Svchost 100% zatizeni cpu,kontrola logu

Zpráva

Akiro · #1 Příspěvek od **Akiro** » 18 čer 2011 08:59

Dobry den potrebuji vycistit NTB s Windows 7 mesic se neuveritelne seka svchost neustale na 100% diky za pomoc

#2 Příspěvek od **vyosek** » 18 čer 2011 09:00

Zdravim a pekny den preji

Jelikoz nevime o Vasem PC nic a z kristalove koule se spatne vesti, navic pri zatazenem pocasi jake ted v okrese Kromeriz panuje, neni nic videt

Ale dosti legracek, kouknem na to

Kliknete do meho podpisu na RSIT a dejte log z nej - navod Vas povede...

Akiro · #3 Příspěvek od **Akiro** » 18 čer 2011 09:07

jj prominte,rsit mam uz stazen ale uz 5 minut je neustale stejny stav Writing Header information

NTB:Compaq PRESARIO CQ-61
4gb ram
Pentium dual Core T4300 2.1ghz

#4 Příspěvek od **vyosek** » 18 čer 2011 09:31

Prihlaste se do nouzoveho rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) a udelejte log tam

Akiro · #5 Příspěvek od **Akiro** » 18 čer 2011 09:41

nasel jsem tu na foru (asi tak 5 minut zpatky )restart pc pomohlo to takze snad topujde

Akiro · #6 Příspěvek od **Akiro** » 18 čer 2011 09:42

Logfile of random's system information tool 1.08 (written by random/random)
Run by killer at 2011-06-18 10:31:12
Microsoft Windows 7 Home Premium
System drive C: has 36 GB (8%) free of 434 GB
Total RAM: 4063 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:32:28, on 18.6.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\remoterm.exe
C:\Program Files (x86)\Hp\QuickPlay\QPService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files (x86)\Trust\Trust FF380 Force Feedback RaceMaster\UpdateDriver.exe
C:\Program Files\Axesstel\Axesstel Manager\AxessManager.exe
C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\killer.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101217183741\ICQToolBar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [Trust_WHQL_Patcher] C:\Program Files (x86)\Trust\Trust FF380 Force Feedback RaceMaster\UpdateDriver.exe /Y "TRUSTPatcher" "C:\Program Files (x86)\Trust\Trust FF380 Force Feedback RaceMaster\Patches\*.*" "C:\Windows\SysWOW64\"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RemoTerm.exe] C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Vyhledat aktualizace.lnk = C:\Program Files (x86)\Common Files\PCTV Systems\WebUpdater\WebUpdater.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Hledání panelu &AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\cs-CZ\local\search.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{1c16d152-290e-4e6d-8c8a-908972e73e2d}: NameServer = 160.218.167.5 194.228.211.33
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RelevantKnowledge - TMRG, Inc. - C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13906 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
"C:\Program Files (x86)\AVG\AVG9\avgchsva.exe"
"C:\Program Files (x86)\AVG\AVG9\avgrsa.exe"
/pipeName=2747ae93-4500-4f11-a976-846d2b753c66 /coreSdkOptions=30 /logConfFile="C:\ProgramData\avg9\temp\6e965ac9-f7e6-4f17-bade-7bf73b3a06b4-1c8-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG9\" /tempPath="C:\ProgramData\avg9\temp\"
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
taskeng.exe {811AC70F-4D7E-423D-9C0F-FF5C763D8C96}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
"C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Java\jre6\bin\jusched.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\AVG\AVG9\avgnsa.exe"
"C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\remoterm.exe"
"C:\Program Files (x86)\Hp\QuickPlay\QPService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"C:\Program Files (x86)\AVG\AVG9\avgtray.exe"
"C:\Windows\Samsung\PanelMgr\SSMMgr.exe" /autorun
"C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe" /watchfiles startup
"C:\Program Files (x86)\Trust\Trust FF380 Force Feedback RaceMaster\UpdateDriver.exe" /Y "TRUSTPatcher" "C:\Program Files (x86)\Trust\Trust FF380 Force Feedback RaceMaster\Patches\*.*" "C:\Windows\SysWOW64\"
C:\Windows\Samsung\PanelMgr\caller64.exe Samsung PanelMgr
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\RelevantKnowledge\rlservice.exe" /service
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3196
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"C:\Program Files\Axesstel\Axesstel Manager\AxessManager.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5854d7cc-5e3c-4461-a28d-c537f50868cd -SystemEventPortName:HostProcess-357a421f-34d8-4f8b-8f03-a677eb4be5d0 -IoCancelEventPortName:HostProcess-f4c556ba-8e96-45eb-8160-3346f782d270 -NonStateChangingEventPortName:HostProcess-bf191440-6d8d-4825-90f3-e5c0553c9971 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a928c15c-eccb-4a0f-afcf-6a7e06999edb
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe" -boot
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
"C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Users\killer\Desktop\RSITx64.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524

======Scheduled tasks folder======

C:\Windows\tasks\Crysis Wars(R) Updates.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-18 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar BHO - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll [2010-09-27 2102600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\20101217183741\ICQToolBar.dll [2010-10-04 1049912]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll [2010-09-27 2102600]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 2096424]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-18 171520]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-23 487424]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
""= []
"RemoTerm.exe"=C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe [2010-02-24 220944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoTerm.exe]
C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe [2010-02-24 220944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Remote Control.lnk]
C:\PROGRA~2\WinFast\DONGLE~1\DONGLE~1\RTLRCtl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk]
C:\PROGRA~2\ArcSoft\TOTALM~1.5\TMMONI~1.EXE []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QPService"=C:\Program Files (x86)\HP\QuickPlay\QPService.exe [2009-08-05 468264]
"UCam_Menu"=C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-02-17 218408]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-06-24 320056]
"UpdatePRCShortCut"=C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
""= []
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
"AVG9_TRAY"=C:\PROGRA~2\AVG\AVG9\avgtray.exe [2011-03-14 2071904]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2008-08-08 524288]
"NokiaMServer"=C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"Trust_WHQL_Patcher"=C:\Program Files (x86)\Trust\Trust FF380 Force Feedback RaceMaster\UpdateDriver.exe [2004-12-07 86016]
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2011-05-17 395144]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Vyhledat aktualizace.lnk - C:\Program Files (x86)\Common Files\PCTV Systems\WebUpdater\WebUpdater.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="avgrssta.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"WallpaperStyle"=2

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LocalAccountTokenFilterPolicy"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-06-18 10:31:14 ----D---- C:\Program Files\trend micro
2011-06-18 09:49:37 ----D---- C:\rsit
2011-06-18 09:36:27 ----SD---- C:\32788R22FWJFW
2011-06-17 20:32:55 ----D---- C:\ProgramData\Roblox
2011-06-17 20:32:55 ----D---- C:\Program Files (x86)\Roblox
2011-06-02 13:13:57 ----D---- C:\Program Files (x86)\3DO

