactení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvuli
nekompatibilite s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladace.

Error - 27.2.2011 2:05:36 | Computer Name = Honza-ntb | Source = EventLog | ID = 6008
Description = Predchozí vypnutí systému (1:45:57, ?27.?2.?2011) bylo neocekávané.

Error - 27.2.2011 2:05:30 | Computer Name = Honza-ntb | Source = Application Popup | ID = 1060
Description = Nactení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvuli
nekompatibilite s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladace.

Error - 27.2.2011 2:05:30 | Computer Name = Honza-ntb | Source = Application Popup | ID = 1060
Description = Nactení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvuli
nekompatibilite s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladace.

Error - 27.2.2011 2:05:43 | Computer Name = Honza-ntb | Source = Service Control Manager | ID = 7000
Description = Služba IoHw32 Kernel Driver neuspela pri spuštení v dusledku následující
chyby: %%3

Error - 27.2.2011 2:06:39 | Computer Name = Honza-ntb | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukoncena s chybou %%-2147023143,
specifickou pro službu.

Error - 27.2.2011 6:40:00 | Computer Name = Honza-ntb | Source = Application Popup | ID = 1060
Description = Nactení \??\C:\Windows\SysWow64\drivers\HMFAxCore56d706f6725c732df00669
bylo zablokováno kvuli nekompatibilite s tímto systémem. Požádejte dodavatele softwaru
o
kompatibilní verzi ovladace.

< End of report >

trusi · #4 Příspěvek od **trusi** » 27 úno 2011 11:50

OTL logfile created on: 27.2.2011 11:14:59 - Run 1
OTL by OldTimer - Version 3.2.22.1 Folder = C:\Users\Honza\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 291,95 Gb Total Space | 214,67 Gb Free Space | 73,53% Space Free | Partition Type: NTFS
Drive D: | 286,85 Gb Total Space | 118,95 Gb Free Space | 41,47% Space Free | Partition Type: NTFS
Drive E: | 99,34 Mb Total Space | 98,64 Mb Free Space | 99,30% Space Free | Partition Type: FAT32
Drive G: | 17,08 Gb Total Space | 2,74 Gb Free Space | 16,04% Space Free | Partition Type: NTFS

Computer Name: HONZA-NTB | User Name: Honza | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.02.27 11:12:26 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Downloads\OTL.exe
PRC - [2011.02.27 10:20:22 | 000,271,200 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2011.01.29 16:08:25 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.11.02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
PRC - [2010.07.09 20:00:26 | 003,493,776 | ---- | M] (Xfire Inc.) -- C:\Program Files (x86)\Xfire\Xfire.exe
PRC - [2009.10.05 23:08:42 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009.07.01 18:43:54 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
PRC - [2009.07.01 18:43:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe

========== Modules (SafeList) ==========

MOD - [2011.02.27 11:12:26 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Downloads\OTL.exe
MOD - [2011.01.15 10:09:02 | 000,285,480 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010.07.09 20:00:34 | 000,970,640 | ---- | M] (Xfire Inc.) -- C:\Program Files (x86)\Xfire\xfire_toucan_43121.dll
MOD - [2009.07.21 12:22:24 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr71.dll
MOD - [2009.07.14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009.07.01 18:43:52 | 000,494,656 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpOFeedb.dll
MOD - [2009.07.01 18:43:52 | 000,363,584 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpOSet.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.01.15 10:07:51 | 002,421,736 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2010.09.22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.03.23 13:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.09.04 13:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.12 22:18:24 | 001,924,400 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009.07.08 13:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009.03.02 17:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)
SRV - [2011.02.27 10:20:22 | 000,271,200 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2011.02.06 10:52:23 | 000,948,775 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2011.01.29 16:08:25 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.11.02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP)
SRV - [2010.10.19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.07.12 22:04:26 | 001,656,112 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2009.07.01 18:43:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.06 01:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009.02.22 12:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.01.27 07:09:01 | 000,556,120 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2010.09.22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.09.07 21:08:55 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.07.29 12:51:31 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.07.07 11:26:46 | 000,050,696 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2010.06.09 16:44:00 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2010.06.09 16:43:56 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2010.05.27 21:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.04.22 18:07:36 | 000,027,736 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2010.03.23 13:53:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010.02.24 01:28:46 | 002,838,008 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.11.02 19:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009.10.10 03:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.10.03 04:58:12 | 000,258,560 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.09.17 21:56:24 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.09.17 21:56:16 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.09.17 21:56:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.09.17 21:56:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.08.21 09:52:09 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.08.08 05:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.07.21 04:39:22 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.08 13:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009.07.08 13:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009.06.29 19:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.22 07:32:52 | 000,311,424 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVerAF15.sys -- (AVerAF15)
DRV:64bit: - [2009.04.29 08:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2003.12.05 02:46:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKLM\..\URLSearchHook: {fd3d3852-dcda-468c-8995-8ced7333918a} - Reg Error: Key error. File not found

