VIRY.CZ

Zdravim, v posledni dobe se mi vyrazne zpomalil net, je to zpomalene ve vsech prohlizecich: Firefox, IE i Google Chrome, mel jsem tu technika z O2, v testu rychlosti nameril vzdy kolem 6.5 Mb/s, ja mam nejvic 4.5, ale zpravidla kolem 1.5-2.0, hodne to kolisa. Prikladam vypis z RSIT:

info.txt logfile of random's system information tool 1.08 2011-01-29 00:00:00

======Uninstall list======

@BIOS -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}\setup.exe" -l0x9 -removeonly
-->C:\Program Files (x86)\DivX\DivXConverterMeUninstall.exe /CONVERTER
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1F3306FE-913B-4E49-B241-5A6378D4F8DD}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9605AE52-2172-448F-BE56-B2086F932412}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BBE814C2-4974-4C54-BABC-A8BB023E4E3D}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BBFEFF72-227B-4130-B6F4-6BCB66596BCB}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CAAE8EC2-2340-4D6E-A74D-07814046A11B}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9
3DMark 11-->"C:\Program Files (x86)\InstallShield Installation Information\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}\setup.exe" -runfromtemp -l0x0409 -removeonly
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin
Adobe Reader 9.4.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A94000000001}
Aliens vs Predator-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/10680
AMD Drag and Drop Transcoding-->MsiExec.exe /X{825C7AAC-C5D5-B89B-EBA1-D4DFC5E46D6C}
Amnesia: The Dark Descent-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/57300
ATI Catalyst Install Manager-->msiexec /q/x{8DF9D3DF-6D03-A04F-217F-F2577D973DBE} REBOOT=ReallySuppress
ATI Catalyst Registration-->MsiExec.exe /X{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}
Battlefield: Bad Company™ 2-->MsiExec.exe /X{3AC8457C-0385-4BEA-A959-E095F05D6D67}
BioShock 2-->MsiExec.exe /I{5454085C-840F-4070-8FAA-441000038301}
Call of Duty(R) - World at War(TM) 1.1 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.2 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{2BF0AE92-C3BC-4112-9066-1546342B1FAE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.4 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{9F01A67B-7D67-482F-9D4F-D5980A440FD4}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.5 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{750C87B8-AF19-4C3C-B791-50D9C83AE572}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x0405
Call of Duty(R) 2-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374} /l2057
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Call of Duty: Black Ops - Multiplayer-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/42710
Call of Duty: Black Ops-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/42700
Call of Duty: Modern Warfare 2 - Multiplayer-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/10190
Call of Duty: Modern Warfare 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/10180
Call of Juarez - Bound in Blood-->C:\Program Files (x86)\InstallShield Installation Information\{FEFAF112-4DA8-479C-89E2-7DE25091711A}\setup.exe -runfromtemp -l0x0409
Call Of Pripyat Benchmark 1.0-->"C:\Program Files (x86)\Call Of Pripyat Benchmark\unins000.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{DDA34038-89BD-4804-B0B8-DC48D5DFB463}
CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"
Creative ALchemy-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x9 /remove
Creative Audio Control Panel-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove
Creative AutoMode Switcher-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9605AE52-2172-448F-BE56-B2086F932412}\setup.exe" -l0x9 /remove
Creative Console Launcher-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9 /remove
Creative Sound Blaster Properties x64 Edition-->"C:\Program Files (x86)\Creative Installation Information\SBCONTROL64\Setup.exe" /remove /l0x0009
DDL and DTS Connect License Activation-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BBE814C2-4974-4C54-BABC-A8BB023E4E3D}\setup.exe" -l0x9 /remove
Dead Space™-->MsiExec.exe /X{4D87DC92-C328-46EC-A7B4-9C88129DC696}
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
Diagnostic Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{7236672F-6430-439E-9B27-27EDEAF1D676}\setup.exe" -runfromtemp -l0x0005 -removeonly
DiRT 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/12840
DivX Codec-->C:\Program Files (x86)\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter Mobile-->C:\Program Files (x86)\DivX\DivXConverterMeUninstall.exe /CONVERTERME
DivX Player-->C:\Program Files (x86)\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files (x86)\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files (x86)\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Dolby Digital Live Pack-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BBFEFF72-227B-4130-B6F4-6BCB66596BCB}\setup.exe" -l0x9 /remove
DOOM 3: Resurrection of Evil-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/9070
DOOM 3-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/9050
DTS Connect Pack-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1F3306FE-913B-4E49-B241-5A6378D4F8DD}\setup.exe" -l0x9 /remove
EA Download Manager-->C:\Program Files (x86)\Electronic Arts\EADM\EADMUI\EADMUninstall.exe
Fallout 3-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x9 -removeonly
Futuremark SystemInfo-->"C:\Program Files (x86)\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0409 -removeonly
GamePark-->"C:\Program Files (x86)\GamePark\unins000.exe"
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\8.0.552.237\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
ID3-TagIT 3-->"C:\Program Files (x86)\ID3-TagIT 3\unins000.exe"
LG Bluetooth Drivers-->MsiExec.exe /X{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}
LG MC USB U330 driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}\setup.exe" -l0x5 -removeonly
LG USB Modem driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\Setup.exe" -l0x9 LG
LG USB Modem Drivers-->MsiExec.exe /X{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}
Logitech Gaming Software 5.08-->MsiExec.exe /X{96F1BA99-300F-4DD5-A26B-788EF63B53B1}
Mafia-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "E:\MAFIA\Uninstall\setup.exe" -l0x5
Mass Effect-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/17460
McAfee AntiVirus Plus-->C:\Program Files\McAfee\MSC\mcuihost.exe /body:misp://MSCJsRes.dll::uninstall.html /id:uninstall
Medal of Honor (TM)-->MsiExec.exe /X{415030B8-3E8B-462A-8C03-41D95AA3AB3B}
Metro 2033-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/43110
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Flight Simulator X: Acceleration-->C:\Windows\SysWOW64\msiexec.exe /qb /l*vx "%TEMP%\FlightSimUninstall.log" /uninstall {A9729B90-D37B-4A69-B66A-7436AC1F7274}
Microsoft Flight Simulator X: Acceleration-->MsiExec.exe /I{A9729B90-D37B-4A69-B66A-7436AC1F7274}
Microsoft Flight Simulator X-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{9527A496-5DF9-412A-ADC7-168BA5379CA6}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{1FDA5A37-B22D-43FF-B582-B8964050DC13}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{86A4C6D9-29EE-4719-AFA1-BA3341862B83}
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053-->MsiExec.exe /X{B6E3757B-5E77-3915-866A-CCFC4B8D194C}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Mozilla Firefox (3.6.13)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
n52te Editor-->C:\Program Files (x86)\InstallShield Installation Information\{0AC8162B-5175-41D7-B963-8307A40BD456}\n52te_win_driver_v2.1.2.exe -runfromtemp -l0x0009 -removeonly
Need for Speed™ SHIFT-->MsiExec.exe /X{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
Odinstalovat LG PC Suite III-->"C:\Program Files (x86)\LG Electronics\LG PC Suite III\unins000.exe"
OpenAL-->"C:\Program Files (x86)\OpenAL\OALInst.exe" /U
PunkBuster Services-->C:\Windows\system32\pbsvc_bc2.exe -u
Rapture3D 2.3.26 Game-->"C:\Program Files (x86)\BRS\unins000.exe"
Razer Copperhead-->C:\Program Files (x86)\InstallShield Installation Information\{28A946E1-E83B-4662-BC7C-23451851489E}\setup.exe -runfromtemp -l0x0009 -removeonly
Razer Mamba-->MsiExec.exe /X{7BE49DA7-EDA4-4C63-AA06-DCDF6858C3F3}
RealPlayer-->c:\program files (x86)\real\realplayer\Update\r1puninst.exe RealNetworks|RealPlayer|12.0
RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
S.T.A.L.K.E.R. - Call of Pripyat [v1.6.01]-->"C:\Program Files (x86)\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\unins000.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Sniper: Ghost Warrior-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/34830
SoundFont Bank Manager-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
The Chronicles of Riddick - Assault on Dark Athena-->C:\Program Files (x86)\InstallShield Installation Information\{AF012B6B-87C9-4E9E-8DCA-AB4E99E3CA60}\setup.exe -runfromtemp -l0x0005 -removeonly
The Lord of the Rings FREE Trial -->MsiExec.exe /X{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}
thriXXX 3DSexVilla2-105.001-->"E:\Program Files (x86)\thriXXX\3D SexVilla 2 - Everlust\Binaries\Uninstall-3DSexVilla2-Everlust-105.001.exe"
THX Setup Console-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CAAE8EC2-2340-4D6E-A74D-07814046A11B}\setup.exe" -l0x9 /remove
Tom Clancy's H.A.W.X. 2-->"C:\Program Files (x86)\InstallShield Installation Information\{76A232AF-B7D6-41A4-B795-6B355E6D32B1}\setup.exe" -runfromtemp -l0x0009 -removeonly
Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
VC80MFCRedist - 8.0.50727.4053-->MsiExec.exe /I{8F2F35B0-4019-4291-BBF5-121F51637FC7}
Volume Panel-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9 /remove
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{9B48B0AC-C813-4174-9042-476A887592C7}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Wings of Prey-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/45300
WMV9/VC-1 Video Playback-->MsiExec.exe /X{AE0D971F-5430-8874-B09E-3F1C76E2F8FF}
yuPlay client 0.7.17-->"C:\program files (x86)\steam\steamapps\common\wings of prey\yuPlay\unins000.exe"