======List of files/folders modified in the last 1 months======

2011-06-18 10:32:19 ----D---- C:\Windows\Temp
2011-06-18 10:31:14 ----RD---- C:\Program Files
2011-06-18 10:29:54 ----D---- C:\Windows\system32\config
2011-06-18 10:29:45 ----D---- C:\Windows\tracing
2011-06-18 10:29:43 ----A---- C:\ProgramData\HPWALog.txt
2011-06-18 10:29:42 ----HD---- C:\ProgramData
2011-06-18 10:29:33 ----A---- C:\ProgramData\hpqp.ini
2011-06-17 21:47:59 ----D---- C:\Users\killer\AppData\Roaming\Skype
2011-06-17 20:32:55 ----RD---- C:\Program Files (x86)
2011-06-17 20:28:51 ----D---- C:\Program Files (x86)\RelevantKnowledge
2011-06-17 20:21:16 ----SHD---- C:\Windows\Installer
2011-06-17 20:21:04 ----D---- C:\Windows\system32\Tasks
2011-06-17 20:20:38 ----RD---- C:\Program Files (x86)\Skype
2011-06-17 20:20:34 ----D---- C:\ProgramData\Skype
2011-06-17 15:31:45 ----D---- C:\Windows\system32\drivers\Avg
2011-06-16 21:27:07 ----D---- C:\Windows\SysWOW64
2011-06-15 22:04:41 ----D---- C:\Windows\System32
2011-06-15 22:04:41 ----D---- C:\Windows\inf
2011-06-15 22:04:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-06-14 15:15:28 ----D---- C:\Windows\Prefetch
2011-06-14 10:54:42 ----A---- C:\Windows\NeroDigital.ini
2011-06-13 13:59:23 ----SHD---- C:\System Volume Information
2011-06-11 10:05:19 ----D---- C:\Program Files (x86)\Ask.com
2011-06-09 12:06:46 ----HDC---- C:\ProgramData\{0151C9FC-719D-4459-B1E2-4685CC6E62A8}
2011-06-09 10:10:36 ----D---- C:\Windows\system32\catroot2
2011-06-06 21:28:34 ----D---- C:\Program Files (x86)\Steam
2011-06-02 13:15:34 ----D---- C:\Windows
2011-06-02 13:13:57 ----D---- C:\Program Files (x86)\Common Files
2011-06-01 15:18:29 ----A---- C:\ProgramData\hpqp.txt
2011-05-28 09:57:54 ----D---- C:\Program Files (x86)\VDMSound
2011-05-23 14:57:52 ----D---- C:\Windows\Minidump
2011-05-22 21:08:20 ----D---- C:\Users\killer\AppData\Roaming\ICQ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-05-26 834544]
R1 AvgLdx64;AVG Free AVI Loader Driver x64; C:\Windows\System32\Drivers\avgldx64.sys [2010-09-24 269904]
R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64; C:\Windows\System32\Drivers\avgmfx64.sys [2010-07-04 35536]
R1 AvgTdiA;AVG Free Network Redirector x64; C:\Windows\System32\Drivers\avgtdia.sys [2011-05-05 317520]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]
R3 Afc;PPdus ASPI Shell; SysWOW64\drivers\Afc.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-09-22 1484800]
R3 Axtmvflt;Axesstel USB Filter Service; C:\Windows\system32\DRIVERS\Axtmvflt.sys [2007-03-26 6144]
R3 Axtmvmdm;Axesstel USB Modem; C:\Windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 54272]
R3 Axtmvprt;Axesstel Diagnostic Port; C:\Windows\System32\Drivers\Axtmvprt.sys [2007-03-26 52224]
R3 azvusb;Virtual USB Hub; C:\Windows\system32\DRIVERS\azvusb.sys [2009-08-24 54784]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432]
R3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 30208]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2009-06-27 83488]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-06-24 216576]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-08-29 34032]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 320560]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S2 hmonitor;hmonitor; \??\C:\Windows\SysWOW64\drivers\hmonitor.sys [2004-12-22 6656]
S2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys []
S3 a8b2id0e;a8b2id0e; C:\Windows\system32\drivers\a8b2id0e.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-08-29 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-08-29 27176]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-01-03 21832]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\system32\DRIVERS\mod7700.sys [2008-06-26 698376]
S3 MODRC;PCTV Infrared Receiver; C:\Windows\system32\DRIVERS\modrc.sys [2007-10-19 24200]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-07-30 19456]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-07-30 26624]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2010-07-26 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2009-08-13 116768]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2009-08-13 38944]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-07-30 9216]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2010-07-30 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
R2 avg9wd;AVG Free WatchDog; C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-09-24 308136]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-03-24 121344]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-03-16 159336]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-05-23 66872]
R2 RelevantKnowledge;RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [2011-03-03 107136]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-01-21 247152]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [2010-03-23 247808]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-09-27 431432]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2009-05-22 250616]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2008-05-15 87288]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-01-06 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Akiro · #7 Příspěvek od **Akiro** » 18 čer 2011 09:45

teda musim rict poklona dela mi trosku problem se v tom vyznat ale to se casem nauicm ale najit co dela bordel?HM

#8 Příspěvek od **vyosek** » 18 čer 2011 09:52

Chce to mit patricna skoleni a praxi a pak uz je cteni hracka...

Trvate na antiviru AVG

U nas nepatri mezi oblibene - vysoka zatez systemu, slabsi detekce. Zvolil bych spise Avast, Aviru ci MSE

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Akiro · #9 Příspěvek od **Akiro** » 18 čer 2011 09:57

klidne muzu avg odins.a dat jiny vami doporuceny

#10 Příspěvek od **vyosek** » 18 čer 2011 09:59

Je to jen me doporuceni, je to na Vas...

pak provedte OTL jak jsem psal - nejlepe v nouzovem rezimu

Akiro · #11 Příspěvek od **Akiro** » 18 čer 2011 10:42

extras
OTL Extras logfile created on: 18.6.2011 10:56:20 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\killer\Desktop\DOWNLOAD
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,97 Gb Total Physical Memory | 2,37 Gb Available Physical Memory | 59,61% Memory free
7,93 Gb Paging File | 6,20 Gb Available in Paging File | 78,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 423,66 Gb Total Space | 35,03 Gb Free Space | 8,27% Space Free | Partition Type: NTFS
Drive D: | 12,40 Gb Total Space | 2,08 Gb Free Space | 16,76% Space Free | Partition Type: NTFS
Drive E: | 6,12 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive I: | 29,50 Gb Total Space | 2,85 Gb Free Space | 9,68% Space Free | Partition Type: NTFS
Drive J: | 1,83 Gb Total Space | 0,02 Gb Free Space | 0,94% Space Free | Partition Type: FAT

