VIRY.CZ

Prosím o kontrolu PC. Chvíli maká dobře, pak zamrzne, co chvíli hlásí, že nějaký program neodpovídá... pak zase maká... tak nevím, antivirus nehlásí nic.
Díky.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Tomášek a Marcelka at 2011-03-01 11:40:35
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 103 GB (44%) free of 237 GB
Total RAM: 2039 MB (52% free)


======Scheduled tasks folder======

C:\Windows\tasks\Defraggler Volume C Task.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{00889C5B-2733-4129-8429-44D927EAE9DC}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2ACBFCB4-EFE1-3D6A-9CF2-9F200B9C5DDF}]
D

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4AAF2B34-5639-421F-7345-3FBE50B44BB6}]
Groove Folder Synchronization

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-02-28 298160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll [2011-02-28 848952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-31 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.2.dll [2010-03-01 1107608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-08-16 962808]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-02-28 298160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-07-28 9398888]
"pdfSaver3"= []
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2219184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-12-27 39408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe [2010-01-27 256280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-08-09 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2010-04-12 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RunMMD]
C:\Program Files\Mio\MMD2\RunMMD.exe [2009-11-13 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RunSpySweeperScheduleAtStartup]
C:\Windows\system32\msfeedssync.exe [2010-12-18 13312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-12-27 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=145
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-03-01 11:35:56 ----D---- C:\Program Files\trend micro
2011-03-01 11:35:55 ----D---- C:\rsit
2011-02-28 08:11:36 ----A---- C:\Windows\system32\shsvcs.dll
2011-02-23 09:32:05 ----D---- C:\Windows\system32\WindowsPowerShell
2011-02-23 09:30:11 ----A---- C:\Windows\system32\winrsmgr.dll
2011-02-23 09:30:04 ----A---- C:\Windows\system32\wsmprovhost.exe
2011-02-23 09:30:04 ----A---- C:\Windows\system32\winrshost.exe
2011-02-23 09:30:04 ----A---- C:\Windows\system32\winrs.exe
2011-02-23 09:30:03 ----A---- C:\Windows\system32\wsmplpxy.dll
2011-02-23 09:30:03 ----A---- C:\Windows\system32\winrssrv.dll
2011-02-23 09:30:02 ----A---- C:\Windows\system32\WsmRes.dll
2011-02-23 09:30:02 ----A---- C:\Windows\system32\wevtfwd.dll
2011-02-23 09:30:02 ----A---- C:\Windows\system32\wecutil.exe
2011-02-23 09:30:02 ----A---- C:\Windows\system32\wecsvc.dll
2011-02-23 09:30:02 ----A---- C:\Windows\system32\wecapi.dll
2011-02-23 09:30:02 ----A---- C:\Windows\system32\pwrshplugin.dll
2011-02-23 09:29:58 ----A---- C:\Windows\system32\winrm.vbs
2011-02-23 09:29:57 ----A---- C:\Windows\system32\WsmWmiPl.dll
2011-02-23 09:29:57 ----A---- C:\Windows\system32\WsmSvc.dll
2011-02-23 09:29:57 ----A---- C:\Windows\system32\WsmAuto.dll
2011-02-23 09:29:57 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2011-02-23 09:29:57 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2011-02-23 09:29:57 ----A---- C:\Windows\system32\winrscmd.dll
2011-02-21 21:38:33 ----A---- C:\config.txt
2011-02-21 20:45:02 ----A---- C:\Windows\Ancient Quest of Saqqarah Uninstall Log.txt
2011-02-20 10:15:21 ----A---- C:\Windows\system32\WdiSHost.exe
2011-02-19 10:20:24 ----D---- C:\Program Files\Tibor
2011-02-19 10:05:08 ----D---- C:\Program Files\Paint.NET
2011-02-17 18:03:56 ----D---- C:\Program Files\Heroes of Hellas 2 Olympia
2011-02-15 17:11:33 ----D---- C:\ProgramData\Big Fish Games
2011-02-12 15:07:12 ----D---- C:\Program Files\Harry Potter and The Goblet of Fire
2011-02-09 19:12:02 ----D---- C:\Program Files\Electronic Arts
2011-02-09 08:30:34 ----A---- C:\Windows\system32\win32k.sys
2011-02-09 08:30:29 ----A---- C:\Windows\system32\ntdll.dll
2011-02-09 08:30:28 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-02-09 08:30:27 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-02-09 08:30:20 ----A---- C:\Windows\system32\FntCache.dll
2011-02-09 08:30:20 ----A---- C:\Windows\system32\d3d10warp.dll
2011-02-09 08:30:19 ----A---- C:\Windows\system32\DWrite.dll
2011-02-09 08:30:18 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-02-09 08:30:18 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-02-09 08:30:18 ----A---- C:\Windows\system32\MFH264Dec.dll
2011-02-09 08:30:18 ----A---- C:\Windows\system32\d2d1.dll
2011-02-09 08:30:17 ----A---- C:\Windows\system32\XpsPrint.dll
2011-02-09 08:30:16 ----A---- C:\Windows\system32\xpsservices.dll
2011-02-09 08:30:16 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-02-09 08:30:16 ----A---- C:\Windows\system32\mfmp4src.dll
2011-02-09 08:30:16 ----A---- C:\Windows\system32\MFHEAACdec.dll
2011-02-09 08:30:15 ----A---- C:\Windows\system32\OpcServices.dll
2011-02-09 08:30:15 ----A---- C:\Windows\system32\dxgi.dll
2011-02-09 08:30:15 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-02-09 08:30:14 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-02-09 08:30:13 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2011-02-09 08:30:13 ----A---- C:\Windows\system32\mf.dll
2011-02-09 08:30:13 ----A---- C:\Windows\system32\d3d10_1.dll
2011-02-09 08:30:13 ----A---- C:\Windows\system32\d3d10.dll
2011-02-09 08:30:12 ----A---- C:\Windows\system32\shdocvw.dll
2011-02-09 08:30:12 ----A---- C:\Windows\system32\mfplat.dll
2011-02-09 08:30:12 ----A---- C:\Windows\system32\d3d10level9.dll
2011-02-09 08:30:12 ----A---- C:\Windows\system32\d3d10core.dll
2011-02-09 08:30:11 ----A---- C:\Windows\system32\stobject.dll
2011-02-09 08:30:10 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2011-02-09 08:30:10 ----A---- C:\Windows\system32\mfps.dll
2011-02-09 08:30:10 ----A---- C:\Windows\system32\cdd.dll
2011-02-09 08:30:02 ----A---- C:\Windows\system32\mshtml.dll
2011-02-09 08:29:59 ----A---- C:\Windows\system32\ieframe.dll
2011-02-09 08:29:57 ----A---- C:\Windows\system32\urlmon.dll
2011-02-09 08:29:57 ----A---- C:\Windows\system32\msfeeds.dll
2011-02-09 08:29:56 ----A---- C:\Windows\system32\wininet.dll
2011-02-09 08:29:55 ----A---- C:\Windows\system32\mstime.dll
2011-02-09 08:29:55 ----A---- C:\Windows\system32\iertutil.dll
2011-02-09 08:29:55 ----A---- C:\Windows\system32\iedkcs32.dll
2011-02-09 08:29:54 ----A---- C:\Windows\system32\occache.dll
2011-02-09 08:29:54 ----A---- C:\Windows\system32\mshtmled.dll
2011-02-09 08:29:54 ----A---- C:\Windows\system32\msfeedssync.exe
2011-02-09 08:29:54 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-02-09 08:29:54 ----A---- C:\Windows\system32\licmgr10.dll
2011-02-09 08:29:54 ----A---- C:\Windows\system32\jsproxy.dll
2011-02-09 08:29:54 ----A---- C:\Windows\system32\ieUnatt.exe
2011-02-09 08:29:54 ----A---- C:\Windows\system32\ieui.dll
2011-02-09 08:29:54 ----A---- C:\Windows\system32\iesysprep.dll
2011-02-09 08:29:54 ----A---- C:\Windows\system32\iesetup.dll
2011-02-09 08:29:54 ----A---- C:\Windows\system32\iernonce.dll
2011-02-09 08:29:54 ----A---- C:\Windows\system32\iepeers.dll
2011-02-09 08:29:54 ----A---- C:\Windows\system32\ie4uinit.exe
2011-02-09 08:29:47 ----A---- C:\Windows\system32\shell32.dll
2011-02-09 08:29:44 ----A---- C:\Windows\system32\shlwapi.dll
2011-02-09 08:29:42 ----A---- C:\Windows\system32\atmlib.dll
2011-02-09 08:29:42 ----A---- C:\Windows\system32\atmfd.dll
2011-02-04 17:39:44 ----D---- C:\Program Files\ICQ7.4

======List of files/folders modified in the last 1 months======

2011-03-01 11:40:38 ----D---- C:\Windows\TEMP
2011-03-01 11:36:05 ----D---- C:\Windows\Prefetch
2011-03-01 11:35:56 ----D---- C:\Program Files
2011-03-01 11:17:46 ----AD---- C:\ProgramData\TEMP
2011-03-01 07:59:21 ----D---- C:\Windows\System32
2011-03-01 07:59:21 ----D---- C:\Windows\inf
2011-03-01 07:59:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-03-01 07:55:03 ----SHD---- C:\System Volume Information
2011-02-28 08:19:48 ----SHD---- C:\Windows\Installer
2011-02-28 08:12:40 ----D---- C:\Windows\winsxs
2011-02-28 08:09:47 ----D---- C:\Windows\system32\catroot2
2011-02-28 08:09:47 ----D---- C:\Windows\system32\catroot
2011-02-28 08:01:08 ----D---- C:\Program Files\ESET
2011-02-27 14:01:03 ----SD---- C:\Windows\Downloaded Program Files
2011-02-26 17:18:47 ----D---- C:\Program Files\EA GAMES
2011-02-26 17:11:48 ----RHD---- C:\Users\Tomášek a Marcelka\AppData\Roaming\SecuROM
2011-02-26 17:02:31 ----D---- C:\Users\Tomášek a Marcelka\AppData\Roaming\Big Fish Games
2011-02-26 16:42:09 ----RD---- C:\Users
2011-02-26 16:41:13 ----AHD---- C:\ProgramData
2011-02-26 16:40:57 ----D---- C:\ProgramData\Playrix Entertainment
2011-02-24 19:44:09 ----D---- C:\Users\Tomášek a Marcelka\AppData\Roaming\ICQ
2011-02-23 10:24:18 ----D---- C:\Windows\Microsoft.NET
2011-02-23 09:41:15 ----D---- C:\Windows\rescache
2011-02-23 09:33:56 ----RSD---- C:\Windows\assembly
2011-02-23 09:32:06 ----D---- C:\Windows\system32\cs-CZ
2011-02-23 09:32:06 ----D---- C:\Windows\PolicyDefinitions
2011-02-23 09:22:27 ----AD---- C:\Windows
2011-02-22 17:10:49 ----D---- C:\Program Files\Common Files
2011-02-22 17:07:12 ----D---- C:\Program Files\moorhuhn
2011-02-22 17:02:56 ----HD---- C:\Program Files\InstallShield Installation Information
2011-02-21 20:46:17 ----D---- C:\Program Files\Gobliiins 4
2011-02-20 16:36:49 ----D---- C:\Windows\Minidump
2011-02-18 23:31:51 ----D---- C:\Users\Tomášek a Marcelka\AppData\Roaming\BitTorrent
2011-02-18 23:07:24 ----D---- C:\BigFishGamesCache
2011-02-15 21:44:31 ----D---- C:\Users\Tomášek a Marcelka\AppData\Roaming\Skype
2011-02-15 18:05:29 ----D---- C:\Users\Tomášek a Marcelka\AppData\Roaming\skypePM
2011-02-15 17:11:39 ----D---- C:\Program Files\bfgclient
2011-02-14 17:08:52 ----D---- C:\Windows\system32\drivers
2011-02-14 17:08:05 ----D---- C:\ProgramData\ESET
2011-02-10 20:57:42 ----D---- C:\Windows\system32\drivers\UMDF
2011-02-09 17:07:59 ----D---- C:\Windows\system32\migration
2011-02-09 17:07:59 ----D---- C:\Program Files\Windows Mail
2011-02-09 17:07:59 ----D---- C:\Program Files\Internet Explorer
2011-02-09 17:01:26 ----A---- C:\Windows\system32\mrt.exe
2011-02-06 21:04:38 ----D---- C:\Program Files\Common Files\microsoft shared
2011-02-02 17:11:20 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [2004-01-26 95552]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [2003-09-06 6944]
R0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-11-13 717296]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-01-26 52224]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2009-01-19 277544]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-08-07 281504]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 95384]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-08-07 25888]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-07-28 3154920]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-11-20 507136]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 aetpjash;aetpjash; C:\Windows\system32\drivers\aetpjash.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
S3 catchme;catchme; \??\C:\Users\TOMEKA~1\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 sony_ssm.sys;sony_ssm.sys; \??\C:\Users\TOMEKA~1\AppData\Local\Temp\sony_ssm.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe [2007-03-12 517768]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-07 167936]
R2 UserAccess7;SecuROM User Access Service (V7); C:\Windows\system32\UAService7.exe [2008-09-03 225280]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-27 135664]
S2 Plánovač automatické aktualizace LiveUpdate;Plánovač automatické aktualizace LiveUpdate; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 33584]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-09 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-10-26 155344]

-----------------EOF-----------------

Zdravim, pekny den preji a vitam Vas u nas na foru

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Predpokladam ze ten NOD32 mate legalni = zakoupena licence

NOD je stažený ze stránek ESET - na zkoušku na měsíc.


info.txt logfile of random's system information tool 1.08 2011-03-01 11:36:07

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Program Files\Wicked Studios\Keepsake\Uninstall KeepSake_sK.exe
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
4 Elements 1.0-->"C:\Program Files\4 Elements\unins000.exe"
602XML Filler-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E61CAE2E-6D6E-43C1-941B-17A69BC144C5}\setup.exe" -l0x5 -REMOVE -removeonly
Acrobat.com-->msiexec /qb /x {6D8D64BE-F500-55B6-705D-DFD08AFE0624}
Acrobat.com-->MsiExec.exe /I{6D8D64BE-F500-55B6-705D-DFD08AFE0624}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A92000000001}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
Apple Application Support-->MsiExec.exe /I{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}
Apple Mobile Device Support-->MsiExec.exe /I{8355F970-601D-442D-A79B-1D7DB4F24CAD}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Avanquest update-->"C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe" -runfromtemp -l0x0009 -removeonly
Battle for Wesnoth 1.7.6-->"C:\Program Files\Battle for Wesnoth 1.7.6\Uninstall.exe"
Big Fish Games: Game Manager-->C:\Program Files\bfgclient\Uninstall.exe
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Cradle Of Rome 2 Just For Fun Games-->C:\Program Files\Cradle Of Rome 2\Uninstall.exe
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
Eldorado Puzzle-->"C:\Program Files\GameTop.com\Eldorado Puzzle\unins000.exe"
Epson Easy Photo Print 2-->C:\Program Files\InstallShield Installation Information\{DEDB47A3-C988-4A43-A645-E2CEA571E680}\SETUP.EXE -runfromtemp -l0x0009 UNINST -removeonly
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Stylus SX100_TX100 Manuál-->C:\Program Files\EPSON\TPMANUAL\ESSX100_TX100\CZE\USE_G\DOCUNINS.EXE
EPSON SX100 Series Printer Uninstall-->C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FINSEDE.EXE /R /APD /P:"EPSON SX100 Series"
Fishdom 2-->"C:\Program Files\Fishdom 2\Uninstall.exe"
Fishdom Harvest Splash-->"C:\Windows\Fishdom Harvest Splash\uninstall.exe" "/U:C:\Program Files\Fishdom Harvest Splash\Uninstall\uninstall.xml"
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_C8CBFED7F00D3A8C.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Harry Potter a ohnivý pohár™-->C:\Program Files\Electronic Arts\Harry Potter a ohnivý pohár\EAUninstall.exe
Harry Potter and the Order of the Phoenix™-->C:\Program Files\Electronic Arts\Harry Potter and the Order of the Phoenix\EAUninstall.exe
Heroes of Hellas 2 Olympia-->"C:\Program Files\Heroes of Hellas 2 Olympia\unins000.exe"
Heroes of Might and Magic V - Tribes of the East-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66FF4C48-0083-4E60-8556-B883AB200092}\setup.exe" -l0x9
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
ICQ7.4-->"C:\Program Files\InstallShield Installation Information\{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Kitten Sanctuary-->"C:\Windows\Kitten Sanctuary\uninstall.exe" "/U:C:\Program Files\Kitten Sanctuary\Uninstall\uninstall.xml"
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Logitech Gaming Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{648F9C94-EC44-487B-9DA4-44ED72A082CC}\setup.exe" -l0x9
MagicDisc 2.7.106-->C:\PROGRA~1\MAGICD~1\UNWISE.EXE C:\PROGRA~1\MAGICD~1\INSTALL.LOG
Media Go-->MsiExec.exe /X{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}
Microsoft .NET Framework 1.1 Security Update (KB2416447)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mio More Desktop 2-->"C:\Program Files\Mio\MMD2\unins000.exe"
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Mystery Case Files®: Dire Grove™-->"C:\Program Files\Mystery Case Files - Dire Grove\Uninstall.exe"
Need for Speed™ Most Wanted-->C:\Program Files\EA GAMES\Need for Speed Most Wanted\EAUninstall.exe
Nero 7 Essentials-->MsiExec.exe /X{AAB93551-3FFE-42B2-8315-96252BBC1029}
NVIDIA GAME System Software 2.8.1-->MsiExec.exe /I{4F0C7CCF-5666-474B-B02E-AC514A95EC93}
NVIDIA PhysX-->MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
OLYMPUS CAMEDIA Master 4.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{30BB4D60-81DB-11D5-BB77-00400536ABAC}\setup.exe" CAMEDIA Master 4.2
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
Panda Craze Gold-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9935746D-9D0D-4D8D-A286-44FBD123E88C}\setup.exe" -l0x9 -removeonly
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PlayStation(R)Network Downloader-->MsiExec.exe /X{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}
PlayStation(R)Store-->MsiExec.exe /X{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
Prince of Persia T2T-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}\setup.exe" -l0x9 -removeonly
ProtectDisc Driver, Version 11-->C:\Program Files\ProtectDisc Driver Installer\uninstall_v11.exe
PSPad editor-->"C:\Program Files\PSPad editor\Uninst\unins000.exe"
Puzzle Hero-->"C:\Windows\Puzzle Hero\uninstall.exe" "/U:C:\Program Files\Puzzle Hero\Uninstall\uninstall.xml"
Puzzle Quest-->"C:\Windows\Puzzle Quest\uninstall.exe" "/U:C:\Program Files\Puzzle Quest\Uninstall\uninstall.xml"
QuickTime-->MsiExec.exe /I{EB900AF8-CC61-4E15-871B-98D1EA3E8025}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Restaurant Empire-->"C:\Program Files\Restaurant Empire\Uninstall.exe"
Secret Files Tunguska-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3B416FDA-CB3E-4514-9616-763E5B0D1140}\setup.exe" -l0x9 -removeonly
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2289158)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {210B16C0-CEBD-4DE9-B474-04A7E8735E16}
Security Update for 2007 Microsoft Office System (KB2344875)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Security Update for Microsoft Office Excel 2007 (KB2345035)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B23002DD-34EC-4988-B810-A5E2A0BF04F1}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3DED0A62-44C8-4E00-A785-5212F297A9D9}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.)-->"C:\Program Files\Seznam.cz\postak-uninstall.exe" /AllUsers
Sky Taxi 2: Storm 2012-->"C:\Program Files\Sky Taxi 2 - Storm 2012\Uninstall.exe"
Sky Taxi 3 - The Movie-->"C:\Program Files\Sky Taxi 3 - The Movie\uninstall.exe" "/U:C:\Program Files\Sky Taxi 3 - The Movie\Uninstall\uninstall.xml"
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Sony Ericsson PC Companion 2.01.078-->"C:\Program Files\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe" -runfromtemp -l0x0009 -removeonly
SweetIM for Messenger 2.8-->MsiExec.exe /X{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}
SweetIM Toolbar for Internet Explorer 3.6-->MsiExec.exe /X{31CF6C0E-51F0-41D2-B088-A6A143C4303C}
Syberia-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\Syberia\Uninstall\Setup.exe" -l0x9
The Omega Stone: Riddle of the Sphinx II-->"C:\Program Files\The Omega Stone - Riddle of the Sphinx II\Uninstall.exe"
Tibor - Tale of a Kind Vampire-->"C:\Program Files\Tibor\unins000.exe"
Tropical Fish Shop 2-->"C:\Program Files\Tropical Fish Shop 2\uninstall.exe" "/U:C:\Program Files\Tropical Fish Shop 2\Uninstall\uninstall.xml"
Tropix 2-->C:\PROGRA~1\GAMEHO~1\TROPIX~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\TROPIX~1\INSTALL.LOG
Trust WB-1400T Webcam -->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{02095E3B-C22E-4A1A-88C6-4443E5112E67} /l1033
Turtix Rescue Adventure-->"C:\Windows\Turtix Rescue Adventure\uninstall.exe" "/U:C:\Program Files\Turtix Rescue Adventure\Uninstall\uninstall.xml"
Ubisoft Game Launcher-->"C:\Program Files\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Věda hrou-->C:\Program Files\DK\Become a Science Explorer\_uninst\uninstaller.exe
VideoLAN VLC media player 0.8.6e-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AS: Spy Emergency (disabled)
AS: Windows Defender