======System event log======

Computer Name: Kokes-PC
Event Code: 1014
Message: Name resolution for the name forums.steampowered.com timed out after none of the configured DNS servers responded.
Record Number: 188014
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20101128201539.840734-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: Kokes-PC
Event Code: 1014
Message: Name resolution for the name auto.idnes.cz timed out after none of the configured DNS servers responded.
Record Number: 187934
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20101128181230.499914-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: Kokes-PC
Event Code: 7000
Message: The McAfee Inc. mferkdk service failed to start due to the following error:
The specified procedure could not be found.
Record Number: 187796
Source Name: Service Control Manager
Time Written: 20101128172112.567382-000
Event Type: Error
User:

Computer Name: Kokes-PC
Event Code: 1014
Message: Name resolution for the name wpad.siemens timed out after none of the configured DNS servers responded.
Record Number: 187290
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20101124181437.797851-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: Kokes-PC
Event Code: 1014
Message: Name resolution for the name wpad.siemens timed out after none of the configured DNS servers responded.
Record Number: 185915
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20101122205802.208007-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

=====Application event log=====

Computer Name: Kokes-PC
Event Code: 1002
Message: The program Bioshock.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 288
Start Time: 01ca83516b28799d
Termination Time: 5278
Application Path: C:\Program Files (x86)\2K Games\BioShock\Builds\Release\Bioshock.exe
Report Id:

Record Number: 480
Source Name: Application Hang
Time Written: 20091222221227.000000-000
Event Type: Error
User:

Computer Name: Kokes-PC
Event Code: 16388
Message: ATI EEU Client event error
Record Number: 220
Source Name: ATIeRecord
Time Written: 20091222203203.000000-000
Event Type: Error
User:

Computer Name: Kokes-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-3712394416-604992445-1295939590-1001:
Process 440 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-3712394416-604992445-1295939590-1001

Record Number: 193
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20091222202557.926625-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Kokes-PC
Event Code: 11
Message: Possible Memory Leak. Application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 1004) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (20). User Action: Contact your application vendor for an updated version of the application.
Record Number: 114
Source Name: Microsoft-Windows-RPC-Events
Time Written: 20091222202019.561875-000
Event Type: Warning
User: NT AUTHORITY\LOCAL SERVICE

Computer Name: Kokes-PC
Event Code: 1008
Message: The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}.

Record Number: 110
Source Name: Microsoft-Windows-Search
Time Written: 20091222202008.000000-000
Event Type: Warning
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091222201335.921875-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247E29-32$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x1bc
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091222201335.921875-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: The Per-user audit policy table was created.

Number of Elements: 0
Policy ID: 0x30b18
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091222201335.453125-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Logon Type: 0

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x4
Process Name:

Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: -
Authentication Package: -
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091222201334.000000-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Windows is starting up.

This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091222201333.890625-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;c:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Common Files\DivX Shared\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 4 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0403

-----------------EOF-----------------

Logfile of random's system information tool 1.08 (written by random/random)
Run by Kokes at 2011-01-28 23:59:46
Microsoft Windows 7 Home Premium
System drive C: has 38 GB (23%) free of 165 GB
Total RAM: 4094 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:59:58, on 28.1.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Creative\AutoMode Switcher\CTSMode.exe
C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Razer\Copperhead\razerhid.exe
C:\Program Files (x86)\n52te\n52teHid.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\Razer\Copperhead\razerofa.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Real\realplayer\Update\realsched.exe
C:\Program Files (x86)\Razer\Mamba\RazerTray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Kokes.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101230094955.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [Copperhead] C:\Program Files (x86)\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [Jomantha] C:\Program Files (x86)\n52te\n52teHid.exe
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Razer Mamba Driver] C:\Program Files (x86)\Razer\Mamba\RazerTray.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CTSMode] C:\Program Files (x86)\Creative\AutoMode Switcher\CTSMode.exe /trayicon /nt
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Dolby Digital Live Pack Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\DDLLicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10487 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"
"C:\Windows\system32\mfevtps.exe"
"rundll32.exe" "C:\Program Files (x86)\McAfee\SiteAdvisor\saHook.dll" saHooker_Initialize_and_Wait
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 1932
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files (x86)\Steam\steam.exe" -silent
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Creative\AutoMode Switcher\CTSMode.exe" /trayicon /nt
"C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r
"C:\Program Files (x86)\Razer\Copperhead\razerhid.exe"
"C:\Program Files (x86)\n52te\n52teHid.exe"
"C:\Windows\System32\Ctxfihlp.exe"
"C:\Program Files (x86)\Razer\Copperhead\razerofa.exe"
"C:\Windows\SysWOW64\CTXFISPI.EXE" -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Real\realplayer\Update\realsched.exe" -osboot
"C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
"C:\Program Files (x86)\Razer\Mamba\RazerTray.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4512.7e8a4e0.802514987 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 4512 plugin \\.\pipe\gecko-crash-server-pipe.4512
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"C:\Users\Kokes\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101230094955.dll [2010-10-13 78968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2009-01-29 194576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-12-05 382720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101230094955.dll [2010-10-13 73288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2009-01-29 194576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 190472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2010-11-17 1242448]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"CTSMode"=C:\Program Files (x86)\Creative\AutoMode Switcher\CTSMode.exe [2008-10-29 430080]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"=C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe [2009-02-03 237693]
"Copperhead"=C:\Program Files (x86)\Razer\Copperhead\razerhid.exe [2009-11-19 135168]
"Jomantha"=C:\Program Files (x86)\n52te\n52teHid.exe [2008-06-13 159744]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]
"CTxfiHlp"=CTXFIHLP.EXE []
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-30 98304]
"TkBellExe"=C:\Program Files (x86)\Real\realplayer\update\realsched.exe [2010-12-05 274608]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2010-11-22 1484856]
"Razer Mamba Driver"=C:\Program Files (x86)\Razer\Mamba\RazerTray.exe [2009-12-15 3278728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-01-28 23:59:46 ----D---- C:\rsit
2011-01-28 23:59:46 ----D---- C:\Program Files\trend micro
2011-01-28 23:15:42 ----D---- C:\Program Files (x86)\CCleaner
2011-01-28 19:38:30 ----D---- C:\Program Files\Defraggler
2011-01-28 19:36:44 ----D---- C:\Program Files (x86)\Google
2011-01-28 18:23:25 ----A---- C:\Windows\system32\drivers\RtVlan60.sys
2011-01-28 18:23:25 ----A---- C:\Windows\system32\drivers\RtTeam60.sys
2011-01-28 18:23:25 ----A---- C:\Windows\system32\drivers\RtNdPt60.sys
2011-01-28 18:23:24 ----D---- C:\Program Files (x86)\Realtek
2011-01-12 19:18:27 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2011-01-12 19:18:27 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-01-12 19:18:27 ----A---- C:\Windows\system32\WMVDECOD.DLL
2011-01-12 19:18:27 ----A---- C:\Windows\system32\DWrite.dll
2011-01-12 19:18:27 ----A---- C:\Windows\system32\d3d10warp.dll
2011-01-12 19:18:27 ----A---- C:\Windows\system32\d2d1.dll
2011-01-12 19:18:26 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-01-12 19:18:26 ----A---- C:\Windows\system32\XpsPrint.dll
2011-01-12 19:18:26 ----A---- C:\Windows\system32\mf.dll
2011-01-12 19:18:26 ----A---- C:\Windows\system32\FntCache.dll
2011-01-12 19:18:25 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-01-12 19:18:25 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-01-12 19:18:25 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2011-01-12 19:18:25 ----A---- C:\Windows\SYSWOW64\mf.dll
2011-01-12 19:18:25 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-01-12 19:18:25 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-01-12 19:18:25 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-01-12 19:18:25 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-01-12 19:18:24 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2011-01-12 19:18:24 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2011-01-12 19:18:24 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2011-01-12 19:18:24 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2011-01-12 19:18:24 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-01-12 19:18:24 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-01-12 19:18:24 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-01-12 19:18:24 ----A---- C:\Windows\system32\mfps.dll
2011-01-12 19:18:24 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-01-12 19:18:24 ----A---- C:\Windows\system32\d3d10_1.dll
2011-01-12 19:18:24 ----A---- C:\Windows\system32\cdd.dll
2011-01-12 19:17:16 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2011-01-12 19:17:16 ----A---- C:\Windows\system32\odbc32.dll
2011-01-02 18:22:07 ----D---- C:\ProgramData\WOP
2010-12-30 09:50:03 ----D---- C:\Program Files\McAfee.com
2010-12-30 09:49:54 ----A---- C:\Windows\system32\drivers\mfeclnk.sys
2010-12-30 09:49:21 ----A---- C:\Windows\system32\mfevtps.exe
2010-12-30 09:49:19 ----A---- C:\Windows\system32\drivers\mfewfpk.sys
2010-12-30 09:49:19 ----A---- C:\Windows\system32\drivers\mferkdet.sys
2010-12-30 09:49:19 ----A---- C:\Windows\system32\drivers\mfenlfk.sys
2010-12-30 09:49:19 ----A---- C:\Windows\system32\drivers\mfehidk.sys
2010-12-30 09:49:19 ----A---- C:\Windows\system32\drivers\mfefirek.sys
2010-12-30 09:49:19 ----A---- C:\Windows\system32\drivers\mfeavfk.sys
2010-12-30 09:49:19 ----A---- C:\Windows\system32\drivers\mfeapfk.sys
2010-12-30 09:49:19 ----A---- C:\Windows\system32\drivers\cfwids.sys
2010-12-29 21:27:28 ----D---- C:\Program Files (x86)\Ubisoft