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\..\URLSearchHook: {fd3d3852-dcda-468c-8995-8ced7333918a} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "XfireXO Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.basketsim.com/transfermarket ... on=buyouth"
FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.3787
FF - prefs.js..extensions.enabledItems: mravo@email.si:0.5.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.7.2.0
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.556
FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q="
FF - prefs.js..network.proxy.type: 0

FF - user.js..network.proxy.socks: ""
FF - user.js..network.proxy.socks_port: 0
FF - user.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2010.02.24 02:13:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.01.31 15:24:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.05 19:52:35 | 000,000,000 | ---D | M]

[2010.07.29 12:53:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Extensions
[2011.02.16 17:35:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lisva731.default\extensions
[2010.10.10 16:21:59 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lisva731.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010.09.29 16:15:34 | 000,000,000 | ---D | M] ("BasketFox") -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lisva731.default\extensions\mravo@email.si
[2010.08.29 14:50:21 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lisva731.default\extensions\vshare@toolbar
[2010.09.21 17:57:44 | 000,000,917 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lisva731.default\searchplugins\conduit.xml
[2010.08.29 14:50:26 | 000,001,583 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lisva731.default\searchplugins\web-search.xml
[2011.02.16 17:35:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.10.10 21:00:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011.01.27 07:10:24 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010.02.24 02:13:47 | 000,000,000 | ---D | M] (DigitalPersona Extension) -- C:\PROGRAM FILES (X86)\DIGITALPERSONA\BIN\FIREFOXEXT
[2010.10.10 20:59:47 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2011.01.31 15:24:38 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2011.01.31 15:24:38 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2011.01.31 15:24:38 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2011.01.31 15:24:38 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2011.01.31 15:24:38 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.01.31 15:56:29 | 000,429,287 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14777 more lines...
O2:64bit: - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {fd3d3852-dcda-468c-8995-8ced7333918a} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {fd3d3852-dcda-468c-8995-8ced7333918a} - No CLSID value found.
O3 - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\..\Toolbar\WebBrowser: (no name) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No CLSID value found.
O3 - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\..\Toolbar\WebBrowser: (no name) - {FD3D3852-DCDA-468C-8995-8CED7333918A} - No CLSID value found.
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000..\Run: [AntiVirus AntiSpyware 2011] C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\AntiVirus AntiSpyware.exe (It Systems)
O4 - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000..\Run: [AntiVirus AntiSpyware 2011 Security] C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\securitymanager.exe (It Systems)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - HKLM..\RunServices: [scanner] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Value error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O20 - Winlogon\Notify\klogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O28 - HKLM ShellExecuteHooks: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.dvacm - C:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm (Corel TW Corp.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.MPEGacm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.scg726 - C:\Windows\SysWow64\scg726.acm (SHARP Corporation)
Drivers32: msacm.ulmp3acm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.XFR1 - C:\Windows\SysWow64\xfcodec.dll ()