Computer Name: AKIRO | User Name: killer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"
.vbe[@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2451637961-3186344038-1414247307-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [open] -- regedit.exe "%1" File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit)
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E29B2B35-C365-4C9A-8C5C-224E3B9A9ED1}" = TVCenter
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.17
"D978F69D5F15B845BD6BC6F8BF9BCD36982A2087" = Balíček ovladače systému Windows - Nokia Modem (02/24/2009 4.0)
"E7F682214B951640C9C539C41FDA1A7F836FF7B6" = Balíček ovladače systému Windows - Nokia Modem (02/23/2009 7.01.0.2)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = Geeks3D PhysX FluidMark v1.2.2
"{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{1A4052AB-BA77-44F7-8EE7-9F9131BFD7A6}" = OF Dragon Rising
"{1E445925-273D-4186-88A0-B8D1B6B119E2}" = WRC FIA World Rally Championship
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = oZone3D.Net FurMark v1.8.2
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 20
"{28191B83-1D60-44B6-9B08-E854EF6632D5}" = Ovi Desktop Sync Engine
"{293F900D-3743-A8CC-46AD-5AFBFF8E29CF}" = muvee Reveal
"{2B653229-9854-4989-B780-D978F5F13EAB}" = FEAR
"{2E1DE390-879C-4291-9B68-DA032D2CC98E}" = AudioEdit Deluxe
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater
"{3EF79591-BF16-4CF8-8FF0-D8AD968228B1}" = Aliens vs. Predator 2
"{3F425F12-3A1B-4511-97B2-E2BB4701B745}" = Crysis Wars(R)
"{3FC42713-B6E7-49AA-A553-A224FE9828A8}" = Nokia Ovi Suite
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57030680-6253-4281-A3F3-83B090BD932B}_is1" = Crashday
"{5EA9CF76-910E-4870-A7BE-0C0A5D98BCB9}" = Advanced ID3 Tag Editor
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}" = Nokia PC Suite
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{909BBDB7-BABE-434C-9124-863A9F8D1CF8}" = FEAR Extraction Point
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}" = HP User Guides 0148
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA468551-1794-42FE-B504-C41D75EEBDF2}_is1" = Partition Wizard Home Edition 5.0
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2010.07.14
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.4 - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor
"{B60DCA15-56A3-4D2D-8747-22CF7D7B588B}" = HP Support Assistant
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6E3F2A0-DDBB-4F0A-BA7C-09138605DDAC}" = WRC FIA World Rally Championship
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C711E88C-9DC2-4254-A989-D6E017844DDF}" = Frontlines: Fuel of War
"{C72D7008-266D-4DD8-BF3C-296B736127F6}" = Mafia
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}" = FlatOut2
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{d08d9f98-1c78-4704-87e6-368b0023d831}" = RelevantKnowledge
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}" = Microsoft Games for Windows - LIVE Redistributable
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFA7F417-B0E2-4340-97C3-24A6C9497DD5}" = Trust FF380 Force Feedback RaceMaster
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{e1183fe8-2fb7-4844-b191-7a5eb8bcc150}" = Nero 9 Essentials
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E570CB6B-1CBC-4ADD-969F-7B3338A6BDB6}" = Windows Live Sync
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}" = Battlefield 2142
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AOL Toolbar" = AOL Toolbar 5.0
"Armored Fist 3" = Armored Fist 3
"AVG9Uninstall" = AVG Free 9.0
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"CCleaner" = CCleaner
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"Crysis Wars(R)" = Crysis Wars(R)
"DivX Setup.divx.com" = DivX Setup
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FFOLKES 2142 Unlocks mod v1.01" = FFOLKES 2142 Unlocks mod v1.01
"Fraps" = Fraps (remove only)
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"GameSpy Arcade" = GameSpy Arcade
"Hamachi" = Hamachi 1.0.1.5
"Hardware sensors monitor 4.2_is1" = Hardware sensors monitor 4.2
"Heroes of Might and Magic® III" = Heroes of Might and Magic® III Complete
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"ImgBurn" = ImgBurn
"Indeo® Software" = Indeo® Software
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Metin2_is1" = Metin2
"Mozilla Firefox 4.0.1 (x86 cs)" = Mozilla Firefox 4.0.1 (x86 cs)
"Mp3 Knife_is1" = Mp3 Knife 3.2
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"PunkBusterSvc" = PunkBuster Services
"Samsung CLP-310 Series" = Samsung CLP-310 Series
"Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 4.16.2.6
"Steam App 16450" = F.E.A.R. 2: Project Origin
"Steam App 34830" = Sniper: Ghost Warrior
"SystemRequirementsLab" = System Requirements Lab
"Totalcmd" = Total Commander (Remove or Repair)
"TVRTLDrv" = WinFast DTV Dongle Mini
"Update Service" = Update Service
"uTorrent" = µTorrent
"Virtual Plastic Surgery Software - VPSS_is1" = Virtual Plastic Surgery Software - VPSS v1.0
"VLC media player" = VLC media player 1.1.0
"WildTangent hp Master Uninstall" = HP Games
"Winamp" = Winamp
"Wincmd" = Windows Commander (Remove only)
"WinLiveSuite" = Windows Live Essentials
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Xfire" = Xfire (remove only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2451637961-3186344038-1414247307-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 24.2.2011 16:28:32 | Computer Name = Akiro | Source = RasClient | ID = 20227
Description =

Error - 25.2.2011 14:31:00 | Computer Name = Akiro | Source = RasClient | ID = 20227
Description =

Error - 25.2.2011 14:31:44 | Computer Name = Akiro | Source = RasClient | ID = 20227
Description =

Error - 25.2.2011 15:54:56 | Computer Name = Akiro | Source = Application Hang | ID = 1002
Description = Program wmplayer.exe verze 12.0.7600.16385 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 13d0 Čas spuštění: 01cbd51b3906a17d Čas ukončení: 1257 Cesta k aplikaci:
C:\Program Files (x86)\Windows Media Player\wmplayer.exe ID hlášení: 1b8c3098-4119-11e0-a403-ff25a50067fa

Error - 26.2.2011 4:21:28 | Computer Name = Akiro | Source = RasClient | ID = 20227
Description =

Error - 26.2.2011 7:21:30 | Computer Name = Akiro | Source = RasClient | ID = 20227
Description =

Error - 26.2.2011 7:34:26 | Computer Name = Akiro | Source = RasClient | ID = 20227
Description =

Error - 26.2.2011 7:35:14 | Computer Name = Akiro | Source = RasClient | ID = 20227
Description =

Error - 26.2.2011 7:35:34 | Computer Name = Akiro | Source = RasClient | ID = 20227
Description =

Error - 27.2.2011 11:45:39 | Computer Name = Akiro | Source = Application Error | ID = 1000
Description = Název chybující aplikace: QP.exe, verze: 3.7.0.6805, časové razítko:
0x4a7962f6 Název chybujícího modulu: CLNavX.ax, verze: 7.0.8.5403, časové razítko:
0x4a25f426 Kód výjimky: 0xc0000005 Posun chyby: 0x00011758 ID chybujícího procesu:
0x1468 Čas spuštění chybující aplikace: 0x01cbd68d8956b06f Cesta k chybující aplikaci:
C:\Program Files (x86)\Hp\QuickPlay\QP.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\HP\QuickPlay\Kernel\Movie\CLNavX.ax ID zprávy: 9fb79e5c-4288-11e0-9947-d4760c92e44c

[ Hewlett-Packard Events ]
Error - 21.7.2010 10:42:28 | Computer Name = killer-PC | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Odkaz na objekt není nastaven na instanci objektu. HPSF v HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object
sender, RoutedEventArgs e) v System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object
target, RoutedEventArgs routedEventArgs) v System.Windows.EventRoute.InvokeHandlersImpl(Object
source, RoutedEventArgs args, Boolean reRaised) v System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) v System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) v System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) v System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) v MS.Internal.LoadedOrUnloadedOperation.DoWork() v System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

v System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() v System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) v System.Windows.Media.MediaContext.AnimatedRenderMessageHandler(Object
resizedCompositionTarget) v System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) v System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)

Error - 7.8.2010 8:30:48 | Computer Name = killer-PC | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Soubor C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml
nebyl nalezen. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)

v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamReader..ctor(String
path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize)

v System.IO.StreamReader..ctor(String path, Encoding encoding) v System.IO.File.ReadAllText(String
path, Encoding encoding) v n.a()

Error - 9.10.2010 8:23:56 | Computer Name = killer-PC | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Soubor C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml
nebyl nalezen. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)

v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamReader..ctor(String
path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize)

v System.IO.StreamReader..ctor(String path, Encoding encoding) v System.IO.File.ReadAllText(String
path, Encoding encoding) v n.a()