======List of files/folders modified in the last 1 months======

2011-01-28 23:59:47 ----D---- C:\Windows\Temp
2011-01-28 23:59:46 ----RD---- C:\Program Files
2011-01-28 23:52:43 ----D---- C:\Program Files (x86)\Steam
2011-01-28 23:50:47 ----D---- C:\Windows\system32\config
2011-01-28 23:24:28 ----D---- C:\Windows
2011-01-28 23:19:22 ----D---- C:\Windows\Minidump
2011-01-28 23:19:22 ----D---- C:\Windows\debug
2011-01-28 23:15:42 ----RD---- C:\Program Files (x86)
2011-01-28 20:56:02 ----SHD---- C:\System Volume Information
2011-01-28 19:36:54 ----SHD---- C:\Windows\Installer
2011-01-28 19:36:51 ----D---- C:\Windows\Tasks
2011-01-28 19:36:51 ----D---- C:\Windows\system32\Tasks
2011-01-28 18:24:03 ----D---- C:\Windows\inf
2011-01-28 18:23:52 ----D---- C:\Windows\system32\drivers
2011-01-28 18:23:51 ----D---- C:\Windows\system32\DriverStore
2011-01-28 18:23:51 ----D---- C:\Windows\system32\catroot
2011-01-28 18:23:23 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-01-27 23:30:01 ----D---- C:\Windows\Prefetch
2011-01-27 19:34:09 ----D---- C:\Windows\system32\NDF
2011-01-24 20:48:53 ----D---- C:\Windows\winsxs
2011-01-24 20:48:45 ----D---- C:\Windows\SysWOW64
2011-01-24 20:48:44 ----D---- C:\Program Files (x86)\Razer
2011-01-19 20:36:19 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-01-16 16:37:23 ----D---- C:\Windows\system32\catroot2
2011-01-13 18:19:02 ----D---- C:\Windows\System32
2011-01-12 22:23:14 ----A---- C:\Windows\system32\MRT.exe
2011-01-05 22:23:31 ----D---- C:\Program Files (x86)\Electronic Arts
2011-01-03 19:44:30 ----RSD---- C:\Windows\assembly
2011-01-03 18:24:32 ----D---- C:\Program Files (x86)\McAfee.com
2011-01-02 18:22:07 ----HD---- C:\ProgramData
2010-12-30 09:53:03 ----D---- C:\Program Files (x86)\McAfee
2010-12-30 09:50:40 ----D---- C:\Program Files\McAfee
2010-12-30 09:49:19 ----D---- C:\Program Files\Common Files\McAfee
2010-12-29 21:30:31 ----D---- C:\Users\Kokes\AppData\Roaming\GetRightToGo

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2010-10-13 529128]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 mfenlfk;McAfee NDIS Light Filter; C:\Windows\system32\DRIVERS\mfenlfk.sys [2010-10-13 75032]
R1 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2010-10-13 283360]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-01-05 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-01-05 43680]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-10-22 7883264]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-10-22 285696]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-10-22 116240]
R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2010-10-13 62800]
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [2009-04-09 202776]
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2009-04-09 580632]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2009-04-09 684312]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS [2009-04-09 1417240]
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS [2009-04-09 94744]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2009-04-09 15896]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2009-04-09 213016]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2009-04-09 118296]
R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2009-04-09 1561112]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2010-10-13 121248]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2010-10-13 190136]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2010-10-13 441328]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2009-04-09 179224]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2009-09-11 26248]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2009-09-11 15880]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2009-09-11 76552]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-03-09 123408]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-10-22 7883264]
S3 copperhd;Razer Copperhead Driver; C:\Windows\system32\drivers\copperhd.sys [2009-11-10 14336]
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS [2009-04-09 202776]
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS [2009-04-09 1417240]
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS [2009-04-09 94744]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-12-09 20544]
S3 JmtFltr;n52te; C:\Windows\system32\drivers\JmtFltr.sys [2007-09-29 46464]
S3 mfeavfk01;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk01.sys []
S3 mferkdet;McAfee Inc. mferkdet; C:\Windows\system32\drivers\mferkdet.sys [2010-10-13 94864]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2009-12-21 51712]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 24064]
S3 SaiHFFB5;SaiHFFB5; C:\Windows\system32\DRIVERS\SaiHFFB5.sys [2008-04-04 178560]
S3 SaiIFFB5;Immersion's HID USB Driver (FFB5); C:\Windows\system32\DRIVERS\SaiIFFB5.sys [2008-04-04 20864]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2009-12-21 51712]
S3 uisp;Freescale USB JW32 driver; C:\Windows\System32\Drivers\usbicp.sys [2005-10-21 19200]
S3 usbbus;LGE CDMA Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [2008-11-11 17920]
S3 UsbDiag;LGE CDMA USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [2008-11-11 27136]
S3 USBModem;LGE CDMA USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [2008-11-11 33792]
S3 vhidmini;Virtual Hid Device; C:\Windows\system32\DRIVERS\vhidmini.sys [2007-09-29 13952]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2009-09-11 41096]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2009-09-11 36872]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-10-22 203264]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2009-01-23 203280]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 mcmscsvc;McAfee Services; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 McShield;McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2010-10-13 200056]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-13 245352]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2010-10-13 149032]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-12-15 75136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-01-11 407336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-28 136176]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-12-22 79360]
S3 Creative Dolby Digital Live Pack Licensing Service;Creative Dolby Digital Live Pack Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\DDLLicensing.exe [2009-12-22 79360]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-12-14 128928]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2010-10-07 509416]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-10 1255736]

-----------------EOF-----------------

Za pripadnou pomoc a rady predem dekuji.
Vasek

Dobrý večer

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.



Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Prikladam vysledek scanu:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5632

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

29.1.2011 1:41:38
mbam-log-2011-01-29 (01-41-38).txt

Typ kontroly: Úplný test (C:\|E:\|)
Testované objekty: 353470
Uplynulý čas: 52 minut, 17 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

Zde vypis z Combofixu:

ComboFix 11-01-28.02 - Kokes 29.01.2011 11:23:14.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1033.18.4094.2918 [GMT 1:00]
Spuštěný z: c:\users\Kokes\Downloads\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-12-28 do 2011-01-29 )))))))))))))))))))))))))))))))
.

2011-01-29 10:26 . 2011-01-29 10:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-28 23:40 . 2011-01-28 23:40 -------- d-----w- c:\users\Kokes\AppData\Roaming\Malwarebytes
2011-01-28 23:40 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-01-28 23:40 . 2011-01-28 23:40 -------- d-----w- c:\programdata\Malwarebytes
2011-01-28 23:40 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-28 23:40 . 2011-01-28 23:40 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-01-28 22:59 . 2011-01-28 23:00 -------- d-----w- C:\rsit
2011-01-28 22:59 . 2011-01-28 22:59 -------- d-----w- c:\program files\trend micro
2011-01-28 22:15 . 2011-01-28 22:15 -------- d-----w- c:\program files (x86)\CCleaner
2011-01-28 18:38 . 2011-01-28 18:38 -------- d-----w- c:\program files\Defraggler
2011-01-28 18:36 . 2011-01-28 18:39 -------- d-----w- c:\users\Kokes\AppData\Local\Google
2011-01-28 18:36 . 2011-01-28 18:38 -------- d-----w- c:\program files (x86)\Google
2011-01-28 17:23 . 2009-12-21 15:39 51712 ----a-w- c:\windows\system32\drivers\RtTeam60.sys
2011-01-28 17:23 . 2009-07-20 02:27 27136 ----a-w- c:\windows\system32\drivers\RtNdPt60.sys
2011-01-28 17:23 . 2007-12-03 02:20 24064 ----a-w- c:\windows\system32\drivers\RtVlan60.sys
2011-01-28 17:23 . 2011-01-28 17:23 -------- d-----w- c:\program files (x86)\Realtek
2011-01-27 22:23 . 2011-01-27 22:23 -------- d-----w- c:\users\Kokes\AppData\Local\{6448F0A6-6813-11D6-A77B-00B0D0150150}
2011-01-12 18:17 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 18:17 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-12 18:17 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-12 18:17 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-12 18:17 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-12 18:17 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll
2011-01-12 18:17 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2011-01-12 18:17 . 2010-10-16 04:33 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll
2011-01-12 18:17 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2011-01-12 18:17 . 2010-10-16 04:33 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
2011-01-02 17:23 . 2011-01-02 19:21 -------- d-----w- c:\users\Kokes\AppData\Local\Wings of Prey
2011-01-02 17:22 . 2011-01-02 17:22 -------- d-----w- c:\users\Kokes\AppData\Local\WOP
2011-01-02 17:22 . 2011-01-02 17:22 -------- d-----w- c:\programdata\WOP

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-19 19:36 . 2010-03-09 18:01 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-01-19 19:36 . 2010-01-08 17:34 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-01-17 19:51 . 2010-01-08 17:34 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2010-12-15 21:53 . 2010-01-08 17:34 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2010-12-15 20:54 . 2010-03-09 17:42 2434856 ----a-w- c:\windows\SysWow64\pbsvc_bc2.exe
2010-12-09 22:48 . 2010-12-09 20:55 20544 ----a-w- c:\windows\gdrv.sys
2010-12-05 16:21 . 2009-08-18 11:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2010-12-05 16:21 . 2009-08-18 10:24 17816 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2010-12-05 13:40 . 2010-01-03 19:00 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2010-12-05 13:40 . 2010-01-03 19:00 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2010-11-04 06:35 . 2010-12-16 17:38 1194496 ----a-w- c:\windows\system32\wininet.dll
2010-11-04 06:31 . 2010-12-16 17:38 57856 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-04 05:52 . 2010-12-16 17:38 978944 ----a-w- c:\windows\SysWow64\wininet.dll
2010-11-04 05:48 . 2010-12-16 17:38 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2010-11-04 05:16 . 2010-12-16 17:38 482816 ----a-w- c:\windows\system32\html.iec
2010-11-04 04:41 . 2010-12-16 17:38 386048 ----a-w- c:\windows\SysWow64\html.iec
2010-11-04 04:35 . 2010-12-16 17:38 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-11-04 04:08 . 2010-12-16 17:38 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2010-11-02 05:18 . 2010-12-16 17:38 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-02 05:17 . 2010-12-16 17:38 473600 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-02 05:17 . 2010-12-16 17:38 1169408 ----a-w- c:\windows\system32\taskschd.dll
2010-11-02 05:16 . 2010-12-16 17:38 1114624 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 05:10 . 2010-12-16 17:38 464384 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 05:10 . 2010-12-16 17:38 285696 ----a-w- c:\windows\system32\schtasks.exe
2010-11-02 04:40 . 2010-12-16 17:38 496128 ----a-w- c:\windows\SysWow64\taskschd.dll
2010-11-02 04:40 . 2010-12-16 17:38 305152 ----a-w- c:\windows\SysWow64\taskcomp.dll
2010-11-02 04:34 . 2010-12-16 17:38 192000 ----a-w- c:\windows\SysWow64\taskeng.exe
2010-11-02 04:34 . 2010-12-16 17:38 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2010-11-17 1242448]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"CTSMode"="c:\program files (x86)\Creative\AutoMode Switcher\CTSMode.exe" [2008-10-29 430080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"="c:\program files (x86)\Creative\Volume Panel\VolPanlu.exe" [2009-02-03 237693]
"Copperhead"="c:\program files (x86)\Razer\Copperhead\razerhid.exe" [2009-11-19 135168]
"Jomantha"="c:\program files (x86)\n52te\n52teHid.exe" [2008-06-13 159744]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304]
"TkBellExe"="c:\program files (x86)\Real\realplayer\update\realsched.exe" [2010-12-05 274608]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-11-22 1484856]
"Razer Mamba Driver"="c:\program files (x86)\Razer\Mamba\RazerTray.exe" [2009-12-15 3278728]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-28 136176]
R3 copperhd;Razer Copperhead Driver;c:\windows\system32\drivers\copperhd.sys [2009-11-10 14336]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-12-22 79360]
R3 Creative Dolby Digital Live Pack Licensing Service;Creative Dolby Digital Live Pack Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\DDLLicensing.exe [2009-12-22 79360]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2009-04-09 202776]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2009-04-09 1417240]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2009-04-09 94744]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-12-14 128928]
R3 JmtFltr;n52te;c:\windows\system32\drivers\JmtFltr.sys [2007-09-29 46464]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-10-13 94864]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2009-12-21 51712]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 24064]
R3 SaiHFFB5;SaiHFFB5;c:\windows\system32\DRIVERS\SaiHFFB5.sys [2008-04-04 178560]
R3 SaiIFFB5;Immersion's HID USB Driver (FFB5);c:\windows\system32\DRIVERS\SaiIFFB5.sys [2008-04-04 20864]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2009-12-21 51712]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-10 1255736]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2010-10-13 75032]
S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-10-13 283360]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-22 203264]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe [2009-01-23 203280]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-13 245352]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-10-13 149032]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-10-22 7883264]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-10-22 285696]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-10-22 116240]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-10-13 62800]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2009-04-09 202776]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2009-04-09 1417240]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2009-04-09 94744]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-10-13 441328]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]