======System event log======

Computer Name: Horákovo
Event Code: 1074
Message: Proces Explorer.EXE inicioval Napájení vypnuto počítače HORÁKOVO jménem uživatele Horákovo\Tomášek a Marcelka z následujícího důvodu: Jiné (Neplánováno)
Kód důvodu: 0x0
Typ vypnutí: Napájení vypnuto
Komentář:
Record Number: 356760
Source Name: USER32
Time Written: 20101022212800.000000-000
Event Type: Informace
User: Horákovo\Tomášek a Marcelka

Computer Name: Horákovo
Event Code: 7036
Message: Stav služby Služba WinHTTP WPAD byl změněn na: Zastaveno
Record Number: 356759
Source Name: Service Control Manager
Time Written: 20101022211828.000000-000
Event Type: Informace
User:

Computer Name: Horákovo
Event Code: 7036
Message: Stav služby Služba WinHTTP WPAD byl změněn na: Spuštěno
Record Number: 356758
Source Name: Service Control Manager
Time Written: 20101022210158.000000-000
Event Type: Informace
User:

Computer Name: Horákovo
Event Code: 7036
Message: Stav služby Služba WinHTTP WPAD byl změněn na: Zastaveno
Record Number: 356757
Source Name: Service Control Manager
Time Written: 20101022201424.000000-000
Event Type: Informace
User:

Computer Name: Horákovo
Event Code: 7036
Message: Stav služby Služba WinHTTP WPAD byl změněn na: Spuštěno
Record Number: 356756
Source Name: Service Control Manager
Time Written: 20101022195754.000000-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: Horákovo
Event Code: 2
Message: Klient Certifikační služby byl úspěšně zastaven.
Record Number: 99415
Source Name: Microsoft-Windows-CertificateServicesClient
Time Written: 20091027155716.086101-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Horákovo
Event Code: 1530
Message: Systém Windows zjistil, že soubor registru je stále používán jinými aplikacemi nebo službami. Soubor bude nyní uvolněn. Aplikace nebo služby, které soubor registru používají, nemusejí potom fungovat správně.

PODROBNOSTI –
1 user registry handles leaked from \Registry\User\S-1-5-21-2419466016-3890592263-3983030451-1000_Classes:
Process 992 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2419466016-3890592263-3983030451-1000_CLASSES

Record Number: 99414
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20091027155620.000000-000
Event Type: Upozornění
User: NT AUTHORITY\SYSTEM

Computer Name: Horákovo
Event Code: 1530
Message: Systém Windows zjistil, že soubor registru je stále používán jinými aplikacemi nebo službami. Soubor bude nyní uvolněn. Aplikace nebo služby, které soubor registru používají, nemusejí potom fungovat správně.

PODROBNOSTI –
6 user registry handles leaked from \Registry\User\S-1-5-21-2419466016-3890592263-3983030451-1000:
Process 992 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2419466016-3890592263-3983030451-1000
Process 3876 (\Device\HarddiskVolume2\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-2419466016-3890592263-3983030451-1000\Software\Ahead\Nero Home\MediaLibrary\Scanner
Process 3876 (\Device\HarddiskVolume2\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-2419466016-3890592263-3983030451-1000\Software\Ahead\Nero Home\MediaLibrary\Scanner
Process 3876 (\Device\HarddiskVolume2\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-2419466016-3890592263-3983030451-1000\Software\Ahead\Nero Home\MediaLibrary
Process 3876 (\Device\HarddiskVolume2\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-2419466016-3890592263-3983030451-1000\Software\Ahead\Nero Home\MediaLibrary
Process 3876 (\Device\HarddiskVolume2\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-2419466016-3890592263-3983030451-1000\Software\Ahead\Nero Home\MediaLibrary

Record Number: 99413
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20091027155617.000000-000
Event Type: Upozornění
User: NT AUTHORITY\SYSTEM

Computer Name: Horákovo
Event Code: 6000
Message: Odběratel oznámení přihlašování do systému Windows <SessionEnv> nemohl zpracovat událost upozornění.
Record Number: 99412
Source Name: Microsoft-Windows-Winlogon
Time Written: 20091027155617.000000-000
Event Type: Informace
User:

Computer Name: Horákovo
Event Code: 9009
Message: Správce oken plochy byl ukončen s kódem (0x40010004).
Record Number: 99411
Source Name: Desktop Window Manager
Time Written: 20091027155615.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Horákovo
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: HORÁKOVO$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x268
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 128433
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100806171815.728347-000
Event Type: Úspěch auditu
User:

Computer Name: Horákovo
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: HORÁKOVO$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Účet, jehož pověření bylo použito:
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Cílový server:
Název cílového serveru: localhost
Další informace: localhost

Informace o procesu:
ID procesu: 0x268
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Síťová adresa: -
Port: -

Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 128432
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100806171815.728347-000
Event Type: Úspěch auditu
User:

Computer Name: Horákovo
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-21-2419466016-3890592263-3983030451-1000
Název účtu: Tomášek a Marcelka
Doména účtu: Horákovo
ID přihlášení: 0x1c08c

Oprávnění: SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 128431
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100806171812.984375-000
Event Type: Úspěch auditu
User:

Computer Name: Horákovo
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: HORÁKOVO$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 2

Nové přihlášení:
ID zabezpečení: S-1-5-21-2419466016-3890592263-3983030451-1000
Název účtu: Tomášek a Marcelka
Doména účtu: Horákovo
ID přihlášení: 0x1c0ad
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x2ac
Název procesu: C:\Windows\System32\winlogon.exe

Informace o síti:
Název pracovní stanice: HORÁKOVO
Adresa zdrojové sítě 127.0.0.1
Zdrojový port: 0

Podrobné informace o ověření:
Proces přihlášení: User32
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 128430
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100806171812.984375-000
Event Type: Úspěch auditu
User:

Computer Name: Horákovo
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: HORÁKOVO$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 2

Nové přihlášení:
ID zabezpečení: S-1-5-21-2419466016-3890592263-3983030451-1000
Název účtu: Tomášek a Marcelka
Doména účtu: Horákovo
ID přihlášení: 0x1c08c
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x2ac
Název procesu: C:\Windows\System32\winlogon.exe

Informace o síti:
Název pracovní stanice: HORÁKOVO
Adresa zdrojové sítě 127.0.0.1
Zdrojový port: 0

Podrobné informace o ověření:
Proces přihlášení: User32
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 128429
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100806171812.984375-000
Event Type: Úspěch auditu
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"configsetroot"=%SystemRoot%\ConfigSetRoot
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  netsvcs
  drivers32
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  c:\windows\*.* /U
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  /md5start
  adp3132.sys
  AGP440.sys
  ahcix86.sys
  ahcix86s.sys
  atapi.sys
  autochk.exe
  cdrom.sys
  cngaudit.dll
  cryptsvc.dll
  eNetHook.dll
  eventlog.dll
  explorer.exe
  hal.dll
  Changer.sys
  iaStor.sys
  iastorv.sys
  IdeChnDr.sys
  isapnp.sys
  JakNDis.sys
  KR10N.sys
  logevent.dll
  lsass.exe
  mv61xx.sys
  ndis.sys
  netlogon.dll
  ntelogon.dll
  nvata.sys
  nvatabus.sys
  nvgts.sys
  nvraid.sys
  nvrd32.sys
  nvstor.sys
  nvstor32.sys
  scecli.dll
  sceclt.dll
  smss.exe
  svchost.exe
  symmpi.sys
  tcpip.sys
  userinit.exe
  vaxscsi.sys
  viamraid.sys
  viasraid.sys
  ViPrt.sys
  winlogon.exe
  ws2_32.dll
  /md5stop
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job /lockedfiles
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  CREATERESTOREPOINT

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 5 az 10 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Akorát mám ještě dotaz, počítač takhle blbne od víkendu 19.- 20.2., mám i přesto u kontroly zaškrtnout "stáří souboru - 7 dní" ?

Dejte 14 dni tedy

OTL Extras logfile created on: 1.3.2011 14:25:59 - Run 1
OTL by OldTimer - Version 3.2.22.2 Folder = C:\Users\Tomášek a Marcelka\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 59,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 231,42 Gb Total Space | 100,83 Gb Free Space | 43,57% Space Free | Partition Type: NTFS
Drive M: | 1,46 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive N: | 3,66 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive P: | 2,25 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: HORÁKOVO | User Name: Tomášek a Marcelka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2419466016-3890592263-3983030451-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001A15E7-24D8-4D6D-A8C9-094AFE4B7FD4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{013EE167-9871-465B-A1CC-CF6186916CE3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{066CA5BA-2C01-48EB-ACEF-31371A108913}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0D4BAEFF-C39F-4D93-94D9-D808B9FD4B4B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{0DA26540-8467-4DD6-9094-A04CFC7831EB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{0E0579AF-7C9A-4395-8E89-9BDF0B0E4295}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1489CE51-E7B9-419A-96B0-ABCC658ADBE7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1EC518AD-F508-45D1-92B5-4F54B616EA31}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{1FE9A980-0BBE-47CB-889A-A457ADBCBF15}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2A42267C-2A3F-4396-B222-D95F4CD68DDF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C7EBF1C-2172-4FA3-BFF3-05CFAFF83A6F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2EC3B85F-F919-46FF-B552-2E150FDD3714}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{3546B297-08B7-4AEB-BCCB-3A897E828370}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{360BF969-8770-41ED-877C-49F73263EAB4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{49781F98-98A4-4803-A3E8-D4AA1A1BBCE2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4D921DB2-309A-4BE9-81CD-154E7E4457CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{513A4481-1C36-483B-960A-4566279CDB5B}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{525CC347-2F76-4540-86E6-C6D0EC640FC9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5AF5E31D-D8EF-426A-8E40-476112CB371E}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{5D8BEE00-B06E-4F05-8BEF-0C75D69DC57A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5F6618CC-24C3-43FE-80A2-3448F61958AD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{61FE73D7-0ECE-40CA-9BC6-56161CFB2385}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{713DCC2A-6637-483C-AEF9-A7887C00D20D}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{71463022-640C-4F48-B76E-20A9FBCC9BF0}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{74EB18D5-4D68-460D-9E16-9B4DF8AA706F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{753194AE-A31B-4BCD-9904-BB859BDB5315}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7F754568-2EA2-4E94-862F-F764E7EF2A1A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8B952F1B-0E4F-45A2-AA2C-27C29DE43B83}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{9708FE49-01D2-4A79-BC9A-9F5AAD4BA4E3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9736EA35-8142-42D8-AB2A-A16F67F59FBD}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{987A79A7-0BC7-4663-978D-9D7DECD7794F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A6A7D6C6-7475-483E-9805-71350181F617}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AC5D7803-9C0E-48C9-BEDD-97479BC760BE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B17A43D6-F2A3-48AB-AD10-5322D432FF2C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B6BC7CDB-1C9B-4602-8D02-C272C360D087}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{B9BAF728-E876-4D64-904D-22EF81559FE4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BE33FE5B-BCC5-4807-887D-37BF22E0B9B6}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{C41ABC57-1774-4C11-A490-BB3D2C785654}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{C4A3324C-C4A5-46D0-A0C8-F1EA70E30B75}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C5EEE8A7-8DE8-42CD-8E6E-AFF81E0DB944}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C957B88B-57C9-47A1-8171-C118182B5E72}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{CA941CD5-7CEE-43F0-B906-856A8C0B7A2D}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{CCB1E65C-5503-4767-B848-AF1B17C89995}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D2380E75-B78A-47CA-90C5-CC2B8F9B3AAF}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{D8938EFB-71B2-4BFB-A1DD-1392A8330390}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DBA0D318-CB66-4B73-8B34-4B9F6DBC78F8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DD7A1B8C-76BD-47D3-BB53-4D7882151E44}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E130E632-5463-4D30-8B0C-F9ED50CAC0C3}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{E1FD7C2F-14AE-4C92-9EB9-473847A23DDB}" = protocol=17 | dir=in | app=c:\program files\electronic arts\the battle for middle-earth (tm) ii\game.dat |
"{E71E75B0-6CBA-4B6E-90A3-DCB6806A53AF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EBBFF3E7-13D3-43DE-9AE7-CA086C1382EE}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{ECDF6398-1FDF-44AB-B0DE-FBB187B33C63}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F6D3C5EA-BFD6-44F1-9ED7-0BABDA21CF27}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{FA488AEE-3CE2-4567-AC80-EE2C45835C0E}" = protocol=6 | dir=in | app=c:\program files\electronic arts\the battle for middle-earth (tm) ii\game.dat |
"TCP Query User{1938D2A7-1E06-4A79-9834-0796895BBD61}C:\users\tomášek a marcelka\appdata\local\temp\tempfile.exe" = protocol=6 | dir=in | app=c:\users\tomášek a marcelka\appdata\local\temp\tempfile.exe |
"TCP Query User{3266C141-B605-4AB6-8601-01EBD3F66BEC}C:\program files\strategy first\etherlords ii\etherlords2.exe" = protocol=6 | dir=in | app=c:\program files\strategy first\etherlords ii\etherlords2.exe |
"TCP Query User{34760DA7-4440-4DC3-B351-CCBDE0FF64F2}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{378D6975-98B6-4BF7-8E45-E7A7E51D7559}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{415942FE-481A-43C3-8C63-842D3E9394D8}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{4961275E-5400-4836-A9A0-09F9137650AE}C:\hry\download\strongdc.exe" = protocol=6 | dir=in | app=c:\hry\download\strongdc.exe |
"TCP Query User{945F32FC-FED8-480A-BE79-A846BB6ED110}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{C193A360-DCB9-463B-AB67-16D86C0CB0CE}C:\programdata\kaspersky lab setup files\kaspersky anti-virus 2009\czech\setup.exe" = protocol=6 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky anti-virus 2009\czech\setup.exe |
"TCP Query User{C6DEFB10-420A-4D0E-B39B-9B75D582B7EE}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{CD340BC6-A96C-4F4C-B831-865C4C1420D6}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{E8C872C7-3EFC-4DFA-81A5-0B56D5961BFD}C:\users\tomášek a marcelka\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\tomášek a marcelka\program files\dna\btdna.exe |
"UDP Query User{05C81640-2B63-4F17-B09D-9FEC12203A3C}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{09C5FB51-AA1B-4711-B9AD-FA83C94FF95A}C:\users\tomášek a marcelka\appdata\local\temp\tempfile.exe" = protocol=17 | dir=in | app=c:\users\tomášek a marcelka\appdata\local\temp\tempfile.exe |
"UDP Query User{45DA9EFF-CC64-4771-8994-220353CCC915}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{5BC37EE4-93E1-4342-BC13-6A89239A0BCD}C:\hry\download\strongdc.exe" = protocol=17 | dir=in | app=c:\hry\download\strongdc.exe |
"UDP Query User{5DAC8F77-8926-474D-BD37-E65E12E3696F}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{8273EE15-1518-4AF1-B3D1-953C892B74CB}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{91DD3F27-B780-4DA0-8092-8C354A0BC1B4}C:\users\tomášek a marcelka\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\tomášek a marcelka\program files\dna\btdna.exe |
"UDP Query User{9D936B67-CA09-4052-BD95-C7D9C8596356}C:\program files\strategy first\etherlords ii\etherlords2.exe" = protocol=17 | dir=in | app=c:\program files\strategy first\etherlords ii\etherlords2.exe |
"UDP Query User{A3B5E882-F992-4076-AA40-855CADFA2E01}C:\programdata\kaspersky lab setup files\kaspersky anti-virus 2009\czech\setup.exe" = protocol=17 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky anti-virus 2009\czech\setup.exe |
"UDP Query User{C670AF5F-A8DA-4310-8AFB-60BECC2B4B16}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{D00F50D5-1594-4456-8596-9E183BEF061D}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02095E3B-C22E-4A1A-88C6-4443E5112E67}" = Trust WB-1400T Webcam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{204BB4EF-68AC-454B-857E-431336B4188A}" = ESET NOD32 Antivirus
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 16
"{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.2
"{31CF6C0E-51F0-41D2-B088-A6A143C4303C}" = SweetIM Toolbar for Internet Explorer 3.6
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3B416FDA-CB3E-4514-9616-763E5B0D1140}" = Secret Files Tunguska
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{648F9C94-EC44-487B-9DA4-44ED72A082CC}" = Logitech Gaming Software
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8767803C-BDAC-404B-99EC-947B8A7CE5BA}" = Auta: Dobrodružství z Kardanové Lhoty
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9799BD05-5F89-484C-008E-F50592F53440}" = Harry Potter a ohnivý pohár™
"{9935746D-9D0D-4D8D-A286-44FBD123E88C}" = Panda Craze Gold
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AAB93551-3FFE-42B2-8315-96252BBC1029}" = Nero 7 Essentials
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B69F28DF-CBB1-41B7-008A-210E4D0518FC}" = Harry Potter and the Order of the Phoenix™
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BAF49915-037B-4CC0-AE39-9FCBAA6D3C1E}_is1" = Tibor - Tale of a Kind Vampire
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D6782F44-58DB-4DE5-A65C-890320CF3F99}" = Prince of Persia The Two Thrones
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8
"{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}" = Prince of Persia T2T
"{E34E9B33-46EC-4252-A52F-DDA3978CC0AF}" = Syberia
"{E61CAE2E-6D6E-43C1-941B-17A69BC144C5}" = 602XML Filler
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.078
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}" = Media Go
"4 Elements_is1" = 4 Elements 1.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Battle for Wesnoth 1.7.6" = Battle for Wesnoth 1.7.6
"BFGC" = Big Fish Games: Game Manager
"BFG-Fishdom 2" = Fishdom 2
"BFG-Mystery Case Files - Dire Grove" = Mystery Case Files&reg;: Dire Grove™
"BFG-Restaurant Empire" = Restaurant Empire
"BFG-Sky Taxi 2 - Storm 2012" = Sky Taxi 2: Storm 2012
"BFG-The Omega Stone - Riddle of the Sphinx II" = The Omega Stone: Riddle of the Sphinx II
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Cradle Of Rome 2 Just For Fun Games" = Cradle Of Rome 2 Just For Fun Games
"Defraggler" = Defraggler
"e82e0fc16e9d0018e614cb2044d3715a-31170409" = Věda hrou
"EldoradoPuzzle_is1" = Eldorado Puzzle
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX100_TX100 Uživatelská příručka" = EPSON Stylus SX100_TX100 Manuál
"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall
"Fishdom Harvest Splash1.0" = Fishdom Harvest Splash
"GOM Player" = GOM Player
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Heroes of Hellas 2 Olympia_is1" = Heroes of Hellas 2 Olympia
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{02095E3B-C22E-4A1A-88C6-4443E5112E67}" = Trust WB-1400T Webcam
"Kitten Sanctuary1.2" = Kitten Sanctuary
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mio More Desktop_is1" = Mio More Desktop 2
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"PowerISO" = PowerISO
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PSPad editor_is1" = PSPad editor
"Puzzle Hero1.0" = Puzzle Hero
"Puzzle Quest1.01" = Puzzle Quest
"Sky Taxi 3 - The Movie1.0" = Sky Taxi 3 - The Movie
"szn-software-postak" = Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.)
"Tropical Fish Shop 21.0" = Tropical Fish Shop 2
"Tropix 2" = Tropix 2
"Turtix Rescue Adventure1.2" = Turtix Rescue Adventure
"VLC media player" = VideoLAN VLC media player 0.8.6e
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2419466016-3890592263-3983030451-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10.2.2011 15:30:47 | Computer Name = Horákovo | Source = VSS | ID = 8194
Description =