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 7 Days ==========

[2011.02.26 17:02:14 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AntiVirus AntiSpyware 2011
[2011.02.26 17:02:14 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011
[2011.02.24 12:00:21 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\Microsoft Games
[2011.02.23 14:15:42 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.02.23 14:15:42 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.02.23 14:15:42 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.02.23 14:15:42 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.02.27 10:56:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1374301015-3030359024-3010537099-1000UA.job
[2011.02.27 10:20:22 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.02.27 10:20:22 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.02.27 09:04:52 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.02.27 07:13:06 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.27 07:13:06 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.27 07:05:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.27 07:05:31 | 3214,045,184 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.26 16:47:49 | 001,497,602 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.02.26 16:47:49 | 000,639,986 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.02.26 16:47:49 | 000,632,924 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.02.26 16:47:49 | 000,126,866 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.02.26 16:47:49 | 000,110,540 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.02.26 06:56:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1374301015-3030359024-3010537099-1000Core.job
[2011.02.25 17:00:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\UpdateCheck.job
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.02.26 17:02:15 | 000,001,910 | ---- | C] () -- C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AntiVirus AntiSpyware 2011.lnk
[2011.01.05 14:44:00 | 000,000,030 | ---- | C] () -- C:\Windows\TextSpy.ini
[2010.12.23 16:11:15 | 000,007,603 | ---- | C] () -- C:\Users\Honza\AppData\Local\resmon.resmoncfg
[2010.11.09 16:10:33 | 000,000,304 | ---- | C] () -- C:\Windows\game.ini
[2010.10.30 22:52:28 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2010.10.25 19:55:58 | 000,000,145 | ---- | C] () -- C:\Windows\wininit.ini
[2010.10.19 17:04:24 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2010.09.16 17:40:51 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.09.16 17:40:50 | 002,337,865 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.09.16 17:40:50 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.07.30 17:49:31 | 001,497,316 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.07.30 09:48:54 | 000,040,960 | ---- | C] () -- C:\Program Files (x86)\Uninstall_CDS.exe
[2010.07.29 13:46:30 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.07.09 20:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010.02.24 02:01:32 | 000,209,040 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll
[2010.02.24 02:01:32 | 000,204,944 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll
[2010.02.24 02:01:32 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll
[2010.02.24 02:01:32 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll
[2010.02.24 02:01:32 | 000,192,656 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll
[2010.02.24 02:01:32 | 000,024,720 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll
[2010.02.24 01:22:38 | 000,000,283 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010.02.24 01:22:38 | 000,000,224 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010.01.08 23:40:45 | 000,009,868 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2009.09.29 15:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.06.07 12:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\vbzlib1.dll
[2008.10.22 04:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== LOP Check ==========

[2010.09.02 19:08:29 | 000,000,000 | ---D | M] -- C:\Users\Fotr\AppData\Roaming\DigitalPersona
[2010.09.02 19:08:59 | 000,000,000 | ---D | M] -- C:\Users\Fotr\AppData\Roaming\GHISLER
[2010.12.22 13:41:19 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\2K Sports
[2011.02.26 14:27:25 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\AIMP
[2011.02.26 17:02:14 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011
[2010.12.12 16:41:23 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Auslogics
[2011.01.18 17:00:59 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Canneverbe Limited
[2010.07.29 20:16:42 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
[2010.07.29 12:19:30 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\DigitalPersona
[2010.11.07 14:50:26 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\GameRanger
[2011.02.09 21:11:23 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\GetRightToGo
[2010.12.28 08:03:46 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\GHISLER
[2010.09.29 05:34:00 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Leadertech
[2011.02.14 19:41:01 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2011.01.02 10:05:19 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\OpenCandy
[2011.02.26 17:01:48 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Spyware Terminator
[2010.12.22 21:13:46 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TeamViewer
[2011.02.09 20:15:12 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TS3Client
[2010.12.23 17:31:58 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Tunngle
[2011.02.01 16:04:37 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ubisoft
[2011.02.22 19:03:59 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\uTorrent
[2010.08.16 18:15:24 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\VitySoft
[2010.12.21 22:27:42 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Windows Live Writer
[2011.02.07 15:43:29 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\ZqWare
[2011.02.06 20:40:49 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\_MDLogs
[2011.02.10 07:07:43 | 000,032,520 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.02.25 17:00:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\UpdateCheck.job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"AntiVirus AntiSpyware 2011" = "C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\AntiVirus AntiSpyware.exe" /STARTUP -- [2011.02.26 15:28:14 | 002,794,496 | ---- | M] (It Systems)
"AntiVirus AntiSpyware 2011 Security" = C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\securitymanager.exe -- [2011.02.26 15:28:15 | 000,194,560 | ---- | M] (It Systems)

< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.12.22 13:41:19 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\2K Sports
[2010.07.29 20:26:47 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Adobe
[2011.02.26 14:27:25 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\AIMP
[2011.02.26 17:02:14 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011
[2010.08.14 17:36:59 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Apple Computer
[2010.12.12 16:41:23 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Auslogics
[2011.01.18 17:00:59 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Canneverbe Limited
[2010.07.30 18:25:42 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\CyberLink
[2010.07.29 20:16:42 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
[2010.07.29 12:19:30 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\DigitalPersona
[2010.12.18 11:45:04 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\dvdcss
[2010.11.07 14:50:26 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\GameRanger
[2011.02.09 21:11:23 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\GetRightToGo
[2010.12.28 08:03:46 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\GHISLER
[2010.12.19 15:19:49 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Hamachi
[2010.08.28 13:44:03 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Hewlett-Packard
[2010.08.28 13:47:07 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\HP Support Assistant
[2010.07.29 12:24:27 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\hpqLog
[2010.08.28 13:47:07 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\HpUpdate
[2010.07.29 12:18:44 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Identities
[2010.09.29 05:34:00 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Leadertech
[2010.07.29 12:39:01 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Macromedia
[2010.07.29 12:20:30 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Macrovision
[2010.02.24 10:13:31 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Media Center Programs
[2011.01.02 12:19:05 | 000,000,000 | --SD | M] -- C:\Users\Honza\AppData\Roaming\Microsoft
[2010.07.29 12:53:29 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla
[2011.02.14 19:41:01 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2011.01.02 10:05:19 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\OpenCandy
[2010.11.02 17:28:04 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\PSpad
[2010.08.18 14:57:23 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\SecuROM
[2011.01.29 19:34:45 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Skype
[2011.02.26 17:01:48 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Spyware Terminator
[2010.12.22 21:13:46 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TeamViewer
[2011.02.09 20:15:12 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TS3Client
[2010.12.23 17:31:58 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Tunngle
[2011.02.01 16:04:37 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ubisoft
[2011.02.22 19:03:59 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\uTorrent
[2010.08.16 18:15:24 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\VitySoft
[2011.02.20 10:25:48 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\vlc
[2010.12.21 22:27:42 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Windows Live Writer
[2010.07.30 10:52:00 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\WinRAR
[2011.02.26 21:54:55 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Xfire
[2011.02.07 15:43:29 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\ZqWare
[2011.02.06 20:40:49 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\_MDLogs

< %APPDATA%\*.exe /s >
[2011.02.26 15:28:14 | 002,794,496 | ---- | M] (It Systems) -- C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\AntiVirus AntiSpyware.exe
[2011.02.26 17:02:08 | 004,350,464 | ---- | M] (It Systems) -- C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\securityhelper.exe
[2011.02.26 15:28:15 | 000,194,560 | ---- | M] (It Systems) -- C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\securitymanager.exe
[2011.01.28 01:43:22 | 001,257,184 | ---- | M] (GameRanger Technologies) -- C:\Users\Honza\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
[2011.01.02 10:05:21 | 000,349,296 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\OpenCandy\OpenCandy_27F59B04F69943A599D532C212188830\DLMgr_3_1.6.87.exe
[2010.12.17 23:07:06 | 000,043,440 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\OpenCandy\OpenCandy_27F59B04F69943A599D532C212188830\SpeedstarterCZ.exe
[2010.12.17 18:48:22 | 001,720,472 | ---- | M] (Speedchecker Limited ) -- C:\Users\Honza\AppData\Roaming\OpenCandy\OpenCandy_27F59B04F69943A599D532C212188830\ZrychleniPocitace.exe
[2011.01.02 10:05:33 | 001,842,096 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\OpenCandy\OpenCandy_27F59B04F69943A599D532C212188830\ZrychleniPocitace_p2v1.exe

< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.01.09 07:00:33 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=2632B7125E0730E019532CFCFFFFBFC0 -- C:\Windows\SysWOW64\autochk.exe
[2010.01.09 07:00:33 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=2632B7125E0730E019532CFCFFFFBFC0 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_e28cf2983c0715a1\autochk.exe
[2010.01.09 07:00:33 | 000,777,216 | ---- | M] (Microsoft Corporation) MD5=3AE12EC776AB9830462E8197FB5C88CF -- C:\Windows\SysNative\autochk.exe
[2010.01.09 07:00:33 | 000,777,216 | ---- | M] (Microsoft Corporation) MD5=3AE12EC776AB9830462E8197FB5C88CF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_3eab8e1bf46486d7\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\SysNative\cryptsvc.dll
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2010.01.09 07:00:21 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010.01.09 07:00:21 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010.01.09 07:00:21 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010.01.09 07:00:21 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTOR.SYS >
[2009.08.08 05:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009.08.08 05:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\SwSetup\Drivers\IMSM\Winall\Driver\IaStor.sys
[2009.08.08 05:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009.08.08 05:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\SwSetup\Drivers\IMSM\Winall\Driver64\IaStor.sys
[2009.08.08 05:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysNative\drivers\iaStor.sys
[2009.08.08 05:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_4fa22a1c88c09097\iaStor.sys

< MD5 for: IASTORV.SYS >
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

trusi · #5 Příspěvek od **trusi** » 27 úno 2011 11:51

< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\drivers\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\SysNative\drivers\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 02:15:20 | 000,380,957 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\expsrv.dll
[2009.07.14 02:15:50 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\msvbvm60.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 02:15:20 | 000,380,957 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\expsrv.dll
[2009.07.14 02:15:50 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\msvbvm60.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >
[2011.02.27 11:40:00 | 000,015,872 | ---- | M] () -- C:\Windows\SysWOW64\drivers\HMFAxCore56d706f6725c732df006697fd5ec3381.sys

< %systemroot%\system32\*.* /3 >
[2011.02.27 09:04:52 | 000,271,200 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.ex0
[2011.02.27 10:20:22 | 000,271,200 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
[2011.02.27 10:20:22 | 000,271,200 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.xtr
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:587EB586

< End of report >

musel jsem to rozkouskovat, protože to bylo moc dlouhý

#6 Příspěvek od **vyosek** » 27 úno 2011 13:52

Rozdeleni je naprosto v poradku

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKLM\..\URLSearchHook: {fd3d3852-dcda-468c-8995-8ced7333918a} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\..\URLSearchHook: {fd3d3852-dcda-468c-8995-8ced7333918a} - Reg Error: Key error. File not found
FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "XfireXO Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.basketsim.com/transfermarket.php?action=buyouth"
FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q="
[2010.08.29 14:50:26 | 000,001,583 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lisva731.default\searchplugins\web-search.xml
O2 - BHO: (no name) - {fd3d3852-dcda-468c-8995-8ced7333918a} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {fd3d3852-dcda-468c-8995-8ced7333918a} - No CLSID value found.
O3 - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\..\Toolbar\WebBrowser: (no name) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No CLSID value found.
O3 - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\..\Toolbar\WebBrowser: (no name) - {FD3D3852-DCDA-468C-8995-8CED7333918A} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000..\Run: [AntiVirus AntiSpyware 2011] C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\AntiVirus AntiSpyware.exe (It Systems)
O4 - HKU\S-1-5-21-1374301015-3030359024-3010537099-1000..\Run: [AntiVirus AntiSpyware 2011 Security] C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\securitymanager.exe (It Systems)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - HKLM..\RunServices: [scanner] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_15)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\klogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - Reg Error: Key error. File not found
[2011.02.26 17:02:14 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AntiVirus AntiSpyware 2011
[2011.02.26 17:02:14 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2011.02.26 17:02:14 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011
[2011.02.26 17:02:15 | 000,001,910 | ---- | C] () -- C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AntiVirus AntiSpyware 2011.lnk
[2011.02.26 15:28:14 | 002,794,496 | ---- | M] (It Systems) -- C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\AntiVirus AntiSpyware.exe
[2011.02.26 17:02:08 | 004,350,464 | ---- | M] (It Systems) -- C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\securityhelper.exe
[2011.02.26 15:28:15 | 000,194,560 | ---- | M] (It Systems) -- C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\securitymanager.exe
[2010.12.17 18:48:22 | 001,720,472 | ---- | M] (Speedchecker Limited ) -- C:\Users\Honza\AppData\Roaming\OpenCandy\OpenCandy_27F59B04F69943A599D532C212188830\ZrychleniPocitace.exe
[2011.01.02 10:05:33 | 001,842,096 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\OpenCandy\OpenCandy_27F59B04F69943A599D532C212188830\ZrychleniPocitace_p2v1.exe
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:587EB586