--- Ostatní služby/ovladače v paměti ---

*Deregistered* - mfeavfk01
.
Obsah adresáře 'Naplánované úlohy'

2011-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-28 18:36]

2011-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-28 18:36]
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-09-16 190472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
FF - ProfilePath - c:\users\Kokes\AppData\Roaming\Mozilla\Firefox\Profiles\ucc1xo9z.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files (x86)\McAfee\SiteAdvisor
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Wow6432Node-HKLM-Run-CTxfiHlp - CTXFIHLP.EXE
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe


.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3712394416-604992445-1295939590-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:be,0a,df,77,11,e6,2d,b3,4c,d0,d7,d4,16,25,f0,1d,ce,42,94,bb,63,41,3a,
99,db,15,57,a0,09,47,f3,02,6e,03,d9,b9,09,30,57,cc,3c,94,c7,6c,37,97,3e,fe,\
"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49

[HKEY_USERS\S-1-5-21-3712394416-604992445-1295939590-1001\Software\SecuROM\License information*]
"datasecu"=hex:cb,3d,1d,21,17,e0,ed,ce,83,d3,5e,3b,bf,95,fe,61,28,f2,88,43,90,
49,44,ef,bf,5a,a0,54,00,2d,24,43,2b,08,72,b2,25,4a,c5,a2,ce,75,8d,62,e4,43,\
"rkeysecu"=hex:ec,c2,b3,b3,ab,8d,73,4d,8d,18,85,3e,81,1e,08,3b

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-01-29 11:27:49
ComboFix-quarantined-files.txt 2011-01-29 10:27

Před spuštěním: 39 002 411 008 bytes free
Po spuštění: 38 878 646 272 bytes free

- - End Of File - - AA80112E6E619287B8AA7CF3D7471AAF

Jak to vypadá s počítačem?
Otestujte na www.virustotal.com
C:\Program Files (x86)\n52te\n52teHid.exe

PC porad stejne, na ten file mi to napsalo tohle:
MD5: 6343f18b2d273321a684e0aff992ce2f
Date first seen: 2009-09-18 17:47:46 (UTC)
Date last seen: 2009-09-18 17:47:46 (UTC)
Detection ratio: 0/41
je to ovladac k herni klavesnici, takze by mel byt OK.

Jenom pro predstavu davam vysledky z rychlos.cz:
Datum a čas Poskytovatel a typ připojení
hostname / IP Down
kbit/s Up
kbit/s Odezva
min(ms) Stabilita
%
29.01 12:17 -.203.broadband11.iol.cz 0,0 423 23,7 29,8
29.01 11:32 -.203.broadband11.iol.cz 2121 428 23,5 25,2
29.01 00:15 -.203.broadband11.iol.cz 1044 297 25,3 22,3
29.01 00:13 -.203.broadband11.iol.cz 261 299 23,9 11,4
28.01 18:58 -.203.broadband11.iol.cz 1536 422 24,1 41,1
28.01 18:56 -.203.broadband11.iol.cz 2718 433 25,5 94,4
28.01 18:54 -.203.broadband11.iol.cz 1004 353 24,1 18,8
28.01 18:53 -.203.broadband11.iol.cz 655 349 24,2 10,6
28.01 18:45 -.203.broadband11.iol.cz 3268 434 25,1 57,2
28.01 18:43 -.203.broadband11.iol.cz 6595 235 27,5 91,5

tech 6595 je z notebooku technika z O2.

Tak speedtest.net mi ted ukazuje krasny cisla kolem 6.5, rychlost.cz kolem 3.5. ADSL.cz taky tech cca 3.5, a to aniz bych neco udelal. Uz tomu nejak prestavam rozumet.
Vzhledem k tomu, ze mi Vase rady vyrazne pomohly, tak s diky posilam maly prispevek, samozrejme jsem zapomnel dat svuj nick do poznamek

Za příspěvek děkujeme .

Zkuste vypnout windows defender
Spusťte program Windows Defender
- klepnutím na tlačítko Start - Všechny programy a potom klepnutím na položku Windows Defender.
- Klepněte na nabídku Nástroje a pak na příkaz Možnosti.
- Ve skupinovém rámečku Možnosti ochrany v reálném čase vyškrtněte políčko Použít ochranu v reálném čase .





Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?


a jinak u mě je to naopak, speedtest.net mi ukázal méně než ostatní dva

Tak davam novy vypis z RSIT, pocitac se cgova prinejmensim podivne, rano mi ukazoval speedtest.net i ostatni DL neco pod 1 Mb/sec, ted ukazal speedtest 5.8, po projeti OTC a rebootu uz zase hrozne malo. Nevim jestli s tim nemuze mit neco spolecnyho, ze mi porad jede disk, kdyz kouknu na resouce monitor v task manageru, pritom mam PC v klidu. Network taky ukazuje nejaky procesy a vytizeni.