Error - 10.2.2011 15:31:47 | Computer Name = Horákovo | Source = System Restore | ID = 8193
Description =

Error - 13.2.2011 18:57:42 | Computer Name = Horákovo | Source = EventSystem | ID = 4622
Description =

Error - 13.2.2011 18:58:31 | Computer Name = Horákovo | Source = Application Hang | ID = 1002
Description = Program H5_Game.exe verze 3.0.1.141 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID
procesu: c34 Čas zahájení: 01cbcbd11e45cf8f Čas ukončení: 15

Error - 14.2.2011 7:26:29 | Computer Name = Horákovo | Source = Application Error | ID = 1000
Description = Chybující aplikace Tropix2.exe, verze 0.0.0.0, časové razítko 0x48a89756,
chybující modul Tropix2.exe, verze 0.0.0.0, časové razítko 0x48a89756, kód výjimky
0xc0000005, posun chyby 0x0023ba80, ID procesu 0xd10, čas spuštění aplikace 0x01cbcc396bde3fb4.

Error - 18.2.2011 13:41:36 | Computer Name = Horákovo | Source = Application Hang | ID = 1002
Description = Program Game.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů. ID procesu:
518 Čas zahájení: 01cbcf8e2ba83b24 Čas ukončení: 44

Error - 19.2.2011 5:04:42 | Computer Name = Horákovo | Source = VSS | ID = 8194
Description =

Error - 20.2.2011 9:54:07 | Computer Name = Horákovo | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 21.2.2011 11:00:27 | Computer Name = Horákovo | Source = Application Hang | ID = 1002
Description = Program Explorer.EXE verze 6.0.6002.18005 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení
problémů. ID procesu: 5e8 Čas zahájení: 01cbd1d7496317ed Čas ukončení: 1922

Error - 28.2.2011 3:35:49 | Computer Name = Horákovo | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19019, časové razítko
0x4d0c3d4c, chybující modul mshtml.dll, verze 8.0.6001.19019, časové razítko 0x4d0c53b1,
kód výjimky 0xc0000005, posun chyby 0x00240393, ID procesu 0x460, čas spuštění aplikace
0x01cbd717e27a9222.

[ Media Center Events ]
Error - 10.12.2010 15:06:59 | Computer Name = Horákovo | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 11.12.2010 10:37:19 | Computer Name = Horákovo | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 11.12.2010 16:37:25 | Computer Name = Horákovo | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 11.12.2010 17:04:19 | Computer Name = Horákovo | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 12.12.2010 10:03:29 | Computer Name = Horákovo | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 12.12.2010 13:34:03 | Computer Name = Horákovo | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 12.12.2010 14:17:07 | Computer Name = Horákovo | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 20.12.2010 15:21:29 | Computer Name = Horákovo | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 20.12.2010 15:45:31 | Computer Name = Horákovo | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 20.12.2010 16:07:25 | Computer Name = Horákovo | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

[ OSession Events ]
Error - 3.1.2009 0:00:46 | Computer Name = Horákovo | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 207
seconds with 180 seconds of active time. This session ended with a crash.

Error - 24.3.2009 5:01:08 | Computer Name = Horákovo | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 56
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12.5.2009 11:52:02 | Computer Name = Horákovo | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 573
seconds with 480 seconds of active time. This session ended with a crash.

Error - 19.5.2009 11:23:24 | Computer Name = Horákovo | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1534
seconds with 1080 seconds of active time. This session ended with a crash.

Error - 19.6.2009 3:26:01 | Computer Name = Horákovo | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5983
seconds with 3480 seconds of active time. This session ended with a crash.

Error - 26.7.2009 12:18:15 | Computer Name = Horákovo | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 6882
seconds with 3180 seconds of active time. This session ended with a crash.

Error - 23.8.2010 10:08:01 | Computer Name = Horákovo | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 244
seconds with 180 seconds of active time. This session ended with a crash.

Error - 30.10.2010 14:50:43 | Computer Name = Horákovo | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 34871
seconds with 10680 seconds of active time. This session ended with a crash.

Error - 9.11.2010 2:05:39 | Computer Name = Horákovo | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 50
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12.12.2010 12:29:04 | Computer Name = Horákovo | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 22449
seconds with 10620 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 1.3.2011 9:53:24 | Computer Name = Horákovo | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 1.3.2011 9:53:25 | Computer Name = Horákovo | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 1.3.2011 9:53:27 | Computer Name = Horákovo | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 1.3.2011 9:53:29 | Computer Name = Horákovo | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 1.3.2011 9:53:31 | Computer Name = Horákovo | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 1.3.2011 9:53:33 | Computer Name = Horákovo | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 1.3.2011 9:53:34 | Computer Name = Horákovo | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 1.3.2011 9:53:36 | Computer Name = Horákovo | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 1.3.2011 9:53:38 | Computer Name = Horákovo | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 1.3.2011 9:53:40 | Computer Name = Horákovo | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.


< End of report >

1. část

OTL logfile created on: 1.3.2011 14:25:59 - Run 1
OTL by OldTimer - Version 3.2.22.2 Folder = C:\Users\Tomášek a Marcelka\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 59,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 231,42 Gb Total Space | 100,83 Gb Free Space | 43,57% Space Free | Partition Type: NTFS
Drive M: | 1,46 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive N: | 3,66 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive P: | 2,25 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: HORÁKOVO | User Name: Tomášek a Marcelka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days

========== Processes (SafeList) ==========

PRC - [2011.03.01 14:11:54 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Tomášek a Marcelka\Desktop\OTL.exe
PRC - [2011.01.12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011.01.12 16:41:24 | 002,219,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.09.03 15:39:04 | 000,225,280 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\UAService7.exe
PRC - [2008.01.19 08:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.03.12 09:22:00 | 000,517,768 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe


========== Modules (SafeList) ==========

MOD - [2011.03.01 14:11:54 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Tomášek a Marcelka\Desktop\OTL.exe
MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Plánovač automatické aktualizace LiveUpdate)
SRV - [2011.01.12 16:44:02 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2011.01.12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2010.10.26 16:05:24 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2008.09.03 15:39:04 | 000,225,280 | ---- | M] (Sony DADC Austria AG.) [Auto | Running] -- C:\Windows\System32\UAService7.exe -- (UserAccess7) SecuROM User Access Service (V7)
SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.03.12 09:22:00 | 000,517,768 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe -- (LiveUpdate Notice Service)


========== Driver Services (SafeList) ==========

DRV - [2010.12.21 15:04:06 | 000,137,144 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010.12.21 15:04:06 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.12.21 13:47:38 | 000,095,384 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2010.08.07 16:29:01 | 000,281,504 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.08.07 16:29:00 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.04.12 09:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010.02.11 08:42:22 | 004,450,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2010.02.11 08:42:22 | 004,450,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.03.25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009.03.25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2009.03.25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2009.03.25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009.03.25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2009.03.25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2009.03.25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2009.02.24 17:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009.01.19 19:31:56 | 000,277,544 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2008.11.13 11:39:25 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2006.11.20 08:48:56 | 000,507,136 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PFC027.sys -- (PAC207)
DRV - [2006.11.02 08:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2004.01.26 16:36:35 | 000,095,552 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.01.26 16:01:28 | 000,052,224 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.12.01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.06 13:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011.02.14 17:08:08 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2007.11.12 23:47:43 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - Reg Error: Value error. File not found
O2 - BHO: (D) - {2ACBFCB4-EFE1-3D6A-9CF2-9F200B9C5DDF} - Reg Error: Value error. File not found
O2 - BHO: (Groove Folder Synchronization) - {4AAF2B34-5639-421F-7345-3FBE50B44BB6} - Reg Error: Value error. File not found
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (Ukazatel S-Rank) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.2.dll ()
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [pdfSaver3] File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] File not found
O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] File not found
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: WikiKomentáře Google... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img22.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img22.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.10.14 22:12:23 | 000,000,000 | ---D | M] - M:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2005.10.14 22:02:26 | 000,733,184 | R--- | M] (Electronic Arts Inc.) - M:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2005.10.10 21:32:44 | 000,573,440 | R--- | M] (Electronic Arts Inc.) - M:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2005.10.14 22:11:32 | 000,000,167 | R--- | M] () - M:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2007.06.03 21:44:02 | 000,000,000 | ---D | M] - N:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2007.06.03 22:29:05 | 000,633,928 | R--- | M] (Electronic Arts Inc.) - N:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007.06.03 22:29:06 | 000,588,872 | R--- | M] (Electronic Arts Inc.) - N:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2007.06.03 22:28:58 | 000,000,174 | R--- | M] () - N:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006.06.15 17:36:42 | 000,196,608 | R--- | M] () - P:\AutoStarter.exe -- [ CDFS ]
O32 - AutoRun File - [2006.04.24 10:57:26 | 000,000,050 | R--- | M] () - P:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006.07.06 10:07:02 | 000,578,654 | R--- | M] () - P:\autostart.bmp -- [ CDFS ]
O32 - AutoRun File - [2006.08.16 08:37:16 | 000,001,412 | R--- | M] () - P:\autostart.dat -- [ CDFS ]
O32 - AutoRun File - [2006.06.14 07:26:50 | 000,001,132 | R--- | M] () - P:\autostart.ini -- [ CDFS ]
O33 - MountPoints2\{046996c5-a938-11dc-84f6-0019db8edfda}\Shell - "" = AutoRun
O33 - MountPoints2\{046996c5-a938-11dc-84f6-0019db8edfda}\Shell\AutoRun\command - "" = J:\start.exe ar
O33 - MountPoints2\{046996c5-a938-11dc-84f6-0019db8edfda}\Shell\readme1\command - "" = notepad \ctimne.txt
O33 - MountPoints2\{046996c5-a938-11dc-84f6-0019db8edfda}\Shell\readme11\command - "" = notepad \ctimne.txt
O33 - MountPoints2\{046996c5-a938-11dc-84f6-0019db8edfda}\Shell\readme2\command - "" = notepad \ctimne.txt
O33 - MountPoints2\{046996c5-a938-11dc-84f6-0019db8edfda}\Shell\start\command - "" = J:\START.EXE
O33 - MountPoints2\{2ab2ec5e-67ea-11df-9a05-0019db8edfda}\Shell - "" = AutoRun
O33 - MountPoints2\{2ab2ec5e-67ea-11df-9a05-0019db8edfda}\Shell\AutoRun\command - "" = M:\AutoRun.exe -- [2005.10.14 22:02:26 | 000,733,184 | R--- | M] (Electronic Arts Inc.)
O33 - MountPoints2\{38141ffc-6efb-11df-9ba2-0019db8edfda}\Shell - "" = AutoRun
O33 - MountPoints2\{38141ffc-6efb-11df-9ba2-0019db8edfda}\Shell\AutoRun\command - "" = N:\AutoRun.exe -- [2007.06.03 22:29:05 | 000,633,928 | R--- | M] (Electronic Arts Inc.)
O33 - MountPoints2\{5f10b883-8df2-11df-b86e-0019db8edfda}\Shell - "" = AutoRun
O33 - MountPoints2\{5f10b883-8df2-11df-b86e-0019db8edfda}\Shell\AutoRun\command - "" = P:\AutoStarter.exe -- [2006.06.15 17:36:42 | 000,196,608 | R--- | M] ()
O33 - MountPoints2\{8467b120-9a92-11dc-a1b3-0019db8edfda}\Shell - "" = AutoRun
O33 - MountPoints2\{8467b120-9a92-11dc-a1b3-0019db8edfda}\Shell\AutoRun\command - "" = D:\beruska.exe
O33 - MountPoints2\{abc5ec0b-b16f-11dd-bb73-0019db8edfda}\Shell - "" = AutoRun
O33 - MountPoints2\{abc5ec0b-b16f-11dd-bb73-0019db8edfda}\Shell\AutoRun\command - "" = D:\setup.exe
O33 - MountPoints2\{d75de942-fb8a-11df-9c18-0019db8edfda}\Shell - "" = AutoRun
O33 - MountPoints2\{d75de942-fb8a-11df-9c18-0019db8edfda}\Shell\AutoRun\command - "" = Q:\Startme.exe
O33 - MountPoints2\N\Shell - "" = AutoRun
O33 - MountPoints2\N\Shell\AutoRun\command - "" = N:\StartUp.exe
O33 - MountPoints2\Q\Shell - "" = AutoRun
O33 - MountPoints2\Q\Shell\AutoRun\command - "" = Q:\LslLauncher.exe /AUTORUN
O33 - MountPoints2\R\Shell - "" = AutoRun
O33 - MountPoints2\R\Shell\AutoRun\command - "" = R:\setup.exe
O33 - MountPoints2\S\Shell - "" = AutoRun
O33 - MountPoints2\S\Shell\AutoRun\command - "" = S:\Install.exe
O33 - MountPoints2\T\Shell - "" = AutoRun
O33 - MountPoints2\T\Shell\AutoRun\command - "" = T:\datas\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (SsiEfr.exe) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\System32\ff_acm.acm ()
Drivers32: msacm.divxa32 - C:\Windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 14 Days ==========