Error - 23.10.2010 13:10:20 | Computer Name = killer-PC | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Soubor C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml
nebyl nalezen. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)

v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamReader..ctor(String
path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize)

v System.IO.StreamReader..ctor(String path, Encoding encoding) v System.IO.File.ReadAllText(String
path, Encoding encoding) v n.a()

Error - 20.11.2010 9:11:34 | Computer Name = Akiro | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Soubor C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml
nebyl nalezen. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)

v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamReader..ctor(String
path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize)

v System.IO.StreamReader..ctor(String path, Encoding encoding) v System.IO.File.ReadAllText(String
path, Encoding encoding) v n.a()

Error - 4.12.2010 9:40:22 | Computer Name = Akiro | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Soubor C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml
nebyl nalezen. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)

v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamReader..ctor(String
path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize)

v System.IO.StreamReader..ctor(String path, Encoding encoding) v System.IO.File.ReadAllText(String
path, Encoding encoding) v n.a()

Error - 18.12.2010 9:09:50 | Computer Name = Akiro | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Soubor C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml
nebyl nalezen. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)

v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamReader..ctor(String
path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize)

v System.IO.StreamReader..ctor(String path, Encoding encoding) v System.IO.File.ReadAllText(String
path, Encoding encoding) v n.a()

Error - 23.5.2011 13:17:04 | Computer Name = Akiro | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Odkaz na objekt není nastaven na instanci objektu. HPSF v HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object
sender, RoutedEventArgs e) v System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object
target, RoutedEventArgs routedEventArgs) v System.Windows.EventRoute.InvokeHandlersImpl(Object
source, RoutedEventArgs args, Boolean reRaised) v System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) v System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) v System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) v System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) v MS.Internal.LoadedOrUnloadedOperation.DoWork() v System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

v System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() v System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) v System.Windows.Media.MediaContext.AnimatedRenderMessageHandler(Object
resizedCompositionTarget) v System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) v System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)

[ Media Center Events ]
Error - 21.8.2010 5:09:18 | Computer Name = killer-PC | Source = MCUpdate | ID = 0
Description = 11:09:17 - Chyba při připojování k Internetu 11:09:17 - Nelze kontaktovat
server..

Error - 20.10.2010 10:57:29 | Computer Name = killer-PC | Source = MCUpdate | ID = 0
Description = 16:57:28 - Chyba při připojování k Internetu 16:57:28 - Nelze kontaktovat
server..

Error - 1.2.2011 3:07:20 | Computer Name = Akiro | Source = MCUpdate | ID = 0
Description = 8:07:19 - Chyba při připojování k Internetu 8:07:19 - Nelze kontaktovat
server..

Error - 16.2.2011 3:47:48 | Computer Name = Akiro | Source = MCUpdate | ID = 0
Description = 8:47:46 - Chyba při připojování k Internetu 8:47:46 - Nelze kontaktovat
server..

Error - 16.2.2011 4:47:55 | Computer Name = Akiro | Source = MCUpdate | ID = 0
Description = 9:47:55 - Chyba při připojování k Internetu 9:47:55 - Nelze kontaktovat
server..

Error - 3.3.2011 11:40:53 | Computer Name = Akiro | Source = MCUpdate | ID = 0
Description = 16:40:52 - Chyba při připojování k Internetu 16:40:53 - Nelze kontaktovat
server..

Error - 18.3.2011 10:20:35 | Computer Name = Akiro | Source = MCUpdate | ID = 0
Description = 15:20:34 - Chyba při připojování k Internetu 15:20:35 - Nelze kontaktovat
server..

Error - 18.3.2011 11:20:46 | Computer Name = Akiro | Source = MCUpdate | ID = 0
Description = 16:20:45 - Chyba při připojování k Internetu 16:20:46 - Nelze kontaktovat
server..

Error - 18.3.2011 12:20:54 | Computer Name = Akiro | Source = MCUpdate | ID = 0
Description = 17:20:54 - Chyba při připojování k Internetu 17:20:54 - Nelze kontaktovat
server..

Error - 18.3.2011 13:21:05 | Computer Name = Akiro | Source = MCUpdate | ID = 0
Description = 18:21:03 - Chyba při připojování k Internetu 18:21:03 - Nelze kontaktovat
server..

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Akiro · #12 Příspěvek od **Akiro** » 18 čer 2011 10:44

OTL log je moc velky nahrano na uloz to odkaz zde: http://www.uloz.to/9409565/otl-txt

#13 Příspěvek od **vyosek** » 18 čer 2011 10:45

Rozdelte jej prosim do vice prispevku

Akiro · #14 Příspěvek od **Akiro** » 18 čer 2011 10:47

zadny problem Cast 1

OTL logfile created on: 18.6.2011 10:56:20 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\killer\Desktop\DOWNLOAD
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,97 Gb Total Physical Memory | 2,37 Gb Available Physical Memory | 59,61% Memory free
7,93 Gb Paging File | 6,20 Gb Available in Paging File | 78,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 423,66 Gb Total Space | 35,03 Gb Free Space | 8,27% Space Free | Partition Type: NTFS
Drive D: | 12,40 Gb Total Space | 2,08 Gb Free Space | 16,76% Space Free | Partition Type: NTFS
Drive E: | 6,12 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive I: | 29,50 Gb Total Space | 2,85 Gb Free Space | 9,68% Space Free | Partition Type: NTFS
Drive J: | 1,83 Gb Total Space | 0,02 Gb Free Space | 0,94% Space Free | Partition Type: FAT

Computer Name: AKIRO | User Name: killer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.06.18 10:54:46 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\killer\Desktop\DOWNLOAD\OTL.exe
PRC - [2011.05.06 22:09:35 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.03.14 22:13:58 | 002,071,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
PRC - [2011.03.03 21:20:35 | 000,107,136 | ---- | M] (TMRG, Inc.) -- C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
PRC - [2011.03.03 21:20:33 | 002,548,864 | ---- | M] (TMRG, Inc.) -- C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
PRC - [2010.11.23 18:49:24 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.09.24 19:58:36 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
PRC - [2010.05.23 12:41:43 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.02.24 11:34:36 | 000,220,944 | ---- | M] (PCTV Systems S.à r.l.) -- C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\remoterm.exe
PRC - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.07.20 12:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008.08.08 07:03:41 | 000,524,288 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2008.06.19 07:14:02 | 006,692,864 | ---- | M] (Axesstel,Inc.) -- C:\Program Files\Axesstel\Axesstel Manager\AxessManager.exe
PRC - [2004.12.07 23:24:22 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Trust\Trust FF380 Force Feedback RaceMaster\UpdateDriver.exe