info.txt logfile of random's system information tool 1.08 2011-01-30 16:07:19

======Uninstall list======

@BIOS -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}\setup.exe" -l0x9 -removeonly
-->C:\Program Files (x86)\DivX\DivXConverterMeUninstall.exe /CONVERTER
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1F3306FE-913B-4E49-B241-5A6378D4F8DD}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9605AE52-2172-448F-BE56-B2086F932412}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BBE814C2-4974-4C54-BABC-A8BB023E4E3D}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BBFEFF72-227B-4130-B6F4-6BCB66596BCB}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CAAE8EC2-2340-4D6E-A74D-07814046A11B}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9
3DMark 11-->"C:\Program Files (x86)\InstallShield Installation Information\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}\setup.exe" -runfromtemp -l0x0409 -removeonly
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin
Adobe Reader 9.4.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A94000000001}
Aliens vs Predator-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/10680
AMD Drag and Drop Transcoding-->MsiExec.exe /X{825C7AAC-C5D5-B89B-EBA1-D4DFC5E46D6C}
Amnesia: The Dark Descent-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/57300
ATI Catalyst Install Manager-->msiexec /q/x{8DF9D3DF-6D03-A04F-217F-F2577D973DBE} REBOOT=ReallySuppress
ATI Catalyst Registration-->MsiExec.exe /X{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}
Battlefield: Bad Company™ 2-->MsiExec.exe /X{3AC8457C-0385-4BEA-A959-E095F05D6D67}
BioShock 2-->MsiExec.exe /I{5454085C-840F-4070-8FAA-441000038301}
Call of Duty(R) - World at War(TM) 1.1 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.2 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{2BF0AE92-C3BC-4112-9066-1546342B1FAE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.4 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{9F01A67B-7D67-482F-9D4F-D5980A440FD4}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.5 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{750C87B8-AF19-4C3C-B791-50D9C83AE572}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x0405
Call of Duty(R) 2-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374} /l2057
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Call of Duty: Black Ops - Multiplayer-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/42710
Call of Duty: Black Ops-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/42700
Call of Duty: Modern Warfare 2 - Multiplayer-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/10190
Call of Duty: Modern Warfare 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/10180
Call of Juarez - Bound in Blood-->C:\Program Files (x86)\InstallShield Installation Information\{FEFAF112-4DA8-479C-89E2-7DE25091711A}\setup.exe -runfromtemp -l0x0409
Call Of Pripyat Benchmark 1.0-->"C:\Program Files (x86)\Call Of Pripyat Benchmark\unins000.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{DDA34038-89BD-4804-B0B8-DC48D5DFB463}
CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"
Creative ALchemy-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x9 /remove
Creative Audio Control Panel-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove
Creative AutoMode Switcher-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9605AE52-2172-448F-BE56-B2086F932412}\setup.exe" -l0x9 /remove
Creative Console Launcher-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9 /remove
Creative Sound Blaster Properties x64 Edition-->"C:\Program Files (x86)\Creative Installation Information\SBCONTROL64\Setup.exe" /remove /l0x0009
DDL and DTS Connect License Activation-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BBE814C2-4974-4C54-BABC-A8BB023E4E3D}\setup.exe" -l0x9 /remove
Dead Space™-->MsiExec.exe /X{4D87DC92-C328-46EC-A7B4-9C88129DC696}
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
Diagnostic Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{7236672F-6430-439E-9B27-27EDEAF1D676}\setup.exe" -runfromtemp -l0x0005 -removeonly
DiRT 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/12840
DivX Codec-->C:\Program Files (x86)\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter Mobile-->C:\Program Files (x86)\DivX\DivXConverterMeUninstall.exe /CONVERTERME
DivX Player-->C:\Program Files (x86)\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files (x86)\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files (x86)\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Dolby Digital Live Pack-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BBFEFF72-227B-4130-B6F4-6BCB66596BCB}\setup.exe" -l0x9 /remove
DOOM 3: Resurrection of Evil-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/9070
DOOM 3-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/9050
DTS Connect Pack-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1F3306FE-913B-4E49-B241-5A6378D4F8DD}\setup.exe" -l0x9 /remove
EA Download Manager-->C:\Program Files (x86)\Electronic Arts\EADM\EADMUI\EADMUninstall.exe
Fallout 3-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x9 -removeonly
Futuremark SystemInfo-->"C:\Program Files (x86)\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0409 -removeonly
GamePark-->"C:\Program Files (x86)\GamePark\unins000.exe"
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\8.0.552.237\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
ID3-TagIT 3-->"C:\Program Files (x86)\ID3-TagIT 3\unins000.exe"
LG Bluetooth Drivers-->MsiExec.exe /X{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}
LG MC USB U330 driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}\setup.exe" -l0x5 -removeonly
LG USB Modem driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\Setup.exe" -l0x9 LG
LG USB Modem Drivers-->MsiExec.exe /X{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}
Logitech Gaming Software 5.08-->MsiExec.exe /X{96F1BA99-300F-4DD5-A26B-788EF63B53B1}
Mafia-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "E:\MAFIA\Uninstall\setup.exe" -l0x5
Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Mass Effect-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/17460
McAfee AntiVirus Plus-->C:\Program Files\McAfee\MSC\mcuihost.exe /body:misp://MSCJsRes.dll::uninstall.html /id:uninstall
Medal of Honor (TM)-->MsiExec.exe /X{415030B8-3E8B-462A-8C03-41D95AA3AB3B}
Metro 2033-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/43110
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Flight Simulator X: Acceleration-->C:\Windows\SysWOW64\msiexec.exe /qb /l*vx "%TEMP%\FlightSimUninstall.log" /uninstall {A9729B90-D37B-4A69-B66A-7436AC1F7274}
Microsoft Flight Simulator X: Acceleration-->MsiExec.exe /I{A9729B90-D37B-4A69-B66A-7436AC1F7274}
Microsoft Flight Simulator X-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{9527A496-5DF9-412A-ADC7-168BA5379CA6}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{1FDA5A37-B22D-43FF-B582-B8964050DC13}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{86A4C6D9-29EE-4719-AFA1-BA3341862B83}
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053-->MsiExec.exe /X{B6E3757B-5E77-3915-866A-CCFC4B8D194C}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Mozilla Firefox (3.6.13)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
n52te Editor-->C:\Program Files (x86)\InstallShield Installation Information\{0AC8162B-5175-41D7-B963-8307A40BD456}\n52te_win_driver_v2.1.2.exe -runfromtemp -l0x0009 -removeonly
Need for Speed™ SHIFT-->MsiExec.exe /X{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
Odinstalovat LG PC Suite III-->"C:\Program Files (x86)\LG Electronics\LG PC Suite III\unins000.exe"
OpenAL-->"C:\Program Files (x86)\OpenAL\OALInst.exe" /U
PunkBuster Services-->C:\Windows\system32\pbsvc_bc2.exe -u
Rapture3D 2.3.26 Game-->"C:\Program Files (x86)\BRS\unins000.exe"
Razer Copperhead-->C:\Program Files (x86)\InstallShield Installation Information\{28A946E1-E83B-4662-BC7C-23451851489E}\setup.exe -runfromtemp -l0x0009 -removeonly
Razer Mamba-->MsiExec.exe /X{7BE49DA7-EDA4-4C63-AA06-DCDF6858C3F3}
RealPlayer-->c:\program files (x86)\real\realplayer\Update\r1puninst.exe RealNetworks|RealPlayer|12.0
RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
S.T.A.L.K.E.R. - Call of Pripyat [v1.6.01]-->"C:\Program Files (x86)\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\unins000.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Sniper: Ghost Warrior-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/34830
SoundFont Bank Manager-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
The Chronicles of Riddick - Assault on Dark Athena-->C:\Program Files (x86)\InstallShield Installation Information\{AF012B6B-87C9-4E9E-8DCA-AB4E99E3CA60}\setup.exe -runfromtemp -l0x0005 -removeonly
The Lord of the Rings FREE Trial -->MsiExec.exe /X{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}
thriXXX 3DSexVilla2-105.001-->"E:\Program Files (x86)\thriXXX\3D SexVilla 2 - Everlust\Binaries\Uninstall-3DSexVilla2-Everlust-105.001.exe"
THX Setup Console-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CAAE8EC2-2340-4D6E-A74D-07814046A11B}\setup.exe" -l0x9 /remove
Tom Clancy's H.A.W.X. 2-->"C:\Program Files (x86)\InstallShield Installation Information\{76A232AF-B7D6-41A4-B795-6B355E6D32B1}\setup.exe" -runfromtemp -l0x0009 -removeonly
Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
VC80MFCRedist - 8.0.50727.4053-->MsiExec.exe /I{8F2F35B0-4019-4291-BBF5-121F51637FC7}
Volume Panel-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9 /remove
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{9B48B0AC-C813-4174-9042-476A887592C7}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Wings of Prey-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/45300
WMV9/VC-1 Video Playback-->MsiExec.exe /X{AE0D971F-5430-8874-B09E-3F1C76E2F8FF}
yuPlay client 0.7.17-->"C:\program files (x86)\steam\steamapps\common\wings of prey\yuPlay\unins000.exe"

======System event log======

Computer Name: Kokes-PC
Event Code: 1014
Message: Name resolution for the name wpad.siemens timed out after none of the configured DNS servers responded.
Record Number: 189567
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20101130173702.055664-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: Kokes-PC
Event Code: 1014
Message: Name resolution for the name forums.steampowered.com timed out after none of the configured DNS servers responded.
Record Number: 188014
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20101128201539.840734-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: Kokes-PC
Event Code: 1014
Message: Name resolution for the name auto.idnes.cz timed out after none of the configured DNS servers responded.
Record Number: 187934
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20101128181230.499914-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: Kokes-PC
Event Code: 7000
Message: The McAfee Inc. mferkdk service failed to start due to the following error:
The specified procedure could not be found.
Record Number: 187796
Source Name: Service Control Manager
Time Written: 20101128172112.567382-000
Event Type: Error
User:

Computer Name: Kokes-PC
Event Code: 1014
Message: Name resolution for the name wpad.siemens timed out after none of the configured DNS servers responded.
Record Number: 187290
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20101124181437.797851-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

=====Application event log=====

Computer Name: Kokes-PC
Event Code: 1002
Message: The program Bioshock.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 288
Start Time: 01ca83516b28799d
Termination Time: 5278
Application Path: C:\Program Files (x86)\2K Games\BioShock\Builds\Release\Bioshock.exe
Report Id:

Record Number: 480
Source Name: Application Hang
Time Written: 20091222221227.000000-000
Event Type: Error
User:

Computer Name: Kokes-PC
Event Code: 16388
Message: ATI EEU Client event error
Record Number: 220
Source Name: ATIeRecord
Time Written: 20091222203203.000000-000
Event Type: Error
User:

Computer Name: Kokes-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-3712394416-604992445-1295939590-1001:
Process 440 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-3712394416-604992445-1295939590-1001

Record Number: 193
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20091222202557.926625-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Kokes-PC
Event Code: 11
Message: Possible Memory Leak. Application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 1004) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (20). User Action: Contact your application vendor for an updated version of the application.
Record Number: 114
Source Name: Microsoft-Windows-RPC-Events
Time Written: 20091222202019.561875-000
Event Type: Warning
User: NT AUTHORITY\LOCAL SERVICE

Computer Name: Kokes-PC
Event Code: 1008
Message: The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}.