[2011.03.01 14:11:43 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\Tomášek a Marcelka\Desktop\OTL.exe
[2011.03.01 11:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.03.01 11:35:55 | 000,000,000 | ---D | C] -- C:\rsit
[2011.02.23 09:32:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011.02.23 09:32:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.02.23 09:30:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011.02.23 09:30:04 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011.02.23 09:30:04 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011.02.23 09:30:04 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011.02.23 09:30:03 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011.02.23 09:30:03 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011.02.23 09:30:02 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011.02.23 09:30:02 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011.02.23 09:30:02 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011.02.23 09:30:02 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011.02.23 09:30:02 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011.02.23 09:29:57 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011.02.23 09:29:57 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011.02.23 09:29:57 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011.02.23 09:29:57 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011.02.23 09:29:57 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011.02.19 13:31:48 | 000,000,000 | ---D | C] -- C:\Users\Tomášek a Marcelka\Desktop\pokusy
[2011.02.19 10:20:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tibor
[2011.02.19 10:20:24 | 000,000,000 | ---D | C] -- C:\Program Files\Tibor
[2011.02.19 10:05:08 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2011.02.17 18:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Hellas 2 Olympia
[2011.02.17 18:03:56 | 000,000,000 | ---D | C] -- C:\Program Files\Heroes of Hellas 2 Olympia
[2011.02.15 17:11:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Big Fish Games
[4 C:\Windows\Fonts\*.tmp files -> C:\Windows\Fonts\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2011.03.01 14:26:00 | 000,000,964 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.03.01 14:11:54 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Tomášek a Marcelka\Desktop\OTL.exe
[2011.03.01 13:51:03 | 000,003,952 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.01 13:50:54 | 000,003,952 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.01 11:32:17 | 000,000,201 | ---- | M] () -- C:\Users\Tomášek a Marcelka\Desktop\Centrum.cz.url
[2011.03.01 07:59:21 | 000,607,294 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.03.01 07:59:21 | 000,595,748 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.03.01 07:59:21 | 000,119,760 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.03.01 07:59:21 | 000,105,078 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.03.01 07:50:52 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.03.01 07:50:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.27 11:12:00 | 000,002,635 | ---- | M] () -- C:\Users\Tomášek a Marcelka\Desktop\Microsoft Office Word 2007.lnk
[2011.02.25 12:06:48 | 000,238,080 | ---- | M] () -- C:\Users\Tomášek a Marcelka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.21 21:51:43 | 000,066,532 | ---- | M] () -- C:\config.bin
[2011.02.21 21:51:21 | 000,042,208 | ---- | M] () -- C:\match_0.lev
[2011.02.21 21:51:21 | 000,012,696 | ---- | M] () -- C:\match2_0.mtc
[2011.02.21 21:51:21 | 000,012,696 | ---- | M] () -- C:\match_0.mtc
[2011.02.21 21:38:43 | 000,000,240 | ---- | M] () -- C:\highscores.dat
[2011.02.20 10:32:08 | 000,000,155 | ---- | M] () -- C:\config.lua
[2011.02.20 10:15:21 | 000,002,347 | ---- | M] () -- C:\Windows\System32\WdiSHost.exe
[2011.02.15 18:05:23 | 000,002,355 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.02.15 17:11:29 | 000,001,481 | ---- | M] () -- C:\Users\Public\Desktop\Game Manager.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.02.26 21:31:55 | 000,064,462 | ---- | C] () -- C:\Users\Tomášek a Marcelka\Desktop\Austin-Powers-in-Goldmember(0000056878).srt
[2011.02.23 09:29:58 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011.02.23 09:29:58 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011.02.23 09:29:58 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011.02.21 21:51:21 | 000,042,208 | ---- | C] () -- C:\match_0.lev
[2011.02.21 21:39:52 | 000,012,696 | ---- | C] () -- C:\match2_0.mtc
[2011.02.21 21:39:52 | 000,012,696 | ---- | C] () -- C:\match_0.mtc
[2011.02.21 21:38:43 | 000,000,240 | ---- | C] () -- C:\highscores.dat
[2011.02.21 21:38:33 | 000,066,532 | ---- | C] () -- C:\config.bin
[2011.02.20 10:32:08 | 000,000,155 | ---- | C] () -- C:\config.lua
[2011.02.20 10:15:21 | 000,002,347 | ---- | C] () -- C:\Windows\System32\WdiSHost.exe
[2011.02.15 17:11:29 | 000,001,481 | ---- | C] () -- C:\Users\Public\Desktop\Game Manager.lnk
[2010.11.25 09:52:28 | 000,000,056 | ---- | C] () -- C:\Windows\Milli.ini
[2010.11.19 19:39:19 | 000,000,177 | ---- | C] () -- C:\Windows\disneysy.ini
[2010.09.09 15:50:57 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.09.03 15:36:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.06.24 23:23:30 | 000,000,038 | ---- | C] () -- C:\Windows\H2_Setup.INI
[2010.06.23 11:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.06.23 11:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.05.18 00:47:52 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.04.10 18:07:35 | 000,000,497 | ---- | C] () -- C:\Windows\System32\msupdte.exe
[2010.02.11 06:30:38 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2010.01.02 21:10:14 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010.01.02 21:10:14 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010.01.02 21:10:14 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009.12.29 10:08:57 | 000,000,106 | ---- | C] () -- C:\Users\Tomášek a Marcelka\AppData\Local\fusioncache.dat
[2009.12.04 06:32:32 | 000,001,356 | ---- | C] () -- C:\Users\Tomášek a Marcelka\AppData\Local\d3d9caps.dat
[2009.11.11 18:04:58 | 000,281,504 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009.11.11 18:04:37 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009.10.17 13:49:53 | 000,000,298 | ---- | C] () -- C:\Windows\EReg072.dat
[2009.09.24 08:33:41 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.24 08:33:41 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.08.16 09:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.08.10 21:33:37 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2009.08.10 21:33:37 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2009.08.10 21:33:37 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2009.08.10 21:33:37 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2009.08.10 21:33:37 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2009.08.10 21:33:37 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2009.08.10 21:33:37 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2009.08.10 21:33:37 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2009.08.10 21:33:37 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2009.08.10 21:33:37 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2009.08.10 21:33:37 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2009.08.10 21:33:37 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2009.08.10 21:33:37 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2009.08.10 21:33:37 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2009.08.10 21:33:37 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2009.08.10 21:33:37 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2009.08.10 21:33:37 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2009.08.10 21:33:37 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2009.08.10 21:33:37 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009.08.10 21:23:23 | 000,000,026 | ---- | C] () -- C:\Windows\CDESX100EXPORT.ini
[2009.06.17 17:06:33 | 000,000,000 | ---- | C] () -- C:\Windows\iplayer.INI
[2009.04.23 23:29:16 | 000,189,051 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.03.29 13:56:57 | 043,014,411 | ---- | C] () -- C:\Windows\System32\xa493625.exe
[2009.03.29 13:56:54 | 043,014,411 | ---- | C] () -- C:\Windows\System32\xa491203.exe
[2009.02.21 22:27:44 | 000,015,750 | ---- | C] () -- C:\Users\Tomášek a Marcelka\AppData\Local\slot1.mm1
[2008.12.28 12:35:21 | 095,481,962 | ---- | C] () -- C:\Windows\System32\xa70303890.exe
[2008.12.28 12:34:17 | 095,481,962 | ---- | C] () -- C:\Windows\System32\xa70239406.exe
[2008.12.28 12:33:51 | 095,481,962 | ---- | C] () -- C:\Windows\System32\xa70213562.exe
[2008.12.28 12:33:48 | 095,481,962 | ---- | C] () -- C:\Windows\System32\xa70210656.exe
[2008.11.24 18:55:59 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.11.14 12:18:25 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008.10.21 13:39:19 | 000,000,018 | ---- | C] () -- C:\Windows\compedia.ini
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.06.26 10:52:11 | 000,000,255 | ---- | C] () -- C:\Windows\cncscore.ini
[2008.06.16 11:09:36 | 000,112,640 | ---- | C] () -- C:\Windows\lsb_un20.exe
[2008.05.14 08:43:34 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2008.05.13 21:27:42 | 000,004,599 | ---- | C] () -- C:\Windows\hpdj3600.ini
[2008.02.11 18:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2008.01.18 20:39:36 | 2357,952,512 | ---- | C] () -- C:\ProgramData\sht3.iso
[2008.01.02 16:57:36 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2007.12.08 14:55:02 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2007.11.24 15:13:41 | 000,000,612 | ---- | C] () -- C:\Windows\eReg.dat
[2007.11.12 23:47:20 | 000,051,200 | ---- | C] () -- C:\Windows\System32\dumphive.exe
[2007.11.12 23:47:20 | 000,025,600 | ---- | C] () -- C:\Windows\System32\WS2Fix.exe
[2007.11.12 15:27:13 | 000,049,152 | ---- | C] () -- C:\Windows\System32\VFind.exe
[2007.11.09 23:59:03 | 000,000,000 | ---- | C] () -- C:\Windows\System32\sys_dll.dll
[2007.11.09 22:44:57 | 000,000,355 | -HS- | C] () -- C:\Windows\USB2XP .sys
[2007.11.09 21:16:38 | 000,059,392 | R--- | C] () -- C:\Windows\System32\streamhlp.dll
[2007.10.20 00:23:58 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2007.10.16 15:18:27 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2007.10.12 19:03:37 | 000,238,080 | ---- | C] () -- C:\Users\Tomášek a Marcelka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.08.08 16:30:12 | 000,019,456 | ---- | C] () -- C:\Windows\System32\OnlineScannerLang.dll
[2007.08.02 18:11:28 | 000,253,952 | ---- | C] () -- C:\Windows\System32\OnlineScannerDLLA.dll
[2007.08.02 18:11:14 | 000,241,664 | ---- | C] () -- C:\Windows\System32\OnlineScannerDLLW.dll
[2007.07.27 15:49:02 | 000,225,355 | ---- | C] () -- C:\Windows\System32\lnod32apiW.dll
[2007.07.27 15:49:02 | 000,196,683 | ---- | C] () -- C:\Windows\System32\lnod32apiA.dll
[2007.06.13 11:10:34 | 000,077,824 | ---- | C] () -- C:\Windows\System32\OnlineScannerUninstaller.exe
[2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2007.01.08 22:09:29 | 000,607,294 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2007.01.08 22:09:29 | 000,286,912 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2007.01.08 22:09:29 | 000,119,760 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2007.01.08 22:09:29 | 000,034,724 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2007.01.07 10:23:59 | 000,524,288 | ---- | C] () -- C:\Windows\System32\vspxcore.dll
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,269,576 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,595,748 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,105,078 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\System32\SP207.INI
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.12.05 20:25:22 | 000,139,264 | ---- | C] () -- C:\Windows\System32\lnod32umc.dll
[2005.12.05 13:37:10 | 000,106,496 | ---- | C] () -- C:\Windows\System32\lnod32upd.dll
[2005.01.25 15:15:42 | 000,010,240 | ---- | C] () -- C:\Windows\System32\PA207USD.DLL
[2003.06.24 08:44:54 | 000,051,200 | ---- | C] () -- C:\Windows\System32\ThriXXX010205PNG.dll
[2003.06.24 08:44:40 | 000,023,040 | ---- | C] () -- C:\Windows\System32\ThriXXX010104Z.dll
[2003.06.24 08:44:30 | 000,056,832 | ---- | C] () -- C:\Windows\System32\ThriXXX015003JP2.dll
[2003.05.23 11:08:52 | 000,107,008 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2003.05.23 11:08:52 | 000,020,992 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2002.07.01 15:13:30 | 000,000,224 | -HS- | C] () -- C:\Users\Tomášek a Marcelka\AppData\Roaming\login_setup.dat

========== LOP Check ==========

[2010.03.07 22:36:32 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Ancient Quest of Saqqarah__bfg
[2007.11.12 23:08:55 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Application Data
[2010.12.20 23:25:40 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Awem
[2011.02.26 17:02:31 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Big Fish Games
[2011.02.18 23:31:51 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\BitTorrent
[2009.01.19 18:59:43 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\blg
[2008.11.13 11:39:01 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\DAEMON Tools
[2010.03.22 21:56:01 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\DNA
[2010.04.11 14:05:05 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\EPSON
[2008.10.12 21:29:35 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\ESET
[2009.01.11 22:26:22 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Genimo
[2011.02.24 19:44:09 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\ICQ
[2007.11.10 10:55:01 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\ICQ Toolbar
[2008.10.24 22:33:30 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\iWin
[2010.07.24 10:49:01 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Orneon
[2007.12.05 06:32:46 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\PC Suite
[2007.11.20 13:50:39 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\PCToolsFirewallPlus
[2009.07.31 17:07:10 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Pi Eye Games
[2010.01.02 20:28:16 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Playrix Entertainment
[2010.08.10 21:39:51 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\ProtectDisc
[2010.05.01 09:54:01 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\RainbowGames
[2008.10.17 13:24:27 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Reflexive
[2008.12.28 17:23:35 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Saqqarah
[2010.12.13 14:52:40 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Sky Bros
[2010.11.29 17:28:55 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Sony
[2010.11.29 17:21:48 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Sony Setup
[2010.06.01 21:32:17 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\The Inquisitor
[2010.02.07 13:40:09 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Try2
[2010.03.27 20:51:46 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\TuxPaint
[2010.11.20 22:59:49 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Vastar
[2010.07.22 17:46:00 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\VistaCodecs
[2011.01.06 21:35:19 | 000,000,316 | ---- | M] () -- C:\Windows\Tasks\Defraggler Volume C Task.job
[2006.11.02 09:47:18 | 000,000,004 | -HS- | M] () -- C:\Windows\Tasks\FOLDER.TSX
[2011.02.28 23:36:29 | 000,032,550 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.01.28 08:13:41 | 000,000,444 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{00889C5B-2733-4129-8429-44D927EAE9DC}.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2009.12.27 12:05:04 | 000,039,408 | ---- | M] (Google Inc.)

< c:\windows\*.* /U >
[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.11.09 09:05:50 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Adobe
[2008.12.27 19:22:43 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Ahead
[2010.03.07 22:36:32 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Ancient Quest of Saqqarah__bfg
[2009.07.04 21:08:32 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Apple Computer
[2007.11.12 23:08:55 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Application Data
[2010.09.03 15:38:16 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\ATI
[2010.12.20 23:25:40 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Awem
[2011.02.26 17:02:31 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Big Fish Games
[2011.02.18 23:31:51 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\BitTorrent
[2009.01.19 18:59:43 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\blg
[2008.01.08 17:34:25 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\CyberLink
[2008.11.13 11:39:01 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\DAEMON Tools
[2009.09.05 22:38:31 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\DivX
[2010.03.22 21:56:01 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\DNA
[2009.03.11 14:15:09 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\dvdcss
[2010.04.11 14:05:05 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\EPSON
[2008.10.12 21:29:35 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\ESET
[2009.01.11 22:26:22 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Genimo
[2009.03.30 13:08:11 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Google
[2010.07.22 17:28:31 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\GRETECH
[2011.02.24 19:44:09 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\ICQ
[2007.11.10 10:55:01 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\ICQ Toolbar
[2010.06.17 09:56:03 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\InstallShield
[2008.10.24 22:33:30 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\iWin
[2009.11.15 10:00:48 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Macromedia
[2010.03.29 02:34:44 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Media Player Classic
[2010.11.29 17:24:05 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Microsoft
[2009.06.11 09:37:10 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Mozilla
[2010.07.24 10:49:01 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Orneon
[2007.12.05 06:32:46 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\PC Suite
[2007.11.20 13:50:39 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\PCToolsFirewallPlus
[2009.07.31 17:07:10 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Pi Eye Games
[2010.01.02 20:28:16 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Playrix Entertainment
[2010.08.10 21:39:51 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\ProtectDisc
[2010.07.24 07:40:06 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\PSpad
[2010.05.01 09:54:01 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\RainbowGames
[2010.09.03 18:55:31 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Real
[2008.10.17 13:24:27 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Reflexive
[2008.12.28 17:23:35 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Saqqarah
[2011.02.26 17:11:48 | 000,000,000 | RH-D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\SecuROM
[2010.12.13 14:52:40 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Sky Bros
[2011.02.15 21:44:31 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Skype
[2011.02.15 18:05:29 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\skypePM
[2010.11.29 17:28:55 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Sony
[2010.11.29 17:21:48 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Sony Setup
[2008.07.18 14:06:46 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Symantec
[2010.06.01 21:32:17 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\The Inquisitor
[2010.02.07 13:40:09 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Try2
[2010.03.27 20:51:46 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\TuxPaint
[2010.11.20 22:59:49 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Vastar
[2010.07.22 17:46:00 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\VistaCodecs
[2010.08.20 22:28:56 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\vlc
[2007.11.10 11:05:34 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2007.03.22 11:46:40 | 000,126,976 | ---- | M] () -- C:\Users\Tomášek a Marcelka\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2011.01.23 17:45:00 | 000,153,600 | ---- | M] (Gretech Corporation) -- C:\Users\Tomášek a Marcelka\AppData\Roaming\GRETECH\GomPlayer\GrLauncherTempSetup.exe
[2009.10.10 08:07:54 | 000,038,208 | ---- | M] () -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010.11.29 17:24:05 | 000,010,134 | R--- | M] () -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe
[2009.07.18 10:09:44 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Real\RealPlayer\Update\realplayer11gold.exe
[2009.12.04 02:00:45 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Real\Update\setup3.09\setup.exe
[2010.06.16 13:34:38 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Real\Update\setup3.10\setup.exe
[2009.06.16 18:56:36 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Real\Update\temp\~Upg0\realplayer11gold.exe
[2009.06.24 21:05:44 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Real\Update\temp\~Upg1\realplayer11gold.exe
[2009.07.01 21:05:43 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Real\Update\temp\~Upg2\realplayer11gold.exe
[2009.07.10 21:05:50 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Real\Update\temp\~Upg3\realplayer11gold.exe
[2009.07.18 10:09:43 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Tomášek a Marcelka\AppData\Roaming\Real\Update\temp\~Upg4\realplayer11gold.exe


< MD5 for: AGP440.SYS >
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.02.14 08:15:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.02.14 08:15:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.02.14 08:15:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

2. část

< MD5 for: AUTOCHK.EXE >
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.19 08:33:01 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 10:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2006.11.02 10:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2008.01.19 08:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2007.11.15 08:37:47 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2007.11.15 08:37:46 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.11 07:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: IASTORV.SYS >
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006.11.02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\drivers\isapnp.sys
[2006.11.02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.06.15 13:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 15:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009.06.15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 08:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2006.11.02 10:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2009.06.15 14:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 05:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 13:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 14:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 12:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 15:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.19 08:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.19 08:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.19 08:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.02.13 09:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006.11.02 10:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008.01.19 08:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.01.19 08:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.19 08:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\drivers\nvraid.sys
[2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2008.01.19 08:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2006.11.02 10:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe

< MD5 for: SVCHOST.EXE >
[2006.11.02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2008.01.10 06:57:58 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=028061C7F6D2D03068C72E2A27E4228A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16567_none_5f6577ce925d75a7\tcpip.sys
[2009.04.11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.02.18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2008.01.10 06:57:57 | 000,804,352 | ---- | M] (Microsoft Corporation) MD5=43EAE40B50FE3E60D194DD9C97EBB1FD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20689_none_5fdb7555ab898001\tcpip.sys
[2009.12.08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2008.02.14 08:15:00 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.12.08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2008.02.14 08:15:00 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2010.06.16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2010.06.16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2008.04.26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\System32\drivers\tcpip.sys
[2010.06.16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009.12.08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006.11.02 09:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010.02.18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.19 08:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.11.02 10:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2008.01.19 08:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008.01.19 08:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.11.13 11:39:25 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.03.01 13:50:54 | 000,003,952 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.01 13:51:03 | 000,003,952 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.01 07:59:21 | 000,119,760 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.03.01 07:59:21 | 000,105,078 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.03.01 07:59:21 | 000,607,294 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.03.01 07:59:21 | 000,595,748 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.03.01 07:59:21 | 001,421,342 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:B91EDB04
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:12D2EB9C
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:F2AF86D9
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:95198126
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:28CDD861
@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:FDDD8917
@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:C07A6A6B
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:E51234A9
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:8BA6C9F8
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5E9B629B
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:59C113EC
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:31106FCB
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:2FC7B9E4
@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:177313FB
@Alternate Data Stream - 85 bytes -> C:\ProgramData:$SS_DESCRIPTOR_PVX2VCGKMVF9FFNYTKBRVLNGCMXNGCEVSFMLYELVR4EMGY8PPGDFVVVVVVVVVVVVV
@Alternate Data Stream - 48 bytes -> C:\Windows:C54D0A8E7A936E88
@Alternate Data Stream - 239 bytes -> C:\ProgramData\TEMP:92D91D7E
@Alternate Data Stream - 236 bytes -> C:\ProgramData\TEMP:661DC753
@Alternate Data Stream - 235 bytes -> C:\ProgramData\TEMP:01070CA7
@Alternate Data Stream - 234 bytes -> C:\ProgramData\TEMP:A02025CE
@Alternate Data Stream - 232 bytes -> C:\ProgramData\TEMP:DAB09BDB
@Alternate Data Stream - 207 bytes -> C:\ProgramData\TEMP:D4C72290
@Alternate Data Stream - 203 bytes -> C:\ProgramData\TEMP:732E4B72
@Alternate Data Stream - 201 bytes -> C:\ProgramData\TEMP:3766E957
@Alternate Data Stream - 200 bytes -> C:\ProgramData\TEMP:8917A3FD
@Alternate Data Stream - 163 bytes -> C:\ProgramData\TEMP:55020C86
@Alternate Data Stream - 161 bytes -> C:\ProgramData\TEMP:79F42BCC
@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:7B5E0526
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:BF6C81B2
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:6C75AF4C
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:491270B8
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:30E0D641
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:E7B4296D
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:6FD36C4B
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:64170090
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:2832349A
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:0ADF7EEE
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:F9EDCFB0
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:1BD02801
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:C4AB79AE
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:9E76E7F3
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:9825B52E
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:898D0B77
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:500F73A8
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:4F7FE589
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:0E8117B1
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:FC70A22A
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:AC733A73
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:21BB9E99
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:EA1919C7
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:C7F08EA3
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:3B4DA230
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:397D67BA
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:160ADF0B
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:124B94C0
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:F19A4790
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:D7B7645F
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:95FC57E0
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:9491C9C7
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:0785072C
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:EAF954B6
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:E14FA16F
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:CCB49694
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:A4AF8D0D
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:696F7DA7
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:63B94956
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:123A86B5
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:E8B9B48F
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:A5584049
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:91A12471
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:89C28CF6
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:78739EC9
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:32FFF2D1
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:E1610EDC
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:708AB985
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:57176330
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:4AA3DAA3
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:2775F9E2
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:0EC7A545
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:E6C6EB3B
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:E5B6B9C5
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:DDF112BD
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:92FE8A60
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:2E3F04BC
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:2245476B
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:C49A5AD1
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:90865A6D
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:88A44CC1
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:3086B95F
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:0BBF232A
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:041C0562
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:F84B8DB5
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:EB4FEEF5
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:B37E855B
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:AEEC88F6
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:6387AA6C
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:0F3F6B1E
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:FED25C29
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:D4BB0AD6
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:C31F31E6
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:700B9342
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:2D1AE3BE
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:2AE74FF9
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:E411AA0D
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:8E5EA40F
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:7A032A04
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:697DDE2B
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:436BE28C
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:3D186293
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:EF0C5444
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:EB42AC3C
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:94B46CA2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:5025C6E4
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:2D78CEB3
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:206470A5
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:0588E665
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:E9FAC3AB
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D31BE97C
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:C22674B6
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:BEA2EFEE
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:614F17D3
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:5CE91C67
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:47C57855
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:1F7A10DD
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:C3D26A8A
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5D351BC6
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5A15BCD4
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:03DF2E8E
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:ED2998F5
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:C9B27A06
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:99862B77
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:7E082023
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:7881FECE
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:69AF9D20
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:48C30809
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:2D3CB929
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:DB77E2C4
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:D453E38B
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:55818279
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:48977386
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:3539CD43
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:F3029A65
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:D1D597D0
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:9290C91C
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:8C6D2EC3
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:61FEC5E3
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:5F7DD688
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:4A2862FF
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:329BA65B
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:260575F1
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:F44D3C53
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:F28DF4DC
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DAF190FE
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:D8D58038
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:834DD57E
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:6017A808
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:58C9BCAC
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:51E83E25
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:4EE323A4
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:47A24D4B
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:45F3AD49
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:2DAD076E
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:07CBFAD5
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:E2CFA9CD
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:CF61CE5A
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:9E4DE21B
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:98982C88
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:84CFEE62
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:569CEE83
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:4DDE401B
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:0406003C
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:FC8FFA4E
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:C0913157
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:AC0528D9
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:737160C1
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5D17C178
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:358505CF
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:0988A428
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:F1DEA771
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:D48500F8
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:A4E7D25F
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:74091520
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:3E06C78F
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:38F6DFA8
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:35A81752
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:04CE8640
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:EC20549D
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:E80802C7
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:CB16385F
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:A58B27C9
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:A18D1A5B
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:8DF68137
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:80EA2EA3
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:620EC79A
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:4FA837B4
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:EB40BC91
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:E1FE3F7F
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:97C4F81F
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:7B52659E
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:2F6462DF
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:238F74BA
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:880F0FEF
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:848CC150
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:7FD903D7
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:2EA99C48
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:2512FA90
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:102394C6
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:A60D4837
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:6AF67671
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:29629382
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:090FB735
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:FF251D87
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:BC2A20FD
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:AFB24B00
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:A6D89509
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:96C9689F
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:90015502
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:7B2BB690
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:65B8AF94
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:51F17BB8
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:4DCAC4BC
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:370E4EFB
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:2B1EA607
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:C7857F06
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:B90C7652
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:B845F669
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:96C05DC7
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:53DF59D1
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:3BD4D405
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:008586AE
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:F7370879
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:E07230CC
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:663B62CA
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:61AF2B29
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:2BC498A4
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:F1175E1D
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C9FD258B
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:A3B8F70C
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:870649A4
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:0F0A5896
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:0ED4AC2F
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:F6C0CA66
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:F14D1F80
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:2F0007D6
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:13FB6DB8
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:A0A7408F
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:8401B6D5
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:797D7632
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:04560D68
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:561B1D2B
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:EE39C93C
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:7A0FEE87
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:78E0DF72
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:3D36932D
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:E91ADC66
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:E5294695
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:BB3CECA4
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:95775248
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:364682BC
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:1CB3187E
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:FA206A00
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:A4076A3B
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:3C282BEA
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:3595B780
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:25249477
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:1ECED34B
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:3807D082
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:EEB25EAE
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:8A6A2C1E
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:70E897B5
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:5C6EBC69
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:50DD4118
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:3313A48D
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:FB97DB91
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:4FE30352
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:3991CD7D
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:1A8BB29B

< End of report >

Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)

• Stahne a ulozte na plochu UsbFix http://www.viry.cz/forum/viewtopic.php?f=24&t=102308
• Spustte a kliknete na Deletion
• Po dokonceni sem vlozte log, pokud na Vas nevyskoci, najdete jej zde C:\UsbFix.txt

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
  IE - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
  IE - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
  O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - Reg Error: Value error. File not found
  O2 - BHO: (D) - {2ACBFCB4-EFE1-3D6A-9CF2-9F200B9C5DDF} - Reg Error: Value error. File not found
  O2 - BHO: (Groove Folder Synchronization) - {4AAF2B34-5639-421F-7345-3FBE50B44BB6} - Reg Error: Value error. File not found
  O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
  O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
  O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
  O3 - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
  O3 - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
  O3 - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
  O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] File not found
  O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] File not found
  O15 - HKU\S-1-5-21-2419466016-3890592263-3983030451-1000\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
  O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
  O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)¨
  [4 C:\Windows\Fonts\*.tmp files -> C:\Windows\Fonts\*.tmp -> ]
  [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  [2011.03.01 14:26:00 | 000,000,964 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  [2011.03.01 07:50:52 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  [2007.11.10 10:55:01 | 000,000,000 | ---D | M] -- C:\Users\Tomášek a Marcelka\AppData\Roaming\ICQ Toolbar
  @Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:B91EDB04
  @Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:12D2EB9C
  @Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:F2AF86D9
  @Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:95198126
  @Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:28CDD861
  @Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:FDDD8917
  @Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:C07A6A6B
  @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:E51234A9
  @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:8BA6C9F8
  @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5E9B629B
  @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:59C113EC
  @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:31106FCB
  @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:2FC7B9E4
  @Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:177313FB
  @Alternate Data Stream - 85 bytes -> C:\ProgramData:$SS_DESCRIPTOR_PVX2VCGKMVF9FFNYTKBRVLNGCMXNGCEVSFMLYELVR4EMGY8PPGDFVVVVVVVVVVVVV
  @Alternate Data Stream - 48 bytes -> C:\Windows:C54D0A8E7A936E88
  @Alternate Data Stream - 239 bytes -> C:\ProgramData\TEMP:92D91D7E
  @Alternate Data Stream - 236 bytes -> C:\ProgramData\TEMP:661DC753
  @Alternate Data Stream - 235 bytes -> C:\ProgramData\TEMP:01070CA7
  @Alternate Data Stream - 234 bytes -> C:\ProgramData\TEMP:A02025CE
  @Alternate Data Stream - 232 bytes -> C:\ProgramData\TEMP:DAB09BDB
  @Alternate Data Stream - 207 bytes -> C:\ProgramData\TEMP:D4C72290
  @Alternate Data Stream - 203 bytes -> C:\ProgramData\TEMP:732E4B72
  @Alternate Data Stream - 201 bytes -> C:\ProgramData\TEMP:3766E957
  @Alternate Data Stream - 200 bytes -> C:\ProgramData\TEMP:8917A3FD
  @Alternate Data Stream - 163 bytes -> C:\ProgramData\TEMP:55020C86
  @Alternate Data Stream - 161 bytes -> C:\ProgramData\TEMP:79F42BCC
  @Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:7B5E0526
  @Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:BF6C81B2
  @Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:6C75AF4C
  @Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:491270B8
  @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:30E0D641
  @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:E7B4296D
  @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:6FD36C4B
  @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:64170090
  @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:2832349A
  @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:0ADF7EEE
  @Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:F9EDCFB0
  @Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:1BD02801
  @Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:C4AB79AE
  @Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:9E76E7F3
  @Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:9825B52E
  @Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:898D0B77
  @Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:500F73A8
  @Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:4F7FE589
  @Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:0E8117B1
  @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:FC70A22A
  @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:AC733A73
  @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:21BB9E99
  @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:EA1919C7
  @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:C7F08EA3
  @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:3B4DA230
  @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:397D67BA
  @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:160ADF0B
  @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:124B94C0
  @Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:F19A4790
  @Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:D7B7645F
  @Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:95FC57E0
  @Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:9491C9C7
  @Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:0785072C
  @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:EAF954B6
  @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:E14FA16F
  @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:CCB49694
  @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:A4AF8D0D
  @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:696F7DA7
  @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:63B94956
  @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:123A86B5
  @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:E8B9B48F
  @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:A5584049
  @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:91A12471
  @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:89C28CF6
  @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:78739EC9
  @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:32FFF2D1
  @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:E1610EDC
  @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:708AB985
  @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:57176330
  @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:4AA3DAA3
  @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:2775F9E2
  @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:0EC7A545
  @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:E6C6EB3B
  @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:E5B6B9C5
  @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:DDF112BD
  @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:92FE8A60
  @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:2E3F04BC
  @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:2245476B
  @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:C49A5AD1
  @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:90865A6D
  @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:88A44CC1
  @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:3086B95F
  @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:0BBF232A
  @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:041C0562
  @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:F84B8DB5
  @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:EB4FEEF5
  @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:B37E855B
  @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:AEEC88F6
  @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:6387AA6C
  @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:0F3F6B1E
  @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:FED25C29
  @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:D4BB0AD6
  @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:C31F31E6
  @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:700B9342
  @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:2D1AE3BE
  @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:2AE74FF9
  @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:E411AA0D
  @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:8E5EA40F
  @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:7A032A04
  @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:697DDE2B
  @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:436BE28C
  @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:3D186293
  @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:EF0C5444
  @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:EB42AC3C
  @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:94B46CA2
  @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:5025C6E4
  @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:2D78CEB3
  @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:206470A5
  @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:0588E665
  @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:E9FAC3AB
  @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D31BE97C
  @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:C22674B6
  @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:BEA2EFEE
  @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:614F17D3
  @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:5CE91C67
  @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:47C57855
  @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:1F7A10DD
  @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:C3D26A8A
  @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5D351BC6
  @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5A15BCD4
  @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:03DF2E8E
  @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:ED2998F5
  @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:C9B27A06
  @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:99862B77
  @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:7E082023
  @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:7881FECE
  @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:69AF9D20
  @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:48C30809
  @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:2D3CB929
  @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:DB77E2C4
  @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:D453E38B
  @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:55818279
  @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:48977386
  @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:3539CD43
  @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:F3029A65
  @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:D1D597D0
  @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:9290C91C
  @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:8C6D2EC3
  @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:61FEC5E3
  @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:5F7DD688
  @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:4A2862FF
  @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:329BA65B
  @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:260575F1
  @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:F44D3C53
  @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:F28DF4DC
  @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DAF190FE
  @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:D8D58038
  @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:834DD57E
  @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:6017A808
  @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:58C9BCAC
  @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:51E83E25
  @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:4EE323A4
  @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:47A24D4B
  @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:45F3AD49
  @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:2DAD076E
  @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:07CBFAD5
  @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:E2CFA9CD
  @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:CF61CE5A
  @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:9E4DE21B
  @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:98982C88
  @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:84CFEE62
  @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:569CEE83
  @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:4DDE401B
  @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:0406003C
  @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:FC8FFA4E
  @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:C0913157
  @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:AC0528D9
  @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:737160C1
  @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5D17C178
  @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:358505CF
  @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:0988A428
  @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:F1DEA771
  @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:D48500F8
  @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:A4E7D25F
  @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:74091520
  @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:3E06C78F
  @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:38F6DFA8
  @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:35A81752
  @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:04CE8640
  @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:EC20549D
  @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:E80802C7
  @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:CB16385F
  @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:A58B27C9
  @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:A18D1A5B
  @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:8DF68137
  @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:80EA2EA3
  @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:620EC79A
  @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:4FA837B4
  @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:EB40BC91
  @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:E1FE3F7F
  @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:97C4F81F
  @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:7B52659E
  @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:2F6462DF
  @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:238F74BA
  @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:880F0FEF
  @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:848CC150
  @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:7FD903D7
  @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:2EA99C48
  @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:2512FA90
  @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:102394C6
  @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:A60D4837
  @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:6AF67671
  @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:29629382
  @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:090FB735
  @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:FF251D87
  @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:BC2A20FD
  @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:AFB24B00
  @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:A6D89509
  @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:96C9689F
  @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:90015502
  @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:7B2BB690
  @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:65B8AF94
  @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:51F17BB8
  @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:4DCAC4BC
  @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:370E4EFB
  @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:2B1EA607
  @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:C7857F06
  @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:B90C7652
  @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:B845F669
  @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:96C05DC7
  @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:53DF59D1
  @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:3BD4D405
  @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:008586AE
  @Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:F7370879
  @Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:E07230CC
  @Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:663B62CA
  @Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:61AF2B29
  @Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:2BC498A4
  @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:F1175E1D
  @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C9FD258B
  @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:A3B8F70C
  @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:870649A4
  @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:0F0A5896
  @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:0ED4AC2F
  @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:F6C0CA66
  @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:F14D1F80
  @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:2F0007D6
  @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:13FB6DB8
  @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:A0A7408F
  @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:8401B6D5
  @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:797D7632
  @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:04560D68
  @Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:561B1D2B
  @Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:EE39C93C
  @Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:7A0FEE87
  @Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:78E0DF72
  @Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:3D36932D
  @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:E91ADC66
  @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:E5294695
  @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:BB3CECA4
  @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:95775248
  @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:364682BC
  @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:1CB3187E
  @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:FA206A00
  @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:A4076A3B
  @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:3C282BEA
  @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:3595B780
  @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:25249477
  @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:1ECED34B
  @Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:3807D082
  @Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:EEB25EAE
  @Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:8A6A2C1E
  @Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:70E897B5
  @Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:5C6EBC69
  @Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:50DD4118
  @Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:3313A48D
  @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:FB97DB91
  @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:4FE30352
  @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:3991CD7D
  @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:1A8BB29B
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "pdfSaver3"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "swg"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
  "FlashPlayerUpdate"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
   
  :files
  C:\Windows\tasks\User_Feed_Synchronization-{00889C5B-2733-4129-8429-44D927EAE9DC}.job
  C:\Program Files\ICQ6Toolbar
  C:\Program Files\SweetIM
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp /s
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

############################## | UsbFix 7.014 | [Deletion]

User: Tomášek a Marcelka (Administrator) # HORÁKOVO [MSI MS-7267]
Updated 24/06/10 by El Desaparecido / C_XX
Started at 15:52:09 | 01/03/2011
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: Intel(R) Pentium(R) Dual CPU E2140 @ 1.60GHz
CPU 2: Intel(R) Pentium(R) Dual CPU E2140 @ 1.60GHz
Microsoft® Windows Vista™ Home Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.19019

Windows Firewall: Enabled
RAM -> 2039 Mb
C:\ (%systemdrive%) -> Fixed drive # 231 Gb (100 Mb free - 43%) [OS_INSTALL] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
J:\ -> CD-ROM
K:\ -> CD-ROM
L:\ -> CD-ROM
M:\ -> CD-ROM
N:\ -> CD-ROM
O:\ -> CD-ROM
P:\ -> CD-ROM
Q:\ -> CD-ROM
R:\ -> CD-ROM
S:\ -> CD-ROM
T:\ -> CD-ROM
U:\ -> Removable drive # 4 Gb (4 Mb free - 100%) [KINGSTON] # FAT32

################## | Files # Infected Folders |

Deleted ! C:\Windows\system32\msupdte.exe
Deleted ! C:\Users\TOMEKA~1\AppData\Local\Temp\AutoRun.exe
Not deleted ! M:\Autorun.inf
Not deleted ! N:\Autorun.inf
Not deleted ! P:\Autorun.inf
Not deleted ! M:\msvcr71.dll

################## | Registry |


################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\N
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\Q
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\S
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{046996c5-a938-11dc-84f6-0019db8edfda}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{2ab2ec5e-67ea-11df-9a05-0019db8edfda}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{38141ffc-6efb-11df-9ba2-0019db8edfda}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{5f10b883-8df2-11df-b86e-0019db8edfda}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{8467b120-9a92-11dc-a1b3-0019db8edfda}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{abc5ec0b-b16f-11dd-bb73-0019db8edfda}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{d75de942-fb8a-11df-9c18-0019db8edfda}