========== Modules (SafeList) ==========

MOD - [2011.06.18 10:54:46 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\killer\Desktop\DOWNLOAD\OTL.exe
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.03.23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.03.02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)
SRV - [2011.03.03 21:20:35 | 000,107,136 | ---- | M] (TMRG, Inc.) [Auto | Running] -- C:\Program Files (x86)\RelevantKnowledge\rlservice.exe -- (RelevantKnowledge)
SRV - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.09.27 13:32:38 | 000,431,432 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010.09.24 19:58:36 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010.05.23 12:41:43 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.07.20 12:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.22 20:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008.05.15 10:29:18 | 000,087,288 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.05.05 16:28:18 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (AvgTdiA)
DRV:64bit: - [2010.11.09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010.09.24 19:58:05 | 000,269,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (AvgLdx64)
DRV:64bit: - [2010.08.29 16:43:16 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2010.08.29 16:42:40 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2010.08.29 16:42:40 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2010.07.30 15:18:04 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2010.07.30 15:18:02 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.07.30 15:18:00 | 000,026,624 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010.07.30 15:17:56 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.07.26 13:24:58 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2010.07.04 09:26:24 | 000,035,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (AvgMfx64)
DRV:64bit: - [2010.05.27 22:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.05.26 18:32:57 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.04.09 14:17:04 | 000,019,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2010.04.09 14:16:58 | 000,013,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2010.03.23 14:53:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010.01.03 20:11:12 | 000,021,832 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.10.10 04:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.09.22 02:47:14 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.08.24 09:14:30 | 000,054,784 | ---- | M] (AzureWave Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\azvusb.sys -- (azvusb)
DRV:64bit: - [2009.08.13 14:40:10 | 000,038,944 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV:64bit: - [2009.08.13 14:40:08 | 000,116,768 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.06.27 16:55:10 | 000,083,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009.06.24 21:00:18 | 000,216,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2009.04.29 08:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009.03.01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.06.26 14:23:12 | 000,698,376 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mod7700.sys -- (mod7700)
DRV:64bit: - [2007.10.19 13:22:04 | 000,024,200 | ---- | M] (DiBcom S.A.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modrc.sys -- (MODRC)
DRV:64bit: - [2007.03.26 08:40:22 | 000,006,144 | ---- | M] (Axesstel) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Axtmvflt.sys -- (Axtmvflt)
DRV:64bit: - [2007.03.26 08:32:44 | 000,052,224 | ---- | M] (Axesstel) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Axtmvprt.sys -- (Axtmvprt)
DRV:64bit: - [2007.03.26 08:31:00 | 000,054,272 | ---- | M] (Axesstel) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Axtmvmdm.sys -- (Axtmvmdm)
DRV - [2004.12.22 20:45:14 | 000,006,656 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\Hmonitor.sys -- (hmonitor)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb

IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101217183741\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101217183741\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2451637961-3186344038-1414247307-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-2451637961-3186344038-1414247307-1000\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-2451637961-3186344038-1414247307-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2451637961-3186344038-1414247307-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Hunt TB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.2
FF - prefs.js..extensions.enabledItems: {27A2FD41-CB23-4518-AB5C-C25BAFFDE531}:1.4.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: avg@igeared:4.906.030.003
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: {6E19037A-12E3-4295-8915-ED48BC341614}:1.3.329.2
FF - prefs.js..keyword.URL: "http://www.webhledani.cz/results.aspx?i=39&tp=ab&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.01.07 17:16:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010.10.01 17:02:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\support@predictad.com: C:\Program Files (x86)\AutocompletePro\support@predictad.com
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.02.22 20:40:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files (x86)\RelevantKnowledge [2011.06.17 20:28:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.05.06 22:09:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.14 14:44:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.02.22 20:40:17 | 000,000,000 | ---D | M]

[2010.05.05 06:33:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\killer\AppData\Roaming\mozilla\Extensions
[2011.05.07 21:43:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\killer\AppData\Roaming\mozilla\Firefox\Profiles\zpsev03t.default\extensions
[2010.06.17 19:00:34 | 000,000,000 | ---D | M] (SwitchProxy Tool) -- C:\Users\killer\AppData\Roaming\mozilla\Firefox\Profiles\zpsev03t.default\extensions\{27A2FD41-CB23-4518-AB5C-C25BAFFDE531}
[2011.05.07 21:43:54 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\killer\AppData\Roaming\mozilla\Firefox\Profiles\zpsev03t.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.05.07 10:34:07 | 000,000,000 | ---D | M] (Hunt TB Community Toolbar) -- C:\Users\killer\AppData\Roaming\mozilla\Firefox\Profiles\zpsev03t.default\extensions\{d3f4b70a-92e0-4393-a0f3-976d03b1ebf5}
[2011.05.07 10:34:06 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\killer\AppData\Roaming\mozilla\Firefox\Profiles\zpsev03t.default\extensions\engine@conduit.com
[2011.06.11 10:29:44 | 000,000,000 | ---D | M] ("Nero Toolbar") -- C:\Users\killer\AppData\Roaming\mozilla\Firefox\Profiles\zpsev03t.default\extensions\toolbar@ask.com
[2011.03.21 15:52:04 | 000,000,917 | ---- | M] () -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\searchplugins\conduit.xml
[2010.05.26 18:33:05 | 000,002,059 | ---- | M] () -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\searchplugins\daemon-search.xml
[2011.06.17 20:02:16 | 000,000,950 | ---- | M] () -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\searchplugins\icqplugin-1.xml
[2011.03.05 08:38:39 | 000,000,950 | ---- | M] () -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\searchplugins\icqplugin-10.xml
[2011.03.22 20:20:37 | 000,000,950 | ---- | M] () -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\searchplugins\icqplugin-11.xml
[2011.03.26 11:51:06 | 000,000,950 | ---- | M] () -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\searchplugins\icqplugin-12.xml
[2011.05.06 22:10:21 | 000,000,950 | ---- | M] () -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\searchplugins\icqplugin-13.xml
[2011.05.08 09:12:53 | 000,000,950 | ---- | M] () -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\searchplugins\icqplugin-14.xml
[2010.07.04 09:51:14 | 000,000,950 | ---- | M] () -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\searchplugins\icqplugin-2.xml
[2010.07.25 13:02:56 | 000,000,950 | ---- | M] () -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\searchplugins\icqplugin-3.xml
[2010.09.09 21:44:24 | 000,000,950 | ---- | M] () -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\searchplugins\icqplugin-4.xml
[2010.09.17 17:09:39 | 000,000,950 | ---- | M] () -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\searchplugins\icqplugin-5.xml
[2010.10.01 17:49:54 | 000,000,950 | ---- | M] () -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\searchplugins\icqplugin-6.xml
[2010.10.29 14:22:10 | 000,000,950 | ---- | M] () -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\searchplugins\icqplugin-7.xml
[2010.12.10 22:37:02 | 000,000,950 | ---- | M] () -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\searchplugins\icqplugin-8.xml
[2011.03.04 16:44:39 | 000,000,950 | ---- | M] () -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\searchplugins\icqplugin-9.xml
[2010.06.27 12:59:16 | 000,000,947 | ---- | M] () -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\searchplugins\icqplugin.xml
[2011.05.06 21:08:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.07.02 20:28:34 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.05.06 06:26:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) --
[2011.06.17 20:28:51 | 000,000,000 | ---D | M] (RelevantKnowledge) -- C:\PROGRAM FILES (X86)\RELEVANTKNOWLEDGE
[2011.05.06 22:09:35 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.08.03 16:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npOGAPlugin.dll
[2011.03.22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
[2011.05.06 22:09:37 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\heureka-cz.xml
[2011.05.06 22:09:37 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.04.01 18:51:34 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2011.05.06 22:09:37 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2011.05.06 22:09:37 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2011.05.06 22:09:37 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101217183741\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-21-2451637961-3186344038-1414247307-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-2451637961-3186344038-1414247307-1000\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O3 - HKU\S-1-5-21-2451637961-3186344038-1414247307-1000\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-2451637961-3186344038-1414247307-1000\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2451637961-3186344038-1414247307-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [Trust_WHQL_Patcher] C:\Program Files (x86)\Trust\Trust FF380 Force Feedback RaceMaster\UpdateDriver.exe ()
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] File not found
O4 - HKU\S-1-5-21-2451637961-3186344038-1414247307-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-2451637961-3186344038-1414247307-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2451637961-3186344038-1414247307-1000..\Run: [RemoTerm.exe] C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\remoterm.exe (PCTV Systems S.à r.l.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LocalAccountTokenFilterPolicy = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O7 - HKU\S-1-5-21-2451637961-3186344038-1414247307-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2451637961-3186344038-1414247307-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O8:64bit: - Extra context menu item: Hledání panelu &AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\cs-CZ\local\search.html ()
O8 - Extra context menu item: Hledání panelu &AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\cs-CZ\local\search.html ()
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O18:64bit: - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20 - HKLM Winlogon: UserInit - (userinit.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found
O29 - HKLM SecurityProviders - (credssp.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1b6addba-68e5-11df-bc66-00269e7ba20a}\Shell - "" = AutoRun
O33 - MountPoints2\{1b6addba-68e5-11df-bc66-00269e7ba20a}\Shell\AutoRun\command - "" = F:\TDR2000Menu.exe
O33 - MountPoints2\{9736ad3a-5ddb-11df-b571-00269e7ba20a}\Shell - "" = AutoRun
O33 - MountPoints2\{9736ad3a-5ddb-11df-b571-00269e7ba20a}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a04dfd70-61c7-11df-b63d-00269e7ba20a}\Shell - "" = AutoRun
O33 - MountPoints2\{a04dfd70-61c7-11df-b63d-00269e7ba20a}\Shell\AutoRun\command - "" = H:\Axesstel_Setup.exe
O33 - MountPoints2\{d8766c46-fdab-11de-b819-cc0fd32197b3}\Shell - "" = AutoRun
O33 - MountPoints2\{d8766c46-fdab-11de-b819-cc0fd32197b3}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{e8e0374c-5ddd-11df-b6c9-00269e7ba20a}\Shell - "" = AutoRun
O33 - MountPoints2\{e8e0374c-5ddd-11df-b6c9-00269e7ba20a}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{e8e03777-5ddd-11df-b6c9-00269e7ba20a}\Shell - "" = AutoRun
O33 - MountPoints2\{e8e03777-5ddd-11df-b6c9-00269e7ba20a}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

Drivers32:64bit: midi - File not found
Drivers32:64bit: midi1 - File not found
Drivers32:64bit: midimapper - File not found
Drivers32:64bit: mixer - File not found
Drivers32:64bit: mixer1 - File not found
Drivers32:64bit: msacm.imaadpcm - File not found
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.msadpcm - File not found
Drivers32:64bit: msacm.msg711 - File not found
Drivers32:64bit: msacm.msgsm610 - File not found
Drivers32:64bit: MSVideo8 - File not found
Drivers32:64bit: VIDC.FPS1 - File not found
Drivers32:64bit: vidc.i420 - File not found
Drivers32:64bit: VIDC.IYUV - File not found
Drivers32:64bit: vidc.mrle - File not found
Drivers32:64bit: vidc.msvc - File not found
Drivers32:64bit: VIDC.UYVY - File not found
Drivers32:64bit: VIDC.YUY2 - File not found
Drivers32:64bit: VIDC.YVU9 - File not found
Drivers32:64bit: VIDC.YVYU - File not found
Drivers32:64bit: wave - File not found
Drivers32:64bit: wave1 - File not found
Drivers32:64bit: wavemapper - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2011.06.18 10:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
[2011.06.18 10:31:14 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.06.18 09:49:37 | 000,000,000 | ---D | C] -- C:\rsit
[2011.06.18 09:40:00 | 000,000,000 | --SD | C] -- C:\Users\killer\Desktop\32788R22FWJFW
[2011.06.18 09:38:30 | 004,130,419 | R--- | C] (Swearware) -- C:\Users\killer\Desktop\ComboFix.exe
[2011.06.18 09:36:27 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2011.06.17 20:32:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Roblox
[2011.06.17 20:32:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roblox
[2011.06.17 20:20:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.06.16 21:27:07 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.06.18 10:38:35 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.18 10:38:35 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.18 10:29:33 | 000,000,255 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2011.06.18 10:29:17 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011.06.18 10:27:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.18 10:27:07 | 3195,211,776 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.18 09:49:23 | 000,832,273 | ---- | M] () -- C:\Users\killer\Desktop\RSITx64.exe
[2011.06.18 09:36:05 | 004,130,419 | R--- | M] (Swearware) -- C:\Users\killer\Desktop\ComboFix.exe
[2011.06.17 22:39:22 | 007,606,113 | ---- | M] () -- C:\Users\killer\Desktop\unknown-error-the-yearning-apex-vip.mp3
[2011.06.17 22:36:03 | 012,388,352 | ---- | M] () -- C:\Users\killer\Desktop\Seba fade OUT.mp3
[2011.06.17 22:11:41 | 008,024,294 | ---- | M] () -- C:\Users\killer\Desktop\B-Complex - Girl With Flower.mp3
[2011.06.17 21:48:28 | 012,974,744 | ---- | M] () -- C:\Users\killer\Desktop\102-b_complex-beautiful_lies-ukdnb.mp3
[2011.06.17 21:35:13 | 009,265,015 | ---- | M] () -- C:\Users\killer\Desktop\b-complex-sober-yet-overdosed.mp3
[2011.06.17 21:32:45 | 009,296,710 | ---- | M] () -- C:\Users\killer\Desktop\Gold RUsh.mp3
[2011.06.17 21:14:43 | 005,691,982 | ---- | M] () -- C:\Users\killer\Desktop\Duo Infernale - Lost in the World.mp3
[2011.06.17 21:10:19 | 006,803,456 | ---- | M] () -- C:\Users\killer\Desktop\London Electricity - Just One Second.mp3
[2011.06.17 21:04:37 | 004,597,760 | ---- | M] () -- C:\Users\killer\Desktop\B-complex Acrisma Redlolee - Fragmenty.mp3
[2011.06.17 20:48:13 | 005,305,815 | ---- | M] () -- C:\Users\killer\Desktop\b-complex-three-dots.mp3
[2011.06.17 20:20:39 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.06.17 15:31:29 | 078,093,566 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2011.06.16 21:27:07 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.06.15 22:04:41 | 001,473,146 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.06.15 22:04:41 | 000,631,354 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.06.15 22:04:41 | 000,615,958 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.06.15 22:04:41 | 000,123,762 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.06.15 22:04:41 | 000,107,594 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.06.15 20:56:57 | 004,849,707 | ---- | M] () -- C:\Users\killer\Desktop\black-eyed-peas-just-can.mp3
[2011.06.14 15:07:02 | 051,618,806 | ---- | M] () -- C:\Users\killer\Desktop\Prace_(converted).avi
[2011.06.14 13:07:28 | 050,041,613 | ---- | M] () -- C:\Users\killer\Desktop\Prace.mp4
[2011.06.14 10:54:42 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011.06.14 10:54:42 | 000,000,116 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011.06.13 22:25:03 | 000,007,648 | ---- | M] () -- C:\Users\killer\AppData\Local\Resmon.ResmonCfg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.06.18 10:00:22 | 000,832,273 | ---- | C] () -- C:\Users\killer\Desktop\RSITx64.exe
[2011.06.17 22:39:22 | 007,606,113 | ---- | C] () -- C:\Users\killer\Desktop\unknown-error-the-yearning-apex-vip.mp3
[2011.06.17 22:37:50 | 008,024,294 | ---- | C] () -- C:\Users\killer\Desktop\B-Complex - Girl With Flower.mp3
[2011.06.17 22:36:02 | 012,388,352 | ---- | C] () -- C:\Users\killer\Desktop\Seba fade OUT.mp3
[2011.06.17 21:48:59 | 012,974,744 | ---- | C] () -- C:\Users\killer\Desktop\102-b_complex-beautiful_lies-ukdnb.mp3
[2011.06.17 21:35:56 | 004,597,760 | ---- | C] () -- C:\Users\killer\Desktop\B-complex Acrisma Redlolee - Fragmenty.mp3
[2011.06.17 21:35:44 | 009,265,015 | ---- | C] () -- C:\Users\killer\Desktop\b-complex-sober-yet-overdosed.mp3
[2011.06.17 21:33:14 | 009,296,710 | ---- | C] () -- C:\Users\killer\Desktop\Gold RUsh.mp3
[2011.06.17 21:28:47 | 006,803,456 | ---- | C] () -- C:\Users\killer\Desktop\London Electricity - Just One Second.mp3
[2011.06.17 21:28:38 | 005,305,815 | ---- | C] () -- C:\Users\killer\Desktop\b-complex-three-dots.mp3
[2011.06.17 21:28:33 | 005,691,982 | ---- | C] () -- C:\Users\killer\Desktop\Duo Infernale - Lost in the World.mp3
[2011.06.17 20:20:39 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.06.15 21:03:21 | 004,849,707 | ---- | C] () -- C:\Users\killer\Desktop\black-eyed-peas-just-can.mp3
[2011.06.14 15:07:00 | 051,618,806 | ---- | C] () -- C:\Users\killer\Desktop\Prace_(converted).avi
[2011.06.14 15:05:07 | 050,041,613 | ---- | C] () -- C:\Users\killer\Desktop\Prace.mp4
[2011.03.16 21:01:28 | 000,000,018 | ---- | C] () -- C:\Windows\gfact.ini
[2011.02.10 18:49:54 | 000,000,322 | ---- | C] () -- C:\Windows\wininit.ini
[2011.01.31 21:07:14 | 000,006,656 | ---- | C] () -- C:\Windows\SysWow64\drivers\Hmonitor.sys
[2011.01.21 22:59:55 | 000,005,632 | ---- | C] () -- C:\Users\killer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.21 22:55:30 | 000,000,055 | ---- | C] () -- C:\Windows\videotoaudio.ini
[2011.01.21 22:54:37 | 000,000,005 | ---- | C] () -- C:\Windows\SysWow64\SySatm.dat
[2011.01.20 17:10:37 | 008,676,883 | ---- | C] () -- C:\Windows\SysWow64\NCMedia2.dll
[2011.01.20 17:10:37 | 000,758,018 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.01.20 17:10:37 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.01.16 14:22:13 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.01.16 14:12:04 | 001,503,232 | ---- | C] () -- C:\Windows\SysWow64\ptj.exe
[2011.01.16 14:12:04 | 001,103,360 | ---- | C] () -- C:\Windows\SysWow64\cidfont.dll