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Honza^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameRanger.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Honza^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""=-
"scanner"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=-
 
:files
C:\Users\Honza\Downloads\scanner.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1374301015-3030359024-3010537099-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1374301015-3030359024-3010537099-1000UA.job
C:\Windows\tasks\UpdateCheck.job
C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

trusi · #7 Příspěvek od **trusi** » 27 úno 2011 16:54

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{fd3d3852-dcda-468c-8995-8ced7333918a} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd3d3852-dcda-468c-8995-8ced7333918a}\ not found.
HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1374301015-3030359024-3010537099-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1374301015-3030359024-3010537099-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\ not found.
Registry value HKEY_USERS\S-1-5-21-1374301015-3030359024-3010537099-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{fd3d3852-dcda-468c-8995-8ced7333918a} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd3d3852-dcda-468c-8995-8ced7333918a}\ not found.
Prefs.js: "XfireXO Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.as ... earchTerms}" removed from browser.search.defaulturl
Prefs.js: "XfireXO Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: "http://www.basketsim.com/transfermarket ... on=buyouth" removed from browser.startup.homepage
Prefs.js: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q=" removed from keyword.URL
C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lisva731.default\searchplugins\web-search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fd3d3852-dcda-468c-8995-8ced7333918a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd3d3852-dcda-468c-8995-8ced7333918a}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{fd3d3852-dcda-468c-8995-8ced7333918a} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd3d3852-dcda-468c-8995-8ced7333918a}\ not found.
Registry value HKEY_USERS\S-1-5-21-1374301015-3030359024-3010537099-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-1374301015-3030359024-3010537099-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3}\ not found.
Registry value HKEY_USERS\S-1-5-21-1374301015-3030359024-3010537099-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{FD3D3852-DCDA-468C-8995-8CED7333918A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD3D3852-DCDA-468C-8995-8CED7333918A}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1374301015-3030359024-3010537099-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AntiVirus AntiSpyware 2011 deleted successfully.
C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\AntiVirus AntiSpyware.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-1374301015-3030359024-3010537099-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AntiVirus AntiSpyware 2011 Security deleted successfully.
C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\securitymanager.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\\scanner deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0}\ not found.
File {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}\ not found.
File {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully.
C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AntiVirus AntiSpyware 2011 folder moved successfully.
C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011 folder moved successfully.
C:\IExp0.tmp folder deleted successfully.
C:\IExp1.tmp folder deleted successfully.
C:\Windows\SysWow64\upd7E.tmp deleted successfully.
C:\Windows\SysNative\upd7F.tmp deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
Folder C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\ not found.
C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AntiVirus AntiSpyware 2011.lnk moved successfully.
File C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\AntiVirus AntiSpyware.exe not found.
File C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\securityhelper.exe not found.
File C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011\securitymanager.exe not found.
C:\Users\Honza\AppData\Roaming\OpenCandy\OpenCandy_27F59B04F69943A599D532C212188830\ZrychleniPocitace.exe moved successfully.
C:\Users\Honza\AppData\Roaming\OpenCandy\OpenCandy_27F59B04F69943A599D532C212188830\ZrychleniPocitace_p2v1.exe moved successfully.
ADS C:\ProgramData\Temp:587EB586 deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Honza^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameRanger.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Honza^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\scanner not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} not found.
========== FILES ==========
File\Folder C:\Users\Honza\Downloads\scanner.exe not found.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1374301015-3030359024-3010537099-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1374301015-3030359024-3010537099-1000UA.job moved successfully.
C:\Windows\tasks\UpdateCheck.job moved successfully.
File\Folder C:\Users\Honza\AppData\Roaming\AntiVirus AntiSpyware 2011 not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP147.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6124.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB645.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCF30.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPED61.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7761.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB589.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\Windows\Installer\MSI190.tmp moved successfully.
C:\Windows\Installer\MSI24C.tmp moved successfully.
C:\Windows\Installer\MSI2DB8.tmp moved successfully.
C:\Windows\Installer\MSI431.tmp moved successfully.
C:\Windows\Installer\MSI459D.tmp moved successfully.
C:\Windows\Installer\MSI5D74.tmp moved successfully.
C:\Windows\Installer\MSI6429.tmp moved successfully.
C:\Windows\Installer\MSI8377.tmp moved successfully.
C:\Windows\Installer\MSI8A6B.tmp moved successfully.
C:\Windows\Installer\MSI98A1.tmp moved successfully.
C:\Windows\Installer\MSI996D.tmp moved successfully.
C:\Windows\Installer\MSIA1D2.tmp moved successfully.
C:\Windows\Installer\MSIA2A2.tmp moved successfully.
C:\Windows\Installer\MSIA53D.tmp moved successfully.
C:\Windows\Installer\MSIAA50.tmp moved successfully.
C:\Windows\Installer\MSIB158.tmp moved successfully.
C:\Windows\Installer\MSIBCCE.tmp moved successfully.
C:\Windows\Installer\MSIC98B.tmp moved successfully.
C:\Windows\Installer\MSICA57.tmp moved successfully.
C:\Windows\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\upd81.tmp moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator

User: ADMINI~1
->Temp folder emptied: 2071034 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Fotr
->Temp folder emptied: 35934 bytes
->Temporary Internet Files folder emptied: 34064 bytes

User: Honza
->Temp folder emptied: 45295323 bytes
->Temporary Internet Files folder emptied: 840236 bytes
->Java cache emptied: 8545409 bytes
->FireFox cache emptied: 57770563 bytes
->Google Chrome cache emptied: 299421032 bytes
->Flash cache emptied: 4047 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5932 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67844 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 395,00 mb

[EMPTYFLASH]

User: Administrator

User: ADMINI~1

User: All Users

User: Default

User: Default User

User: Fotr

User: Honza
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.22.1 log created on 02272011_164825

Files\Folders moved on Reboot...
C:\Users\Honza\AppData\Local\Temp\ehmsas.txt moved successfully.
C:\Users\Honza\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

#8 Příspěvek od **vyosek** » 27 úno 2011 18:12

Jak se chova PC

trusi · #9 Příspěvek od **trusi** » 27 úno 2011 20:07

nevím, jestli se vyřešil ten fps drop, ale Antivir jsem dostal z počítače sám, přesto nechápu, jak se mi tam dostal

#10 Příspěvek od **vyosek** » 27 úno 2011 20:45

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Doporucuji provest defragmentaci disku

Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
- Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
- prepnete se do zalozky Nastroje
- Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
- Toto provedte se vsemi disky
Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
- Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
- Kliknete na Analyzovat
- Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
- Postup provedte se vsemi disky
Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
- Vyhodou programku je, ze se neinstaluje
- Staci tedy jen stahnout dle verze vaseho OS a rozbalit
- Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
- Probehne analyza disku a nasledne i defragmentace

Spusteni nejakeho cracku, navsteva ne moc vhodneho webu (porno, warez) - tohle jsou nejcastejsi priciny zatazeni haveti do PC

napiste jak se chova PC

VIRY.CZ

Zpomaleny pc + Antivirus Avntispyware 2011

Zpomaleny pc + Antivirus Avntispyware 2011

Re: Zpomaleny pc + Antivirus Avntispyware 2011

Re: Zpomaleny pc + Antivirus Avntispyware 2011

Re: Zpomaleny pc + Antivirus Avntispyware 2011

Re: Zpomaleny pc + Antivirus Avntispyware 2011

Re: Zpomaleny pc + Antivirus Avntispyware 2011

Re: Zpomaleny pc + Antivirus Avntispyware 2011

Re: Zpomaleny pc + Antivirus Avntispyware 2011

Re: Zpomaleny pc + Antivirus Avntispyware 2011

Re: Zpomaleny pc + Antivirus Avntispyware 2011