################## | Listing |

[01/03/2011 - 15:56:23 | D ] C:\$Recycle.Bin
[15/10/2009 - 06:57:14 | D ] C:\13d01821b082abf9ee9dbbb2
[10/08/2010 - 17:22:12 | D ] C:\ATI
[18/02/2011 - 23:07:24 | D ] C:\BigFishGamesCache
[15/10/2009 - 08:15:49 | SHD ] C:\Boot
[11/04/2009 - 07:36:36 | RASH | 333257] C:\bootmgr
[07/08/2007 - 18:04:31 | RAS | 8192] C:\BOOTSECT.BAK
[21/02/2011 - 21:51:43 | A | 66532] C:\config.bin
[20/02/2011 - 10:32:08 | A | 155] C:\config.lua
[18/09/2006 - 22:43:37 | A | 10] C:\config.sys
[21/02/2011 - 21:39:20 | A | 356] C:\config.txt
[02/02/2009 - 00:42:14 | A | 418] C:\debugInstaller.txt
[02/11/2008 - 13:50:45 | D ] C:\DNData
[02/11/2006 - 14:02:03 | SHD ] C:\Documents and Settings
[28/11/2010 - 16:09:40 | D ] C:\download
[21/02/2011 - 21:38:43 | A | 240] C:\highscores.dat
[14/02/2010 - 13:13:01 | D ] C:\Hry
[18/11/2010 - 01:30:13 | D ] C:\Intel
[10/11/2007 - 00:47:08 | RASH | 0] C:\IO.SYS
[21/02/2011 - 21:41:18 | A | 214] C:\level_001.log
[21/02/2011 - 21:43:02 | A | 227] C:\level_002.log
[21/02/2011 - 21:49:09 | A | 264] C:\level_003.log
[28/06/2009 - 00:02:56 | A | 2688] C:\LGSInst.Log
[21/02/2011 - 21:51:21 | A | 12696] C:\match2_0.mtc
[21/02/2011 - 21:51:21 | A | 42208] C:\match_0.lev
[21/02/2011 - 21:51:21 | A | 12696] C:\match_0.mtc
[10/11/2007 - 00:47:08 | RASH | 0] C:\MSDOS.SYS
[19/11/2007 - 09:58:31 | RHD ] C:\MSOCache
[29/03/2010 - 01:39:50 | D ] C:\My Music
[28/11/2010 - 16:12:55 | A | 921632] C:\PA207.DAT
[01/03/2011 - 07:50:41 | ASH | 2452307968] C:\pagefile.sys
[23/11/2008 - 17:16:24 | D ] C:\PerfLogs
[01/03/2011 - 11:35:56 | D ] C:\Program Files
[26/02/2011 - 16:41:13 | AHD ] C:\ProgramData
[01/03/2011 - 11:36:07 | D ] C:\rsit
[01/03/2011 - 14:29:11 | SHD ] C:\System Volume Information
[01/03/2011 - 15:56:23 | D ] C:\UsbFix
[01/03/2011 - 15:52:10 | A | 3872] C:\UsbFix.txt
[26/02/2011 - 16:42:09 | RD ] C:\Users
[23/02/2011 - 09:22:27 | AD ] C:\Windows
[14/10/2005 - 22:01:25 | R | 20482048] M:\00000001.TMP
[14/10/2005 - 22:01:25 | R | 317440] M:\00000002.TMP
[14/10/2005 - 22:11:29 | R | 1478299476] M:\0compressed.zip
[14/10/2005 - 22:12:23 | D ] M:\AutoRun
[14/10/2005 - 22:02:26 | R | 733184] M:\AutoRun.exe
[10/10/2005 - 21:32:44 | R | 573440] M:\AutoRunGUI.dll
[09/11/2005 - 15:02:58 | D ] M:\DEViANCE
[14/10/2005 - 22:01:19 | R | 1261696] M:\DIAG.EXE
[14/10/2005 - 22:12:24 | D ] M:\DirectX
[12/10/2005 - 09:09:08 | R | 278528] M:\GofControls.exe
[12/10/2005 - 09:09:09 | R | 77824] M:\GofInput.dll
[14/10/2005 - 22:12:40 | D ] M:\Support
[14/10/2005 - 22:11:32 | R | 167] M:\autorun.inf
[14/10/2005 - 22:11:33 | R | 78] M:\common_filelist.txt
[14/10/2005 - 22:02:26 | R | 339968] M:\eauninstall.exe
[29/09/2005 - 16:46:05 | R | 5694] M:\gof_icon.ico
[21/02/2003 - 14:42:21 | R | 348160] M:\msvcr71.dll
[03/06/2007 - 22:15:35 | R | 1918328018] N:\0compressed.zip
[03/06/2007 - 22:28:55 | R | 1924580185] N:\1compressed.zip
[03/06/2007 - 21:44:02 | D ] N:\AutoRun
[03/06/2007 - 22:29:05 | R | 633928] N:\AutoRun.exe
[03/06/2007 - 22:29:06 | R | 588872] N:\AutoRunGUI.dll
[03/06/2007 - 21:43:49 | D ] N:\DirectX
[03/06/2007 - 22:29:07 | R | 879688] N:\EAInstall.dll
[03/06/2007 - 22:29:07 | R | 302152] N:\GDFExampleBinary.dll
[03/06/2007 - 22:29:07 | R | 109640] N:\GameuxInstallHelper.dll
[25/06/2007 - 18:58:38 | D ] N:\HATRED
[03/06/2007 - 22:29:04 | D ] N:\Support
[03/06/2007 - 21:43:45 | D ] N:\VCRedist
[03/06/2007 - 22:28:58 | R | 174] N:\autorun.inf
[03/06/2007 - 22:28:58 | R | 152] N:\common_filelist.txt
[03/06/2007 - 22:29:05 | R | 322632] N:\eauninstall.exe
[02/05/2007 - 20:01:50 | R | 96090] N:\ootp_icon.ico
[15/06/2006 - 17:36:42 | R | 196608] P:\AutoStarter.exe
[29/09/2006 - 18:13:35 | D ] P:\Crack
[07/09/2006 - 16:06:35 | D ] P:\DirectX
[07/09/2006 - 16:21:05 | D ] P:\Secret Files Tunguska
[24/04/2006 - 10:57:26 | R | 50] P:\autorun.inf
[06/07/2006 - 10:07:02 | R | 578654] P:\autostart.bmp
[16/08/2006 - 08:37:16 | R | 1412] P:\autostart.dat
[14/06/2006 - 07:26:50 | R | 1132] P:\autostart.ini
[07/09/2006 - 16:06:00 | R | 527707] P:\data1.cab
[07/09/2006 - 16:21:05 | R | 16769] P:\data1.hdr
[07/09/2006 - 16:21:05 | R | 2321897] P:\data2.cab
[29/04/2005 - 16:39:00 | R | 460946] P:\engine32.cab
[07/09/2006 - 16:06:36 | D ] P:\fonts
[07/09/2006 - 16:21:06 | R | 1573] P:\layout.bin
[06/07/2006 - 17:02:34 | R | 345] P:\readme.txt
[24/03/2005 - 11:00:24 | R | 119016] P:\setup.exe
[07/09/2006 - 16:05:46 | R | 350340] P:\setup.ibt
[07/09/2006 - 16:05:46 | R | 499] P:\setup.ini
[29/06/2006 - 10:17:24 | R | 1031196] P:\setup.isn
[14/10/2005 - 09:54:02 | R | 11502] P:\tunguska.ico
[21/04/2003 - 12:09:50 | R | 245408] P:\unicows.dll
[11/08/2006 - 16:31:30 | R | 1353864467] P:\video.spr
[06/02/2011 - 21:03:38 | D ] U:\Harry Potter 1-7

################## | Vaccin |

C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
U:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_HORÁKOVO.zip
http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution.

################## | E.O.F |


Ještě mi to hodilo okno s touhle hláškou:
Error 404 - Not found
Le fichier requis n'a pas été trouvé. Il peut s'agir d'une erreur technique. Veuillez réessayer ultérieurement. Si vous ne pouvez pas accéder au fichier après plusieurs tentatives, cela signifie qu'il a été supprimé.

Jdu pokračovat s tím OTL...