Akiro · #15 Příspěvek od **Akiro** » 18 čer 2011 10:48

[2011.01.16 14:12:03 | 004,369,408 | ---- | C] () -- C:\Windows\SysWow64\pdftk.exe
[2011.01.16 14:12:03 | 000,235,008 | ---- | C] () -- C:\Windows\SysWow64\office.exe
[2011.01.11 17:39:59 | 000,000,094 | ---- | C] () -- C:\Users\killer\AppData\Local\fusioncache.dat
[2011.01.11 17:35:06 | 000,000,058 | ---- | C] () -- C:\Windows\SysWow64\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011.01.11 17:35:06 | 000,000,058 | ---- | C] () -- C:\Users\killer\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2010.11.16 15:31:01 | 000,000,000 | ---- | C] () -- C:\Users\killer\AppData\Roaming\wklnhst.dat
[2010.10.22 22:58:04 | 000,000,200 | ---- | C] () -- C:\Windows\AUDC80UI.dat
[2010.09.04 17:14:01 | 000,479,232 | ---- | C] () -- C:\Windows\ssndii.exe
[2010.07.02 20:30:52 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.05.29 21:18:52 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.05.27 17:07:18 | 000,000,117 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2010.05.26 18:47:24 | 000,000,430 | ---- | C] () -- C:\Windows\wincmd.ini
[2010.05.23 12:45:00 | 001,497,316 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.05.23 12:41:48 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.05.23 12:41:43 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.05.23 12:41:42 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.05.18 20:21:14 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.05.18 16:18:04 | 000,007,648 | ---- | C] () -- C:\Users\killer\AppData\Local\Resmon.ResmonCfg
[2010.05.15 18:34:52 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2010.01.18 13:42:06 | 000,034,666 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.01.07 23:26:27 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2010.01.04 16:31:43 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2010.01.04 16:31:43 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2010.01.04 16:31:43 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2010.01.02 12:14:54 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2009.09.25 01:54:18 | 000,000,255 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2009.07.15 17:50:42 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009.07.13 23:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009.07.13 23:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009.07.13 23:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009.07.13 23:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.10.12 23:20:06 | 000,151,417 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2007.08.23 18:55:34 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2007.07.23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2007.07.23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2007.07.23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2006.09.24 20:37:00 | 000,169,472 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2006.06.29 12:19:26 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\id3vx_ocx.dll
[2002.08.29 19:33:56 | 000,319,488 | R--- | C] () -- C:\Windows\SysWow64\MafiaSetup.exe
[2002.08.29 19:33:56 | 000,319,488 | ---- | C] () -- C:\Users\killer\AppData\Roaming\MafiaSetup.exe
[2001.01.12 11:52:26 | 000,044,032 | ---- | C] () -- C:\Windows\SysWow64\vbpng1.dll
[2001.01.12 11:49:38 | 000,021,504 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll

========== LOP Check ==========

[2010.10.24 13:22:59 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\BlackBean
[2011.01.11 17:41:16 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Cropper
[2010.05.03 19:04:56 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\DAEMON Tools
[2010.05.10 11:52:14 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\DAEMON Tools Lite
[2011.01.11 17:35:06 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\DonationCoder
[2010.06.25 12:44:38 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Facebook
[2010.07.23 11:23:40 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Free Mp3 Wma Ogg Converter
[2010.11.07 11:49:02 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\FreeMoviesToDVD
[2010.11.06 15:28:05 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\GHISLER
[2010.05.27 13:53:25 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\GrabPro
[2010.07.28 13:10:13 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\HideIP
[2011.05.22 21:08:20 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\ICQ
[2010.10.11 16:53:10 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\ImgBurn
[2010.07.11 12:11:13 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Jpeg Resampler
[2011.01.04 23:49:23 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Nokia
[2011.01.04 23:49:25 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Nokia Ovi Suite
[2010.12.25 01:26:54 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\OpenCandy
[2010.05.27 15:03:30 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Orbit
[2010.01.07 17:18:53 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\PC Suite
[2011.02.23 22:49:32 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Registry Mechanic
[2010.05.12 17:39:16 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Telefónica Móviles
[2010.01.07 17:55:38 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Tunngle
[2011.05.07 20:04:18 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\uTorrent
[2010.05.06 16:37:56 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\WildTangent
[2011.05.01 18:45:38 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Windows Live Writer
[2010.05.14 21:10:37 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Xilisoft Corporation
[2011.06.09 12:06:47 | 000,000,296 | ---- | M] () -- C:\Windows\Tasks\Crysis Wars(R) Updates.job
[2011.06.12 12:13:59 | 000,032,616 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"" =
"RemoTerm.exe" = C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe -- [2010.02.24 11:34:36 | 000,220,944 | ---- | M] (PCTV Systems S.à r.l.)

< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2010.11.27 20:09:24 | 001,000,000 | ---- | M] () -- C:\W40k.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.05.06 17:50:55 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Adobe
[2010.06.24 15:07:02 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Apple Computer
[2010.06.28 17:41:03 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\ArcSoft
[2010.10.24 13:22:59 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\BlackBean
[2011.01.11 17:41:16 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Cropper
[2011.03.17 17:41:30 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\CyberLink
[2010.05.03 19:04:56 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\DAEMON Tools
[2010.05.10 11:52:14 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\DAEMON Tools Lite
[2011.01.21 22:54:53 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\DivX
[2011.01.11 17:35:06 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\DonationCoder
[2011.05.11 21:10:38 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\dvdcss
[2010.06.25 12:44:38 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Facebook
[2010.07.23 11:23:40 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Free Mp3 Wma Ogg Converter
[2010.11.07 11:49:02 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\FreeMoviesToDVD
[2010.11.06 15:28:05 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\GHISLER
[2010.05.27 13:53:25 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\GrabPro
[2011.04.06 20:58:21 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Hamachi
[2010.05.05 16:10:22 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Hewlett-Packard
[2010.07.28 13:10:13 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\HideIP
[2010.07.14 18:28:48 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\HP Support Assistant
[2010.05.03 14:01:38 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\HP TCS
[2010.07.23 07:06:45 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\hpqlog
[2010.07.21 16:42:43 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\HpUpdate
[2011.05.22 21:08:20 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\ICQ
[2010.05.03 14:03:17 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Identities
[2010.10.11 16:53:10 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\ImgBurn
[2010.07.20 08:07:06 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\InstallShield
[2010.07.11 12:11:13 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Jpeg Resampler
[2010.05.04 09:09:41 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Macromedia
[2009.09.25 11:14:39 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Media Center Programs
[2011.04.24 19:11:54 | 000,000,000 | --SD | M] -- C:\Users\killer\AppData\Roaming\Microsoft
[2010.01.01 22:59:36 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Microsoft Games
[2010.05.05 06:33:20 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Mozilla
[2010.11.07 18:41:48 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Nero
[2011.01.04 23:49:23 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Nokia
[2011.01.04 23:49:25 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Nokia Ovi Suite
[2010.12.25 01:26:54 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\OpenCandy
[2010.05.27 15:03:30 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Orbit
[2010.01.07 17:18:53 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\PC Suite
[2011.02.23 22:49:32 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Registry Mechanic
[2010.05.04 11:59:21 | 000,000,000 | RH-D | M] -- C:\Users\killer\AppData\Roaming\SecuROM
[2011.06.17 21:47:59 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Skype
[2011.01.16 13:22:09 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\skypePM
[2010.05.12 17:39:16 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Telefónica Móviles
[2010.01.07 17:55:38 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Tunngle
[2011.05.07 20:04:18 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\uTorrent
[2011.05.11 21:12:49 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\vlc
[2010.05.06 16:37:56 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\WildTangent
[2011.05.14 14:57:53 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Winamp
[2011.05.01 18:45:38 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Windows Live Writer
[2010.05.25 11:56:51 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Xfire
[2010.05.14 21:10:37 | 000,000,000 | ---D | M] -- C:\Users\killer\AppData\Roaming\Xilisoft Corporation

< %APPDATA%\*.exe /s >
[2002.08.29 19:33:56 | 000,319,488 | ---- | M] () -- C:\Users\killer\AppData\Roaming\MafiaSetup.exe
[2010.06.25 12:44:38 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\killer\AppData\Roaming\Facebook\uninstall.exe
[2011.02.05 12:51:00 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\killer\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2010.01.02 16:09:38 | 000,011,502 | R--- | M] () -- C:\Users\killer\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\ARPPRODUCTICON.exe
[2010.01.02 16:09:38 | 000,053,248 | R--- | M] (InstallShield Software Corp.) -- C:\Users\killer\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\FlatOut2.exe1_C884B05AF5D94AE49D84E6BD9F6E7890.exe
[2010.01.02 16:09:38 | 000,053,248 | R--- | M] (InstallShield Software Corp.) -- C:\Users\killer\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\FlatOut2.exe_C884B05AF5D94AE49D84E6BD9F6E7890.exe
[2010.01.02 16:09:38 | 000,015,086 | R--- | M] () -- C:\Users\killer\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\NewShortcut5_C884B05AF5D94AE49D84E6BD9F6E7890.exe
[2010.01.02 16:09:38 | 000,008,854 | R--- | M] () -- C:\Users\killer\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\Uninstall_FlatOut2_C884B05AF5D94AE49D84E6BD9F6E7890.exe
[2011.06.08 00:11:36 | 000,052,616 | ---- | M] () -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\extensions\toolbar@ask.com\chrome\content\issigned.exe
[2011.06.08 00:35:11 | 000,345,992 | ---- | M] (Ask.com) -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\extensions\toolbar@ask.com\chrome\content\NeroApplicationManager.exe
[2011.06.11 08:16:28 | 003,486,088 | ---- | M] (Ask) -- C:\Users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\zpsev03t.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
[2010.12.25 01:27:00 | 000,349,296 | ---- | M] () -- C:\Users\killer\AppData\Roaming\OpenCandy\OpenCandy_E9B0FAAB43BF4479A2AEEAAFAA207241\DLMgr_3_1.6.87.exe
[2010.12.18 00:07:06 | 000,043,440 | ---- | M] () -- C:\Users\killer\AppData\Roaming\OpenCandy\OpenCandy_E9B0FAAB43BF4479A2AEEAAFAA207241\SpeedstarterCZ.exe
[2010.12.17 19:48:22 | 001,720,472 | ---- | M] (Speedchecker Limited ) -- C:\Users\killer\AppData\Roaming\OpenCandy\OpenCandy_E9B0FAAB43BF4479A2AEEAAFAA207241\ZrychleniPocitace.exe
[2010.12.25 01:27:42 | 001,842,096 | ---- | M] () -- C:\Users\killer\AppData\Roaming\OpenCandy\OpenCandy_E9B0FAAB43BF4479A2AEEAAFAA207241\ZrychleniPocitace_p2v1.exe

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\SysNative\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2007.05.17 21:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\drivers\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\SysNative\drivers\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.06.16 21:27:07 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:05EE1EEF
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:90EF0C9C

< End of report >

VIRY.CZ

Svchost 100% zatizeni cpu,kontrola logu

Svchost 100% zatizeni cpu,kontrola logu

Re: Svchost 100% zatizeni cpu,kontrola logu

Re: Svchost 100% zatizeni cpu,kontrola logu

Re: Svchost 100% zatizeni cpu,kontrola logu

Re: Svchost 100% zatizeni cpu,kontrola logu

Re: Svchost 100% zatizeni cpu,kontrola logu

Re: Svchost 100% zatizeni cpu,kontrola logu

Re: Svchost 100% zatizeni cpu,kontrola logu

Re: Svchost 100% zatizeni cpu,kontrola logu

Re: Svchost 100% zatizeni cpu,kontrola logu

Re: Svchost 100% zatizeni cpu,kontrola logu

Re: Svchost 100% zatizeni cpu,kontrola logu

Re: Svchost 100% zatizeni cpu,kontrola logu

Re: Svchost 100% zatizeni cpu,kontrola logu

Re: Svchost 100% zatizeni cpu,kontrola logu