Record Number: 110
Source Name: Microsoft-Windows-Search
Time Written: 20091222202008.000000-000
Event Type: Warning
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091222201335.921875-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247E29-32$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x1bc
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091222201335.921875-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: The Per-user audit policy table was created.

Number of Elements: 0
Policy ID: 0x30b18
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091222201335.453125-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Logon Type: 0

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x4
Process Name:

Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: -
Authentication Package: -
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091222201334.000000-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Windows is starting up.

This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091222201333.890625-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;%CommonProgramFiles%\Microsoft Shared\Windows Live;c:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Common Files\DivX Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 4 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0403

-----------------EOF-----------------

Logfile of random's system information tool 1.08 (written by random/random)
Run by Kokes at 2011-01-30 16:07:05
Microsoft Windows 7 Home Premium
System drive C: has 37 GB (22%) free of 165 GB
Total RAM: 4094 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:07:16, on 30.1.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Creative\AutoMode Switcher\CTSMode.exe
C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Razer\Copperhead\razerhid.exe
C:\Program Files (x86)\n52te\n52teHid.exe
C:\Program Files (x86)\Razer\Copperhead\razerofa.exe
C:\Program Files (x86)\Real\realplayer\Update\realsched.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Razer\Mamba\RazerTray.exe
C:\Program Files\trend micro\Kokes.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101230094955.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [Copperhead] C:\Program Files (x86)\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [Jomantha] C:\Program Files (x86)\n52te\n52teHid.exe
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Razer Mamba Driver] C:\Program Files (x86)\Razer\Mamba\RazerTray.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CTSMode] C:\Program Files (x86)\Creative\AutoMode Switcher\CTSMode.exe /trayicon /nt
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Dolby Digital Live Pack Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\DDLLicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9565 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"
"rundll32.exe" "C:\Program Files (x86)\McAfee\SiteAdvisor\saHook.dll" saHooker_Initialize_and_Wait
"C:\Windows\system32\mfevtps.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc
taskeng.exe {684C2A97-8E79-4EFB-8551-A73590BF96A7}
taskeng.exe {C8A4D7F1-3A89-491C-AB22-50928896E7E5}
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files (x86)\Steam\steam.exe" -silent
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Creative\AutoMode Switcher\CTSMode.exe" /trayicon /nt
"C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r
"C:\Program Files (x86)\Razer\Copperhead\razerhid.exe"
"C:\Program Files (x86)\n52te\n52teHid.exe"
"C:\Program Files (x86)\Razer\Copperhead\razerofa.exe"
"C:\Program Files (x86)\Real\realplayer\Update\realsched.exe" -osboot
"C:\Windows\SysWOW64\CTXFISPI.EXE" -Embedding
"C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Razer\Mamba\RazerTray.exe"
WLIDSvcM.exe 2020
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\system32\sppsvc.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Kokes\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101230094955.dll [2010-10-13 78968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2009-01-29 194576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-12-05 382720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101230094955.dll [2010-10-13 73288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2009-01-29 194576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 190472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2010-11-17 1242448]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"CTSMode"=C:\Program Files (x86)\Creative\AutoMode Switcher\CTSMode.exe [2008-10-29 430080]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"=C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe [2009-02-03 237693]
"Copperhead"=C:\Program Files (x86)\Razer\Copperhead\razerhid.exe [2009-11-19 135168]
"Jomantha"=C:\Program Files (x86)\n52te\n52teHid.exe [2008-06-13 159744]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-30 98304]
"TkBellExe"=C:\Program Files (x86)\Real\realplayer\update\realsched.exe [2010-12-05 274608]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2010-11-22 1484856]
"Razer Mamba Driver"=C:\Program Files (x86)\Razer\Mamba\RazerTray.exe [2009-12-15 3278728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-01-30 16:07:05 ----D---- C:\rsit
2011-01-29 12:47:46 ----SHD---- C:\$RECYCLE.BIN
2011-01-29 11:22:15 ----D---- C:\Windows\ERDNT
2011-01-29 00:40:44 ----D---- C:\Users\Kokes\AppData\Roaming\Malwarebytes
2011-01-29 00:40:39 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-01-29 00:40:38 ----D---- C:\ProgramData\Malwarebytes
2011-01-29 00:40:36 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-01-29 00:40:35 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-01-28 23:59:46 ----D---- C:\Program Files\trend micro
2011-01-28 23:15:42 ----D---- C:\Program Files (x86)\CCleaner
2011-01-28 19:38:30 ----D---- C:\Program Files\Defraggler
2011-01-28 19:36:44 ----D---- C:\Program Files (x86)\Google
2011-01-28 18:23:25 ----A---- C:\Windows\system32\drivers\RtVlan60.sys
2011-01-28 18:23:25 ----A---- C:\Windows\system32\drivers\RtTeam60.sys
2011-01-28 18:23:25 ----A---- C:\Windows\system32\drivers\RtNdPt60.sys
2011-01-28 18:23:24 ----D---- C:\Program Files (x86)\Realtek
2011-01-12 19:18:27 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2011-01-12 19:18:27 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-01-12 19:18:27 ----A---- C:\Windows\system32\WMVDECOD.DLL
2011-01-12 19:18:27 ----A---- C:\Windows\system32\DWrite.dll
2011-01-12 19:18:27 ----A---- C:\Windows\system32\d3d10warp.dll
2011-01-12 19:18:27 ----A---- C:\Windows\system32\d2d1.dll
2011-01-12 19:18:26 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-01-12 19:18:26 ----A---- C:\Windows\system32\XpsPrint.dll
2011-01-12 19:18:26 ----A---- C:\Windows\system32\mf.dll
2011-01-12 19:18:26 ----A---- C:\Windows\system32\FntCache.dll
2011-01-12 19:18:25 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-01-12 19:18:25 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-01-12 19:18:25 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2011-01-12 19:18:25 ----A---- C:\Windows\SYSWOW64\mf.dll
2011-01-12 19:18:25 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-01-12 19:18:25 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-01-12 19:18:25 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-01-12 19:18:25 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-01-12 19:18:24 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2011-01-12 19:18:24 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2011-01-12 19:18:24 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2011-01-12 19:18:24 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2011-01-12 19:18:24 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-01-12 19:18:24 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-01-12 19:18:24 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-01-12 19:18:24 ----A---- C:\Windows\system32\mfps.dll
2011-01-12 19:18:24 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-01-12 19:18:24 ----A---- C:\Windows\system32\d3d10_1.dll
2011-01-12 19:18:24 ----A---- C:\Windows\system32\cdd.dll
2011-01-12 19:17:16 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2011-01-12 19:17:16 ----A---- C:\Windows\system32\odbc32.dll
2011-01-02 18:22:07 ----D---- C:\ProgramData\WOP

======List of files/folders modified in the last 1 months======

2011-01-30 16:07:05 ----D---- C:\Windows\Temp
2011-01-30 16:06:35 ----D---- C:\Windows\system32\config
2011-01-30 16:03:25 ----D---- C:\Program Files (x86)\Steam
2011-01-30 10:52:49 ----D---- C:\Windows\system32\NDF
2011-01-29 16:59:36 ----D---- C:\Windows
2011-01-29 16:59:28 ----SHD---- C:\System Volume Information
2011-01-29 16:58:58 ----D---- C:\Windows\system32\drivers
2011-01-29 11:26:45 ----A---- C:\Windows\system.ini
2011-01-29 11:25:17 ----D---- C:\Windows\SYSWOW64\drivers
2011-01-29 11:25:17 ----D---- C:\Windows\SysWOW64
2011-01-29 11:25:17 ----D---- C:\Windows\System32
2011-01-29 11:25:17 ----D---- C:\Windows\AppPatch
2011-01-29 11:25:16 ----D---- C:\Program Files\Common Files
2011-01-29 11:25:16 ----D---- C:\Program Files (x86)\Common Files
2011-01-29 00:40:38 ----D---- C:\ProgramData
2011-01-29 00:40:35 ----RD---- C:\Program Files (x86)
2011-01-28 23:59:46 ----RD---- C:\Program Files
2011-01-28 23:19:22 ----D---- C:\Windows\Minidump
2011-01-28 23:19:22 ----D---- C:\Windows\debug
2011-01-28 19:36:54 ----SHD---- C:\Windows\Installer
2011-01-28 19:36:51 ----D---- C:\Windows\Tasks
2011-01-28 19:36:51 ----D---- C:\Windows\system32\Tasks
2011-01-28 18:24:03 ----D---- C:\Windows\inf
2011-01-28 18:23:51 ----D---- C:\Windows\system32\DriverStore
2011-01-28 18:23:51 ----D---- C:\Windows\system32\catroot
2011-01-28 18:23:23 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-01-27 23:30:01 ----D---- C:\Windows\Prefetch
2011-01-24 20:48:53 ----D---- C:\Windows\winsxs
2011-01-24 20:48:44 ----D---- C:\Program Files (x86)\Razer
2011-01-19 20:36:19 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-01-16 16:37:23 ----D---- C:\Windows\system32\catroot2
2011-01-12 22:23:14 ----A---- C:\Windows\system32\MRT.exe
2011-01-05 22:23:31 ----D---- C:\Program Files (x86)\Electronic Arts
2011-01-03 19:44:30 ----RSD---- C:\Windows\assembly
2011-01-03 18:24:32 ----D---- C:\Program Files (x86)\McAfee.com

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2010-10-13 529128]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 mfenlfk;McAfee NDIS Light Filter; C:\Windows\system32\DRIVERS\mfenlfk.sys [2010-10-13 75032]
R1 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2010-10-13 283360]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-01-05 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-01-05 43680]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-10-22 7883264]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-10-22 285696]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-10-22 116240]
R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2010-10-13 62800]
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [2009-04-09 202776]
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2009-04-09 580632]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2009-04-09 684312]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS [2009-04-09 1417240]
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS [2009-04-09 94744]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2009-04-09 15896]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2009-04-09 213016]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2009-04-09 118296]
R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2009-04-09 1561112]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2010-10-13 121248]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2010-10-13 190136]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2010-10-13 441328]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2009-04-09 179224]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2009-09-11 26248]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2009-09-11 15880]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2009-09-11 76552]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-03-09 123408]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-10-22 7883264]
S3 copperhd;Razer Copperhead Driver; C:\Windows\system32\drivers\copperhd.sys [2009-11-10 14336]
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS [2009-04-09 202776]
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS [2009-04-09 1417240]
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS [2009-04-09 94744]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-12-09 20544]
S3 JmtFltr;n52te; C:\Windows\system32\drivers\JmtFltr.sys [2007-09-29 46464]
S3 mfeavfk01;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk01.sys []
S3 mferkdet;McAfee Inc. mferkdet; C:\Windows\system32\drivers\mferkdet.sys [2010-10-13 94864]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2009-12-21 51712]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 24064]
S3 SaiHFFB5;SaiHFFB5; C:\Windows\system32\DRIVERS\SaiHFFB5.sys [2008-04-04 178560]
S3 SaiIFFB5;Immersion's HID USB Driver (FFB5); C:\Windows\system32\DRIVERS\SaiIFFB5.sys [2008-04-04 20864]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2009-12-21 51712]
S3 uisp;Freescale USB JW32 driver; C:\Windows\System32\Drivers\usbicp.sys [2005-10-21 19200]
S3 usbbus;LGE CDMA Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [2008-11-11 17920]
S3 UsbDiag;LGE CDMA USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [2008-11-11 27136]
S3 USBModem;LGE CDMA USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [2008-11-11 33792]
S3 vhidmini;Virtual Hid Device; C:\Windows\system32\DRIVERS\vhidmini.sys [2007-09-29 13952]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2009-09-11 41096]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2009-09-11 36872]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-10-22 203264]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2009-01-23 203280]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 mcmscsvc;McAfee Services; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 McShield;McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2010-10-13 200056]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-13 245352]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2010-10-13 149032]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-12-15 75136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-01-11 407336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-28 136176]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-12-22 79360]
S3 Creative Dolby Digital Live Pack Licensing Service;Creative Dolby Digital Live Pack Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\DDLLicensing.exe [2009-12-22 79360]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-12-14 128928]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2010-10-07 509416]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-10 1255736]

-----------------EOF-----------------

stáhněte http://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V


Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky

Ten AVPTOOl pustim az pujdu zitra do roboty, zde je Crystaldisk:
----------------------------------------------------------------------------
CrystalDiskInfo 3.10.0 (C) 2008-2010 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition [6.1 Build 7600] (x64)
Date : 2011/01/30 21:24:00

-- Controller Map ----------------------------------------------------------
+ Standard Dual Channel PCI IDE Controller [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Standard Dual Channel PCI IDE Controller [ATA]
+ ATA Channel 0 (0)
- SAMSUNG HD322HJ ATA Device
+ ATA Channel 1 (1)
- TSSTcorp CDDVDW SH-S223Q ATA Device

-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HD322HJ : 319.9 GB [0-0-0, pd1]

----------------------------------------------------------------------------
(1) SAMSUNG HD322HJ
----------------------------------------------------------------------------
Model : SAMSUNG HD322HJ
Firmware : 1AC01113
Serial Number : S17AJ9CQ902607
Disk Size : 319.9 GB (8.4/137.4/319.9)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 624876202
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 3b
Transfer Mode : SATA/300
Power On Hours : 3726 hod.
Power On Count : 877 krát
Temparature : 28 C (82 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
03 _93 _93 _11 000000000B86 Čas na roztočení ploten
04 _99 _99 __0 0000000003EE Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _51 000000000000 Počet chybných hledání
08 100 100 _15 000000000000 Čas potřebný na vyhledání
09 _99 _99 __0 000000000E8E Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 00000000036D Počet cyklů zapnutí zařízení
0D 100 100 __0 000000000000 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B7 100 100 __0 000000000000 Neznámý
B8 100 100 __0 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _74 _65 __0 00001A10001A Teplota toku vzduchu
C2 _72 _63 __0 00001C10001C Teplota
C3 100 100 __0 0000003D6B82 Počet oprav chybného čtení
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 _99 __0 000000000077 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 100 100 __0 000000000000 Počet chyb při čtení programů z disku

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 40 3F FF C8 37 00 10 88 56 02 2A 00 3F 00 00
010: 00 00 00 00 53 31 37 41 4A 39 43 51 39 30 32 36
020: 30 37 20 20 20 20 20 20 00 03 80 00 00 04 31 41
030: 43 30 31 31 31 33 53 41 4D 53 55 4E 47 20 48 44
040: 33 32 32 48 4A 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 17 06 00 00 00 4C 00 40
0A0: 00 F8 00 52 74 6B 7F 69 41 33 74 69 BC 41 41 23
0B0: 40 FF 00 1C 00 1C 00 00 FF FE 00 00 FE 00 00 08
0C0: 00 05 00 5D 86 A0 00 01 DA AA 25 3E 00 00 00 00
0D0: 00 64 00 00 00 00 00 00 50 00 0F 00 08 09 62 70
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 1C
0F0: 40 1C 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 04 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 A5