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2419466016-3890592263-3983030451-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-2419466016-3890592263-3983030451-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ deleted successfully.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2ACBFCB4-EFE1-3D6A-9CF2-9F200B9C5DDF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2ACBFCB4-EFE1-3D6A-9CF2-9F200B9C5DDF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4AAF2B34-5639-421F-7345-3FBE50B44BB6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4AAF2B34-5639-421F-7345-3FBE50B44BB6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ deleted successfully.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_USERS\S-1-5-21-2419466016-3890592263-3983030451-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-2419466016-3890592263-3983030451-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2419466016-3890592263-3983030451-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Nokia.PCSync deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Nokia.PCSync not found.
Registry key HKEY_USERS\S-1-5-21-2419466016-3890592263-3983030451-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\ deleted successfully.
Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}
C:\Windows\Downloaded Program Files\OnlineScanner.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\Windows\Fonts\~GLH0002.TMP deleted successfully.
C:\Windows\Fonts\~GLH0003.TMP deleted successfully.
C:\Windows\Fonts\~GLH0004.TMP deleted successfully.
C:\Windows\Fonts\~GLH0005.TMP deleted successfully.
C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP folder deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Users\Tomášek a Marcelka\AppData\Roaming\ICQ Toolbar folder moved successfully.
ADS C:\ProgramData\TEMP:B91EDB04 deleted successfully.
ADS C:\ProgramData\TEMP:12D2EB9C deleted successfully.
ADS C:\ProgramData\TEMP:F2AF86D9 deleted successfully.
ADS C:\ProgramData\TEMP:95198126 deleted successfully.
ADS C:\ProgramData\TEMP:28CDD861 deleted successfully.
ADS C:\ProgramData\TEMP:FDDD8917 deleted successfully.
ADS C:\ProgramData\TEMP:C07A6A6B deleted successfully.
ADS C:\ProgramData\TEMP:E51234A9 deleted successfully.
ADS C:\ProgramData\TEMP:8BA6C9F8 deleted successfully.
ADS C:\ProgramData\TEMP:5E9B629B deleted successfully.
ADS C:\ProgramData\TEMP:59C113EC deleted successfully.
ADS C:\ProgramData\TEMP:31106FCB deleted successfully.
ADS C:\ProgramData\TEMP:2FC7B9E4 deleted successfully.
ADS C:\ProgramData\TEMP:177313FB deleted successfully.
ADS C:\ProgramData:$SS_DESCRIPTOR_PVX2VCGKMVF9FFNYTKBRVLNGCMXNGCEVSFMLYELVR4EMGY8PPGDFVVVVVVVVVVVVV deleted successfully.
ADS C:\Windows:C54D0A8E7A936E88 deleted successfully.
ADS C:\ProgramData\TEMP:92D91D7E deleted successfully.
ADS C:\ProgramData\TEMP:661DC753 deleted successfully.
ADS C:\ProgramData\TEMP:01070CA7 deleted successfully.
ADS C:\ProgramData\TEMP:A02025CE deleted successfully.
ADS C:\ProgramData\TEMP:DAB09BDB deleted successfully.
ADS C:\ProgramData\TEMP:D4C72290 deleted successfully.
ADS C:\ProgramData\TEMP:732E4B72 deleted successfully.
ADS C:\ProgramData\TEMP:3766E957 deleted successfully.
ADS C:\ProgramData\TEMP:8917A3FD deleted successfully.
ADS C:\ProgramData\TEMP:55020C86 deleted successfully.
ADS C:\ProgramData\TEMP:79F42BCC deleted successfully.
ADS C:\ProgramData\TEMP:7B5E0526 deleted successfully.
ADS C:\ProgramData\TEMP:BF6C81B2 deleted successfully.
ADS C:\ProgramData\TEMP:6C75AF4C deleted successfully.
ADS C:\ProgramData\TEMP:491270B8 deleted successfully.
ADS C:\ProgramData\TEMP:30E0D641 deleted successfully.
ADS C:\ProgramData\TEMP:E7B4296D deleted successfully.
ADS C:\ProgramData\TEMP:6FD36C4B deleted successfully.
ADS C:\ProgramData\TEMP:64170090 deleted successfully.
ADS C:\ProgramData\TEMP:2832349A deleted successfully.
ADS C:\ProgramData\TEMP:0ADF7EEE deleted successfully.
ADS C:\ProgramData\TEMP:F9EDCFB0 deleted successfully.
ADS C:\ProgramData\TEMP:1BD02801 deleted successfully.
ADS C:\ProgramData\TEMP:C4AB79AE deleted successfully.
ADS C:\ProgramData\TEMP:9E76E7F3 deleted successfully.
ADS C:\ProgramData\TEMP:9825B52E deleted successfully.
ADS C:\ProgramData\TEMP:898D0B77 deleted successfully.
ADS C:\ProgramData\TEMP:500F73A8 deleted successfully.
ADS C:\ProgramData\TEMP:4F7FE589 deleted successfully.
ADS C:\ProgramData\TEMP:0E8117B1 deleted successfully.
ADS C:\ProgramData\TEMP:FC70A22A deleted successfully.
ADS C:\ProgramData\TEMP:AC733A73 deleted successfully.
ADS C:\ProgramData\TEMP:21BB9E99 deleted successfully.
ADS C:\ProgramData\TEMP:EA1919C7 deleted successfully.
ADS C:\ProgramData\TEMP:C7F08EA3 deleted successfully.
ADS C:\ProgramData\TEMP:3B4DA230 deleted successfully.
ADS C:\ProgramData\TEMP:397D67BA deleted successfully.
ADS C:\ProgramData\TEMP:160ADF0B deleted successfully.
ADS C:\ProgramData\TEMP:124B94C0 deleted successfully.
ADS C:\ProgramData\TEMP:F19A4790 deleted successfully.
ADS C:\ProgramData\TEMP:D7B7645F deleted successfully.
ADS C:\ProgramData\TEMP:95FC57E0 deleted successfully.
ADS C:\ProgramData\TEMP:9491C9C7 deleted successfully.
ADS C:\ProgramData\TEMP:0785072C deleted successfully.
ADS C:\ProgramData\TEMP:EAF954B6 deleted successfully.
ADS C:\ProgramData\TEMP:E14FA16F deleted successfully.
ADS C:\ProgramData\TEMP:CCB49694 deleted successfully.
ADS C:\ProgramData\TEMP:A4AF8D0D deleted successfully.
ADS C:\ProgramData\TEMP:696F7DA7 deleted successfully.
ADS C:\ProgramData\TEMP:63B94956 deleted successfully.
ADS C:\ProgramData\TEMP:123A86B5 deleted successfully.
ADS C:\ProgramData\TEMP:E8B9B48F deleted successfully.
ADS C:\ProgramData\TEMP:A5584049 deleted successfully.
ADS C:\ProgramData\TEMP:91A12471 deleted successfully.
ADS C:\ProgramData\TEMP:89C28CF6 deleted successfully.
ADS C:\ProgramData\TEMP:78739EC9 deleted successfully.
ADS C:\ProgramData\TEMP:32FFF2D1 deleted successfully.
ADS C:\ProgramData\TEMP:E1610EDC deleted successfully.
ADS C:\ProgramData\TEMP:708AB985 deleted successfully.
ADS C:\ProgramData\TEMP:57176330 deleted successfully.
ADS C:\ProgramData\TEMP:4AA3DAA3 deleted successfully.
ADS C:\ProgramData\TEMP:2775F9E2 deleted successfully.
ADS C:\ProgramData\TEMP:0EC7A545 deleted successfully.
ADS C:\ProgramData\TEMP:E6C6EB3B deleted successfully.
ADS C:\ProgramData\TEMP:E5B6B9C5 deleted successfully.
ADS C:\ProgramData\TEMP:DDF112BD deleted successfully.
ADS C:\ProgramData\TEMP:92FE8A60 deleted successfully.
ADS C:\ProgramData\TEMP:2E3F04BC deleted successfully.
ADS C:\ProgramData\TEMP:2245476B deleted successfully.
ADS C:\ProgramData\TEMP:C49A5AD1 deleted successfully.
ADS C:\ProgramData\TEMP:90865A6D deleted successfully.
ADS C:\ProgramData\TEMP:88A44CC1 deleted successfully.
ADS C:\ProgramData\TEMP:3086B95F deleted successfully.
ADS C:\ProgramData\TEMP:0BBF232A deleted successfully.
ADS C:\ProgramData\TEMP:041C0562 deleted successfully.
ADS C:\ProgramData\TEMP:F84B8DB5 deleted successfully.
ADS C:\ProgramData\TEMP:EB4FEEF5 deleted successfully.
ADS C:\ProgramData\TEMP:B37E855B deleted successfully.
ADS C:\ProgramData\TEMP:AEEC88F6 deleted successfully.
ADS C:\ProgramData\TEMP:6387AA6C deleted successfully.
ADS C:\ProgramData\TEMP:0F3F6B1E deleted successfully.
ADS C:\ProgramData\TEMP:FED25C29 deleted successfully.
ADS C:\ProgramData\TEMP:D4BB0AD6 deleted successfully.
ADS C:\ProgramData\TEMP:C31F31E6 deleted successfully.
ADS C:\ProgramData\TEMP:700B9342 deleted successfully.
ADS C:\ProgramData\TEMP:2D1AE3BE deleted successfully.
ADS C:\ProgramData\TEMP:2AE74FF9 deleted successfully.
ADS C:\ProgramData\TEMP:E411AA0D deleted successfully.
ADS C:\ProgramData\TEMP:8E5EA40F deleted successfully.
ADS C:\ProgramData\TEMP:7A032A04 deleted successfully.
ADS C:\ProgramData\TEMP:697DDE2B deleted successfully.
ADS C:\ProgramData\TEMP:436BE28C deleted successfully.
ADS C:\ProgramData\TEMP:3D186293 deleted successfully.
ADS C:\ProgramData\TEMP:EF0C5444 deleted successfully.
ADS C:\ProgramData\TEMP:EB42AC3C deleted successfully.
ADS C:\ProgramData\TEMP:94B46CA2 deleted successfully.
ADS C:\ProgramData\TEMP:5025C6E4 deleted successfully.
ADS C:\ProgramData\TEMP:2D78CEB3 deleted successfully.
ADS C:\ProgramData\TEMP:206470A5 deleted successfully.
ADS C:\ProgramData\TEMP:0588E665 deleted successfully.
ADS C:\ProgramData\TEMP:E9FAC3AB deleted successfully.
ADS C:\ProgramData\TEMP:D31BE97C deleted successfully.
ADS C:\ProgramData\TEMP:C22674B6 deleted successfully.
ADS C:\ProgramData\TEMP:BEA2EFEE deleted successfully.
ADS C:\ProgramData\TEMP:614F17D3 deleted successfully.
ADS C:\ProgramData\TEMP:5CE91C67 deleted successfully.
ADS C:\ProgramData\TEMP:47C57855 deleted successfully.
ADS C:\ProgramData\TEMP:1F7A10DD deleted successfully.
ADS C:\ProgramData\TEMP:C3D26A8A deleted successfully.
ADS C:\ProgramData\TEMP:5D351BC6 deleted successfully.
ADS C:\ProgramData\TEMP:5A15BCD4 deleted successfully.
ADS C:\ProgramData\TEMP:03DF2E8E deleted successfully.
ADS C:\ProgramData\TEMP:ED2998F5 deleted successfully.
ADS C:\ProgramData\TEMP:C9B27A06 deleted successfully.
ADS C:\ProgramData\TEMP:99862B77 deleted successfully.
ADS C:\ProgramData\TEMP:7E082023 deleted successfully.
ADS C:\ProgramData\TEMP:7881FECE deleted successfully.
ADS C:\ProgramData\TEMP:69AF9D20 deleted successfully.
ADS C:\ProgramData\TEMP:48C30809 deleted successfully.
ADS C:\ProgramData\TEMP:2D3CB929 deleted successfully.
ADS C:\ProgramData\TEMP:DB77E2C4 deleted successfully.
ADS C:\ProgramData\TEMP:D453E38B deleted successfully.
ADS C:\ProgramData\TEMP:55818279 deleted successfully.
ADS C:\ProgramData\TEMP:48977386 deleted successfully.
ADS C:\ProgramData\TEMP:3539CD43 deleted successfully.
ADS C:\ProgramData\TEMP:F3029A65 deleted successfully.
ADS C:\ProgramData\TEMP:D1D597D0 deleted successfully.
ADS C:\ProgramData\TEMP:9290C91C deleted successfully.
ADS C:\ProgramData\TEMP:8C6D2EC3 deleted successfully.
ADS C:\ProgramData\TEMP:61FEC5E3 deleted successfully.
ADS C:\ProgramData\TEMP:5F7DD688 deleted successfully.
ADS C:\ProgramData\TEMP:4A2862FF deleted successfully.
ADS C:\ProgramData\TEMP:329BA65B deleted successfully.
ADS C:\ProgramData\TEMP:260575F1 deleted successfully.
ADS C:\ProgramData\TEMP:F44D3C53 deleted successfully.
ADS C:\ProgramData\TEMP:F28DF4DC deleted successfully.
ADS C:\ProgramData\TEMP:DAF190FE deleted successfully.
ADS C:\ProgramData\TEMP:D8D58038 deleted successfully.
ADS C:\ProgramData\TEMP:834DD57E deleted successfully.
ADS C:\ProgramData\TEMP:6017A808 deleted successfully.
ADS C:\ProgramData\TEMP:58C9BCAC deleted successfully.
ADS C:\ProgramData\TEMP:51E83E25 deleted successfully.
ADS C:\ProgramData\TEMP:4EE323A4 deleted successfully.
ADS C:\ProgramData\TEMP:47A24D4B deleted successfully.
ADS C:\ProgramData\TEMP:45F3AD49 deleted successfully.
ADS C:\ProgramData\TEMP:2DAD076E deleted successfully.
ADS C:\ProgramData\TEMP:07CBFAD5 deleted successfully.
ADS C:\ProgramData\TEMP:E2CFA9CD deleted successfully.
ADS C:\ProgramData\TEMP:CF61CE5A deleted successfully.
ADS C:\ProgramData\TEMP:9E4DE21B deleted successfully.
ADS C:\ProgramData\TEMP:98982C88 deleted successfully.
ADS C:\ProgramData\TEMP:84CFEE62 deleted successfully.
ADS C:\ProgramData\TEMP:569CEE83 deleted successfully.
ADS C:\ProgramData\TEMP:4DDE401B deleted successfully.
ADS C:\ProgramData\TEMP:0406003C deleted successfully.
ADS C:\ProgramData\TEMP:FC8FFA4E deleted successfully.
ADS C:\ProgramData\TEMP:C0913157 deleted successfully.
ADS C:\ProgramData\TEMP:AC0528D9 deleted successfully.
ADS C:\ProgramData\TEMP:737160C1 deleted successfully.
ADS C:\ProgramData\TEMP:5D17C178 deleted successfully.
ADS C:\ProgramData\TEMP:358505CF deleted successfully.
ADS C:\ProgramData\TEMP:0988A428 deleted successfully.
ADS C:\ProgramData\TEMP:F1DEA771 deleted successfully.
ADS C:\ProgramData\TEMP:D48500F8 deleted successfully.
ADS C:\ProgramData\TEMP:A4E7D25F deleted successfully.
ADS C:\ProgramData\TEMP:74091520 deleted successfully.
ADS C:\ProgramData\TEMP:3E06C78F deleted successfully.
ADS C:\ProgramData\TEMP:38F6DFA8 deleted successfully.
ADS C:\ProgramData\TEMP:35A81752 deleted successfully.
ADS C:\ProgramData\TEMP:04CE8640 deleted successfully.
ADS C:\ProgramData\TEMP:EC20549D deleted successfully.
ADS C:\ProgramData\TEMP:E80802C7 deleted successfully.
ADS C:\ProgramData\TEMP:CB16385F deleted successfully.
ADS C:\ProgramData\TEMP:A58B27C9 deleted successfully.
ADS C:\ProgramData\TEMP:A18D1A5B deleted successfully.
ADS C:\ProgramData\TEMP:8DF68137 deleted successfully.
ADS C:\ProgramData\TEMP:80EA2EA3 deleted successfully.
ADS C:\ProgramData\TEMP:620EC79A deleted successfully.
ADS C:\ProgramData\TEMP:4FA837B4 deleted successfully.
ADS C:\ProgramData\TEMP:EB40BC91 deleted successfully.
ADS C:\ProgramData\TEMP:E1FE3F7F deleted successfully.
ADS C:\ProgramData\TEMP:97C4F81F deleted successfully.
ADS C:\ProgramData\TEMP:7B52659E deleted successfully.
ADS C:\ProgramData\TEMP:2F6462DF deleted successfully.
ADS C:\ProgramData\TEMP:238F74BA deleted successfully.
ADS C:\ProgramData\TEMP:880F0FEF deleted successfully.
ADS C:\ProgramData\TEMP:848CC150 deleted successfully.
ADS C:\ProgramData\TEMP:7FD903D7 deleted successfully.
ADS C:\ProgramData\TEMP:2EA99C48 deleted successfully.
ADS C:\ProgramData\TEMP:2512FA90 deleted successfully.
ADS C:\ProgramData\TEMP:102394C6 deleted successfully.
ADS C:\ProgramData\TEMP:A60D4837 deleted successfully.
ADS C:\ProgramData\TEMP:6AF67671 deleted successfully.
ADS C:\ProgramData\TEMP:29629382 deleted successfully.
ADS C:\ProgramData\TEMP:090FB735 deleted successfully.
ADS C:\ProgramData\TEMP:FF251D87 deleted successfully.
ADS C:\ProgramData\TEMP:BC2A20FD deleted successfully.
ADS C:\ProgramData\TEMP:AFB24B00 deleted successfully.
ADS C:\ProgramData\TEMP:A6D89509 deleted successfully.
ADS C:\ProgramData\TEMP:96C9689F deleted successfully.
ADS C:\ProgramData\TEMP:90015502 deleted successfully.
ADS C:\ProgramData\TEMP:7B2BB690 deleted successfully.
ADS C:\ProgramData\TEMP:65B8AF94 deleted successfully.
ADS C:\ProgramData\TEMP:51F17BB8 deleted successfully.
ADS C:\ProgramData\TEMP:4DCAC4BC deleted successfully.
ADS C:\ProgramData\TEMP:370E4EFB deleted successfully.
ADS C:\ProgramData\TEMP:2B1EA607 deleted successfully.
ADS C:\ProgramData\TEMP:C7857F06 deleted successfully.
ADS C:\ProgramData\TEMP:B90C7652 deleted successfully.
ADS C:\ProgramData\TEMP:B845F669 deleted successfully.
ADS C:\ProgramData\TEMP:96C05DC7 deleted successfully.
ADS C:\ProgramData\TEMP:53DF59D1 deleted successfully.
ADS C:\ProgramData\TEMP:3BD4D405 deleted successfully.
ADS C:\ProgramData\TEMP:008586AE deleted successfully.
ADS C:\ProgramData\TEMP:F7370879 deleted successfully.
ADS C:\ProgramData\TEMP:E07230CC deleted successfully.
ADS C:\ProgramData\TEMP:663B62CA deleted successfully.
ADS C:\ProgramData\TEMP:61AF2B29 deleted successfully.
ADS C:\ProgramData\TEMP:2BC498A4 deleted successfully.
ADS C:\ProgramData\TEMP:F1175E1D deleted successfully.
ADS C:\ProgramData\TEMP:C9FD258B deleted successfully.
ADS C:\ProgramData\TEMP:A3B8F70C deleted successfully.
ADS C:\ProgramData\TEMP:870649A4 deleted successfully.
ADS C:\ProgramData\TEMP:0F0A5896 deleted successfully.
ADS C:\ProgramData\TEMP:0ED4AC2F deleted successfully.
ADS C:\ProgramData\TEMP:F6C0CA66 deleted successfully.
ADS C:\ProgramData\TEMP:F14D1F80 deleted successfully.
ADS C:\ProgramData\TEMP:2F0007D6 deleted successfully.
ADS C:\ProgramData\TEMP:13FB6DB8 deleted successfully.
ADS C:\ProgramData\TEMP:A0A7408F deleted successfully.
ADS C:\ProgramData\TEMP:8401B6D5 deleted successfully.
ADS C:\ProgramData\TEMP:797D7632 deleted successfully.
ADS C:\ProgramData\TEMP:04560D68 deleted successfully.
ADS C:\ProgramData\TEMP:561B1D2B deleted successfully.
ADS C:\ProgramData\TEMP:EE39C93C deleted successfully.
ADS C:\ProgramData\TEMP:7A0FEE87 deleted successfully.
ADS C:\ProgramData\TEMP:78E0DF72 deleted successfully.
ADS C:\ProgramData\TEMP:3D36932D deleted successfully.
ADS C:\ProgramData\TEMP:E91ADC66 deleted successfully.
ADS C:\ProgramData\TEMP:E5294695 deleted successfully.
ADS C:\ProgramData\TEMP:BB3CECA4 deleted successfully.
ADS C:\ProgramData\TEMP:95775248 deleted successfully.
ADS C:\ProgramData\TEMP:364682BC deleted successfully.
ADS C:\ProgramData\TEMP:1CB3187E deleted successfully.
ADS C:\ProgramData\TEMP:FA206A00 deleted successfully.
ADS C:\ProgramData\TEMP:A4076A3B deleted successfully.
ADS C:\ProgramData\TEMP:3C282BEA deleted successfully.
ADS C:\ProgramData\TEMP:3595B780 deleted successfully.
ADS C:\ProgramData\TEMP:25249477 deleted successfully.
ADS C:\ProgramData\TEMP:1ECED34B deleted successfully.
ADS C:\ProgramData\TEMP:3807D082 deleted successfully.
ADS C:\ProgramData\TEMP:EEB25EAE deleted successfully.
ADS C:\ProgramData\TEMP:8A6A2C1E deleted successfully.
ADS C:\ProgramData\TEMP:70E897B5 deleted successfully.
ADS C:\ProgramData\TEMP:5C6EBC69 deleted successfully.
ADS C:\ProgramData\TEMP:50DD4118 deleted successfully.
ADS C:\ProgramData\TEMP:3313A48D deleted successfully.
ADS C:\ProgramData\TEMP:FB97DB91 deleted successfully.
ADS C:\ProgramData\TEMP:4FE30352 deleted successfully.
ADS C:\ProgramData\TEMP:3991CD7D deleted successfully.
ADS C:\ProgramData\TEMP:1A8BB29B deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\pdfSaver3 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG\ deleted successfully.
========== FILES ==========
C:\Windows\tasks\User_Feed_Synchronization-{00889C5B-2733-4129-8429-44D927EAE9DC}.job moved successfully.
C:\Program Files\ICQ6Toolbar folder moved successfully.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources folder moved successfully.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\conf folder moved successfully.
C:\Program Files\SweetIM\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files\SweetIM\Toolbars folder moved successfully.
C:\Program Files\SweetIM\Messenger\resources\images folder moved successfully.
C:\Program Files\SweetIM\Messenger\resources folder moved successfully.
C:\Program Files\SweetIM\Messenger folder moved successfully.
C:\Program Files\SweetIM folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP40A8.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP75A6.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC12B.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEF91.tmp folder moved successfully.
C:\Windows\Installer\MSI4CC3.tmp moved successfully.
C:\Windows\TEMP\DMI1056.tmp moved successfully.
C:\Windows\TEMP\DMI10BF.tmp moved successfully.
C:\Windows\TEMP\DMI117F.tmp moved successfully.
C:\Windows\TEMP\DMI1180.tmp moved successfully.
C:\Windows\TEMP\DMI119E.tmp moved successfully.
C:\Windows\TEMP\DMI11AE.tmp moved successfully.
C:\Windows\TEMP\DMI11BE.tmp moved successfully.
C:\Windows\TEMP\DMI122B.tmp moved successfully.
C:\Windows\TEMP\DMI13B2.tmp moved successfully.
C:\Windows\TEMP\DMI148C.tmp moved successfully.
C:\Windows\TEMP\DMI15D5.tmp moved successfully.
C:\Windows\TEMP\DMI15F4.tmp moved successfully.
C:\Windows\TEMP\DMI162.tmp moved successfully.
C:\Windows\TEMP\DMI174C.tmp moved successfully.
C:\Windows\TEMP\DMI17D8.tmp moved successfully.
C:\Windows\TEMP\DMI1874.tmp moved successfully.
C:\Windows\TEMP\DMI18D2.tmp moved successfully.
C:\Windows\TEMP\DMI18F1.tmp moved successfully.
C:\Windows\TEMP\DMI1A.tmp moved successfully.
C:\Windows\TEMP\DMI1A88.tmp moved successfully.
C:\Windows\TEMP\DMI1AB7.tmp moved successfully.
C:\Windows\TEMP\DMI1B14.tmp moved successfully.
C:\Windows\TEMP\DMI1BC0.tmp moved successfully.
C:\Windows\TEMP\DMI1E70.tmp moved successfully.
C:\Windows\TEMP\DMI1EFC.tmp moved successfully.
C:\Windows\TEMP\DMI1FB8.tmp moved successfully.
C:\Windows\TEMP\DMI213E.tmp moved successfully.
C:\Windows\TEMP\DMI213F.tmp moved successfully.
C:\Windows\TEMP\DMI21DB.tmp moved successfully.
C:\Windows\TEMP\DMI22D.tmp moved successfully.
C:\Windows\TEMP\DMI248A.tmp moved successfully.
C:\Windows\TEMP\DMI2517.tmp moved successfully.
C:\Windows\TEMP\DMI26BD.tmp moved successfully.
C:\Windows\TEMP\DMI291E.tmp moved successfully.
C:\Windows\TEMP\DMI2D16.tmp moved successfully.
C:\Windows\TEMP\DMI2F77.tmp moved successfully.
C:\Windows\TEMP\DMI2FD5.tmp moved successfully.
C:\Windows\TEMP\DMI2FF4.tmp moved successfully.
C:\Windows\TEMP\DMI33AD.tmp moved successfully.
C:\Windows\TEMP\DMI35FF.tmp moved successfully.
C:\Windows\TEMP\DMI375.tmp moved successfully.
C:\Windows\TEMP\DMI37F3.tmp moved successfully.
C:\Windows\TEMP\DMI385.tmp moved successfully.
C:\Windows\TEMP\DMI3880.tmp moved successfully.
C:\Windows\TEMP\DMI3B1F.tmp moved successfully.
C:\Windows\TEMP\DMI3BFA.tmp moved successfully.
C:\Windows\TEMP\DMI3F07.tmp moved successfully.
C:\Windows\TEMP\DMI3F1D.tmp moved successfully.
C:\Windows\TEMP\DMI411B.tmp moved successfully.
C:\Windows\TEMP\DMI4560.tmp moved successfully.
C:\Windows\TEMP\DMI45CE.tmp moved successfully.
C:\Windows\TEMP\DMI466A.tmp moved successfully.
C:\Windows\TEMP\DMI47A3.tmp moved successfully.
C:\Windows\TEMP\DMI47C2.tmp moved successfully.
C:\Windows\TEMP\DMI49A1.tmp moved successfully.
C:\Windows\TEMP\DMI4D5B.tmp moved successfully.
C:\Windows\TEMP\DMI4FC.tmp moved successfully.
C:\Windows\TEMP\DMI509B.tmp moved successfully.
C:\Windows\TEMP\DMI55A.tmp moved successfully.
C:\Windows\TEMP\DMI58BA.tmp moved successfully.
C:\Windows\TEMP\DMI5937.tmp moved successfully.
C:\Windows\TEMP\DMI5A3B.tmp moved successfully.
C:\Windows\TEMP\DMI5A5F.tmp moved successfully.
C:\Windows\TEMP\DMI5E6.tmp moved successfully.
C:\Windows\TEMP\DMI635.tmp moved successfully.
C:\Windows\TEMP\DMI648C.tmp moved successfully.
C:\Windows\TEMP\DMI653D.tmp moved successfully.
C:\Windows\TEMP\DMI653E.tmp moved successfully.
C:\Windows\TEMP\DMI654.tmp moved successfully.
C:\Windows\TEMP\DMI6954.tmp moved successfully.
C:\Windows\TEMP\DMI6D1.tmp moved successfully.
C:\Windows\TEMP\DMI6EC2.tmp moved successfully.
C:\Windows\TEMP\DMI70F.tmp moved successfully.
C:\Windows\TEMP\DMI7172.tmp moved successfully.
C:\Windows\TEMP\DMI78.tmp moved successfully.
C:\Windows\TEMP\DMI7828.tmp moved successfully.
C:\Windows\TEMP\DMI7867.tmp moved successfully.
C:\Windows\TEMP\DMI7FB5.tmp moved successfully.
C:\Windows\TEMP\DMI83F0.tmp moved successfully.
C:\Windows\TEMP\DMI8EED.tmp moved successfully.
C:\Windows\TEMP\DMI940D.tmp moved successfully.
C:\Windows\TEMP\DMI97.tmp moved successfully.
C:\Windows\TEMP\DMI9759.tmp moved successfully.
C:\Windows\TEMP\DMI98.tmp moved successfully.
C:\Windows\TEMP\DMI9AF.tmp moved successfully.
C:\Windows\TEMP\DMI9D64.tmp moved successfully.
C:\Windows\TEMP\DMIA3C.tmp moved successfully.
C:\Windows\TEMP\DMIA5B.tmp moved successfully.
C:\Windows\TEMP\DMIAFA4.tmp moved successfully.
C:\Windows\TEMP\DMIB977.tmp moved successfully.
C:\Windows\TEMP\DMIC42A.tmp moved successfully.
C:\Windows\TEMP\DMIC4C7.tmp moved successfully.
C:\Windows\TEMP\DMIC718.tmp moved successfully.
C:\Windows\TEMP\DMIC776.tmp moved successfully.
C:\Windows\TEMP\DMIC870.tmp moved successfully.
C:\Windows\TEMP\DMIC88F.tmp moved successfully.
C:\Windows\TEMP\DMIC999.tmp moved successfully.
C:\Windows\TEMP\DMIC9D7.tmp moved successfully.
C:\Windows\TEMP\DMICA35.tmp moved successfully.
C:\Windows\TEMP\DMICD23.tmp moved successfully.
C:\Windows\TEMP\DMICD62.tmp moved successfully.
C:\Windows\TEMP\DMICEE8.tmp moved successfully.
C:\Windows\TEMP\DMICF46.tmp moved successfully.
C:\Windows\TEMP\DMICFE2.tmp moved successfully.
C:\Windows\TEMP\DMICFF2.tmp moved successfully.
C:\Windows\TEMP\DMID002.tmp moved successfully.
C:\Windows\TEMP\DMID021.tmp moved successfully.
C:\Windows\TEMP\DMID05F.tmp moved successfully.
C:\Windows\TEMP\DMID0CD.tmp moved successfully.
C:\Windows\TEMP\DMID0DC.tmp moved successfully.
C:\Windows\TEMP\DMID10B.tmp moved successfully.
C:\Windows\TEMP\DMID10C.tmp moved successfully.
C:\Windows\TEMP\DMID11B.tmp moved successfully.
C:\Windows\TEMP\DMID13A.tmp moved successfully.
C:\Windows\TEMP\DMID159.tmp moved successfully.
C:\Windows\TEMP\DMID179.tmp moved successfully.
C:\Windows\TEMP\DMID17A.tmp moved successfully.
C:\Windows\TEMP\DMID1C7.tmp moved successfully.
C:\Windows\TEMP\DMID1D6.tmp moved successfully.
C:\Windows\TEMP\DMID215.tmp moved successfully.
C:\Windows\TEMP\DMID244.tmp moved successfully.
C:\Windows\TEMP\DMID263.tmp moved successfully.
C:\Windows\TEMP\DMID2A1.tmp moved successfully.
C:\Windows\TEMP\DMID2D0.tmp moved successfully.
C:\Windows\TEMP\DMID2F0.tmp moved successfully.
C:\Windows\TEMP\DMID39B.tmp moved successfully.
C:\Windows\TEMP\DMID3F9.tmp moved successfully.
C:\Windows\TEMP\DMID409.tmp moved successfully.
C:\Windows\TEMP\DMID486.tmp moved successfully.
C:\Windows\TEMP\DMID495.tmp moved successfully.
C:\Windows\TEMP\DMID532.tmp moved successfully.
C:\Windows\TEMP\DMID570.tmp moved successfully.
C:\Windows\TEMP\DMID59F.tmp moved successfully.
C:\Windows\TEMP\DMID5BE.tmp moved successfully.
C:\Windows\TEMP\DMID5ED.tmp moved successfully.
C:\Windows\TEMP\DMID60C.tmp moved successfully.
C:\Windows\TEMP\DMID61C.tmp moved successfully.
C:\Windows\TEMP\DMID66A.tmp moved successfully.
C:\Windows\TEMP\DMID6D8.tmp moved successfully.
C:\Windows\TEMP\DMID745.tmp moved successfully.
C:\Windows\TEMP\DMID746.tmp moved successfully.
C:\Windows\TEMP\DMID774.tmp moved successfully.
C:\Windows\TEMP\DMID78.tmp moved successfully.
C:\Windows\TEMP\DMID7B2.tmp moved successfully.
C:\Windows\TEMP\DMID7E1.tmp moved successfully.
C:\Windows\TEMP\DMID7E2.tmp moved successfully.
C:\Windows\TEMP\DMID810.tmp moved successfully.
C:\Windows\TEMP\DMID82F.tmp moved successfully.
C:\Windows\TEMP\DMID88.tmp moved successfully.
C:\Windows\TEMP\DMID8DB.tmp moved successfully.
C:\Windows\TEMP\DMID8DC.tmp moved successfully.
C:\Windows\TEMP\DMID8FA.tmp moved successfully.
C:\Windows\TEMP\DMID949.tmp moved successfully.
C:\Windows\TEMP\DMID94A.tmp moved successfully.
C:\Windows\TEMP\DMID958.tmp moved successfully.
C:\Windows\TEMP\DMID968.tmp moved successfully.
C:\Windows\TEMP\DMID987.tmp moved successfully.
C:\Windows\TEMP\DMID988.tmp moved successfully.
C:\Windows\TEMP\DMID9A6.tmp moved successfully.
C:\Windows\TEMP\DMID9D0.tmp moved successfully.
C:\Windows\TEMP\DMID9D1.tmp moved successfully.
C:\Windows\TEMP\DMID9E5.tmp moved successfully.
C:\Windows\TEMP\DMIDA23.tmp moved successfully.
C:\Windows\TEMP\DMIDA43.tmp moved successfully.
C:\Windows\TEMP\DMIDA71.tmp moved successfully.
C:\Windows\TEMP\DMIDA72.tmp moved successfully.
C:\Windows\TEMP\DMIDA81.tmp moved successfully.
C:\Windows\TEMP\DMIDADF.tmp moved successfully.
C:\Windows\TEMP\DMIDAE0.tmp moved successfully.
C:\Windows\TEMP\DMIDAFE.tmp moved successfully.
C:\Windows\TEMP\DMIDB5C.tmp moved successfully.
C:\Windows\TEMP\DMIDB8B.tmp moved successfully.
C:\Windows\TEMP\DMIDC17.tmp moved successfully.
C:\Windows\TEMP\DMIDC18.tmp moved successfully.
C:\Windows\TEMP\DMIDC27.tmp moved successfully.
C:\Windows\TEMP\DMIDC75.tmp moved successfully.
C:\Windows\TEMP\DMIDCB4.tmp moved successfully.
C:\Windows\TEMP\DMIDCE2.tmp moved successfully.
C:\Windows\TEMP\DMIDD21.tmp moved successfully.
C:\Windows\TEMP\DMIDD31.tmp moved successfully.
C:\Windows\TEMP\DMIDD8E.tmp moved successfully.
C:\Windows\TEMP\DMIDE3A.tmp moved successfully.
C:\Windows\TEMP\DMIDE88.tmp moved successfully.
C:\Windows\TEMP\DMIDE98.tmp moved successfully.
C:\Windows\TEMP\DMIDEA8.tmp moved successfully.
C:\Windows\TEMP\DMIDEC7.tmp moved successfully.
C:\Windows\TEMP\DMIDF05.tmp moved successfully.
C:\Windows\TEMP\DMIDF06.tmp moved successfully.
C:\Windows\TEMP\DMIDF15.tmp moved successfully.
C:\Windows\TEMP\DMIDF34.tmp moved successfully.
C:\Windows\TEMP\DMIDF35.tmp moved successfully.
C:\Windows\TEMP\DMIDF63.tmp moved successfully.
C:\Windows\TEMP\DMIDFD0.tmp moved successfully.
C:\Windows\TEMP\DMIDFF0.tmp moved successfully.
C:\Windows\TEMP\DMIE01F.tmp moved successfully.
C:\Windows\TEMP\DMIE020.tmp moved successfully.
C:\Windows\TEMP\DMIE021.tmp moved successfully.
C:\Windows\TEMP\DMIE04D.tmp moved successfully.
C:\Windows\TEMP\DMIE08C.tmp moved successfully.
C:\Windows\TEMP\DMIE0F9.tmp moved successfully.
C:\Windows\TEMP\DMIE109.tmp moved successfully.
C:\Windows\TEMP\DMIE10A.tmp moved successfully.
C:\Windows\TEMP\DMIE119.tmp moved successfully.
C:\Windows\TEMP\DMIE157.tmp moved successfully.
C:\Windows\TEMP\DMIE1C4.tmp moved successfully.
C:\Windows\TEMP\DMIE1C5.tmp moved successfully.
C:\Windows\TEMP\DMIE1E4.tmp moved successfully.
C:\Windows\TEMP\DMIE1F3.tmp moved successfully.
C:\Windows\TEMP\DMIE222.tmp moved successfully.
C:\Windows\TEMP\DMIE290.tmp moved successfully.
C:\Windows\TEMP\DMIE2CE.tmp moved successfully.
C:\Windows\TEMP\DMIE2ED.tmp moved successfully.
C:\Windows\TEMP\DMIE32C.tmp moved successfully.
C:\Windows\TEMP\DMIE33B.tmp moved successfully.
C:\Windows\TEMP\DMIE34B.tmp moved successfully.
C:\Windows\TEMP\DMIE35B.tmp moved successfully.
C:\Windows\TEMP\DMIE36A.tmp moved successfully.
C:\Windows\TEMP\DMIE416.tmp moved successfully.
C:\Windows\TEMP\DMIE455.tmp moved successfully.
C:\Windows\TEMP\DMIE493.tmp moved successfully.
C:\Windows\TEMP\DMIE501.tmp moved successfully.
C:\Windows\TEMP\DMIE52F.tmp moved successfully.
C:\Windows\TEMP\DMIE5BC.tmp moved successfully.
C:\Windows\TEMP\DMIE5BD.tmp moved successfully.
C:\Windows\TEMP\DMIE5DB.tmp moved successfully.
C:\Windows\TEMP\DMIE5EB.tmp moved successfully.
C:\Windows\TEMP\DMIE5EC.tmp moved successfully.
C:\Windows\TEMP\DMIE649.tmp moved successfully.
C:\Windows\TEMP\DMIE704.tmp moved successfully.
C:\Windows\TEMP\DMIE723.tmp moved successfully.
C:\Windows\TEMP\DMIE781.tmp moved successfully.
C:\Windows\TEMP\DMIE782.tmp moved successfully.
C:\Windows\TEMP\DMIE7B0.tmp moved successfully.
C:\Windows\TEMP\DMIE7CF.tmp moved successfully.
C:\Windows\TEMP\DMIE7FE.tmp moved successfully.
C:\Windows\TEMP\DMIE81D.tmp moved successfully.
C:\Windows\TEMP\DMIE82D.tmp moved successfully.
C:\Windows\TEMP\DMIE84C.tmp moved successfully.
C:\Windows\TEMP\DMIE84D.tmp moved successfully.
C:\Windows\TEMP\DMIE84E.tmp moved successfully.
C:\Windows\TEMP\DMIE8AA.tmp moved successfully.
C:\Windows\TEMP\DMIE8E9.tmp moved successfully.
C:\Windows\TEMP\DMIE927.tmp moved successfully.
C:\Windows\TEMP\DMIE9A4.tmp moved successfully.
C:\Windows\TEMP\DMIE9E3.tmp moved successfully.
C:\Windows\TEMP\DMIE9E4.tmp moved successfully.
C:\Windows\TEMP\DMIEA50.tmp moved successfully.
C:\Windows\TEMP\DMIEA60.tmp moved successfully.
C:\Windows\TEMP\DMIEA61.tmp moved successfully.
C:\Windows\TEMP\DMIEA8E.tmp moved successfully.
C:\Windows\TEMP\DMIEA9E.tmp moved successfully.
C:\Windows\TEMP\DMIEADD.tmp moved successfully.
C:\Windows\TEMP\DMIEBF6.tmp moved successfully.
C:\Windows\TEMP\DMIEC25.tmp moved successfully.
C:\Windows\TEMP\DMIEC34.tmp moved successfully.
C:\Windows\TEMP\DMIEC44.tmp moved successfully.
C:\Windows\TEMP\DMIEC54.tmp moved successfully.
C:\Windows\TEMP\DMIEC73.tmp moved successfully.
C:\Windows\TEMP\DMIEC82.tmp moved successfully.
C:\Windows\TEMP\DMIEC8D.tmp moved successfully.
C:\Windows\TEMP\DMIED0.tmp moved successfully.
C:\Windows\TEMP\DMIED2E.tmp moved successfully.
C:\Windows\TEMP\DMIED8C.tmp moved successfully.
C:\Windows\TEMP\DMIED9C.tmp moved successfully.
C:\Windows\TEMP\DMIEDEA.tmp moved successfully.
C:\Windows\TEMP\DMIEE09.tmp moved successfully.
C:\Windows\TEMP\DMIEE0A.tmp moved successfully.
C:\Windows\TEMP\DMIEE76.tmp moved successfully.
C:\Windows\TEMP\DMIEE96.tmp moved successfully.
C:\Windows\TEMP\DMIEED4.tmp moved successfully.
C:\Windows\TEMP\DMIEED5.tmp moved successfully.
C:\Windows\TEMP\DMIEF22.tmp moved successfully.
C:\Windows\TEMP\DMIEF70.tmp moved successfully.
C:\Windows\TEMP\DMIEF71.tmp moved successfully.
C:\Windows\TEMP\DMIEF90.tmp moved successfully.
C:\Windows\TEMP\DMIF01C.tmp moved successfully.
C:\Windows\TEMP\DMIF06A.tmp moved successfully.
C:\Windows\TEMP\DMIF0B9.tmp moved successfully.
C:\Windows\TEMP\DMIF107.tmp moved successfully.
C:\Windows\TEMP\DMIF136.tmp moved successfully.
C:\Windows\TEMP\DMIF1E1.tmp moved successfully.
C:\Windows\TEMP\DMIF220.tmp moved successfully.
C:\Windows\TEMP\DMIF2DB.tmp moved successfully.
C:\Windows\TEMP\DMIF32A.tmp moved successfully.
C:\Windows\TEMP\DMIF32B.tmp moved successfully.
C:\Windows\TEMP\DMIF358.tmp moved successfully.
C:\Windows\TEMP\DMIF387.tmp moved successfully.
C:\Windows\TEMP\DMIF3A7.tmp moved successfully.
C:\Windows\TEMP\DMIF3F5.tmp moved successfully.
C:\Windows\TEMP\DMIF404.tmp moved successfully.
C:\Windows\TEMP\DMIF414.tmp moved successfully.
C:\Windows\TEMP\DMIF4D.tmp moved successfully.
C:\Windows\TEMP\DMIF4DF.tmp moved successfully.
C:\Windows\TEMP\DMIF54C.tmp moved successfully.
C:\Windows\TEMP\DMIF5C9.tmp moved successfully.
C:\Windows\TEMP\DMIF608.tmp moved successfully.
C:\Windows\TEMP\DMIF637.tmp moved successfully.
C:\Windows\TEMP\DMIF6E3.tmp moved successfully.
C:\Windows\TEMP\DMIF760.tmp moved successfully.
C:\Windows\TEMP\DMIF7CD.tmp moved successfully.
C:\Windows\TEMP\DMIF83A.tmp moved successfully.
C:\Windows\TEMP\DMIF879.tmp moved successfully.
C:\Windows\TEMP\DMIF9A2.tmp moved successfully.
C:\Windows\TEMP\DMIF9F0.tmp moved successfully.
C:\Windows\TEMP\DMIFABB.tmp moved successfully.
C:\Windows\TEMP\DMIFCAF.tmp moved successfully.
C:\Windows\TEMP\DMIFCDE.tmp moved successfully.
C:\Windows\TEMP\DMIFD5B.tmp moved successfully.
C:\Windows\TEMP\DMIFDD8.tmp moved successfully.
C:\Windows\TEMP\DMIFDF7.tmp moved successfully.
C:\Windows\TEMP\DMIFE36.tmp moved successfully.
C:\Windows\TEMP\DMIFE74.tmp moved successfully.
C:\Windows\TEMP\DMIFF5F.tmp moved successfully.
C:\Windows\TEMP\HTT49FA.tmp moved successfully.
C:\Windows\TEMP\HTT4E36.tmp moved successfully.
C:\Windows\TEMP\HTT4E66.tmp moved successfully.
C:\Windows\TEMP\HTT4F42.tmp moved successfully.
C:\Windows\TEMP\HTT58A1.tmp moved successfully.
C:\Windows\TEMP\HTT7903.tmp moved successfully.
C:\Windows\TEMP\HTT8530.tmp moved successfully.
C:\Windows\TEMP\HTT941B.tmp moved successfully.
C:\Windows\TEMP\HTTDAA4.tmp moved successfully.
C:\Windows\TEMP\HTTDC27.tmp moved successfully.
C:\Windows\TEMP\NOD12AB.tmp moved successfully.
C:\Windows\TEMP\NOD2AA9.tmp moved successfully.
C:\Windows\TEMP\NOD6CB1.tmp moved successfully.
C:\Windows\TEMP\NOD6FB5.tmp moved successfully.
C:\Windows\TEMP\NODBDD6.tmp moved successfully.
C:\Windows\TEMP\NODBDD7.tmp moved successfully.
C:\Windows\TEMP\NODEC7.tmp moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41044 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Tomášek a Marcelka
->Temp folder emptied: 4613608 bytes
->Temporary Internet Files folder emptied: 10757706 bytes
->Java cache emptied: 35465651 bytes
->Flash cache emptied: 97296 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7545900 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 56,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Tomášek a Marcelka
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.22.2 log created on 03012011_160822

Files\Folders moved on Reboot...
C:\Users\Tomášek a Marcelka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C9KLZHVA\afr[1].htm moved successfully.
C:\Users\Tomášek a Marcelka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7WV8OEL8\afr[1].htm moved successfully.
C:\Users\Tomášek a Marcelka\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...

Jak se chova PC

Řekla bych, že to obecně lepší, ale ne dobré. PC je rychlejší a zdá se mi, že se zasekává míň, ale když už (třeba při otvírání stránek, nebo i čtení, psaní) pořád to trvá i desítky vteřin :-/

Doporucuji provest defragmentaci disku

• Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
  • Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
  • prepnete se do zalozky Nastroje
  • Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
  • Toto provedte se vsemi disky
• Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
  • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
  • Kliknete na Analyzovat
  • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
  • Postup provedte se vsemi disky
• Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
  • Vyhodou programku je, ze se neinstaluje
  • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
  • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
  • Probehne analyza disku a nasledne i defragmentace

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix