Preventivka

[Geneiken]

Zdravim, prosim o preventivni prohlednuti systemu. Po startu musim cekat nekolik minut nez muzu na neco kliknout, jednoduse se ten PC freezne a chvili to trva, nekdy se to stane i uprostred dne, kdy je uz nekolik hodin zapnuty, dale sem tam skace modra smrt, uz par mesicu se to deje, prosim o zkontrolovani, diky =)

Logfile of random's system information tool 1.08 (written by random/random)
Run by Admin at 2011-06-27 14:51:16
Microsoft Windows 7 Ultimate
System drive C: has 150 GB (54%) free of 277 GB
Total RAM: 4096 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:51:19, on 27.6.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16800)
Boot mode: Normal

Running processes:
D:\Valve\Steam.exe
C:\Program Files (x86)\Auzentech\X-Fi Forte 7.1\Volume Panel\VolPanlu.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 67.221.174.30 tagged.com
O1 - Hosts: 204.9.178.11 typepad.com
O1 - Hosts: 74.113.152.32 istockphoto.com
O1 - Hosts: 208.94.0.38 yfrog.com
O1 - Hosts: 63.309.5.102 virustotal.com
O1 - Hosts: 123.125.50.22 126.com
O1 - Hosts: 174.36.28.11 SlideShare.com
O1 - Hosts: 213.238.60.190 xing.com
O1 - Hosts: 59.106.98.139 seesaa.net
O1 - Hosts: 184.72.253.170 hootsuite.com
O1 - Hosts: 211.151.146.16 soku.com
O1 - Hosts: 72.32.120.222 metacafe.com
O1 - Hosts: 9.105.6.98 bitdefender.com
O1 - Hosts: 204.11.109.133 tribalfusion.com
O1 - Hosts: 207.154.14.31tripadvisor.com
O1 - Hosts: 216.52.240.133 ustream.tv
O1 - Hosts: 174.36.244.132 linkwithin.com
O1 - Hosts: 121.67.203.61 scan.novirusthanks.org
O1 - Hosts: 209.172.34.139 imagevenue.com
O1 - Hosts: 91.206.232.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 103.67.101.13 trendmicro.com
O1 - Hosts: 208.85.40.80 pandora.com
O1 - Hosts: 194.116.241.57 softonic.com
O1 - Hosts: 208.83.243.15 match.com
O1 - Hosts: 202.57.69.84 nwt.com
O1 - Hosts: 65.11.53.80 nttnavi.com
O1 - Hosts: 72.51.41.235 nrk.no
O1 - Hosts: 110.16.19.157 nozonedata.com
O1 - Hosts: 76.106.43.251 nachtagenten.com
O1 - Hosts: 195.82.124.124 musicmatch.com
O1 - Hosts: 70.52.56.163 moscowtimes.com
O1 - Hosts: 124.217.235.76 gsn.com
O1 - Hosts: 61.178.63.198 mgd.com
O1 - Hosts: 174.142.24.205 mediastorm.hu
O1 - Hosts: 38.113.207.59 media-servers.com
O1 - Hosts: 116.66.206.161 m5prod.com
O1 - Hosts: 74.175.65.66 lupa.com
O1 - Hosts: 207.200.66.53 liveintercom.com
O1 - Hosts: 71.96.135.20 keenspace.com
O1 - Hosts: 202.51.107.37 jetsoftware.com
O1 - Hosts: 60.251.54.208 jamba.com
O1 - Hosts: 222.161.3.133 ir.com
O1 - Hosts: 200.24.227.170 investopedia.com
O1 - Hosts: 202.149.24.216 choiceradio.com
O1 - Hosts: 91.206.232.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 141.76.45.18 chip.com
O1 - Hosts: 128.006.192.15 redv.net
O1 - Hosts: 194.42.17.124 cgi.com
O1 - Hosts: 199.26.254.66 centcomm.com
O1 - Hosts: 202.149.24.216 digitallook.com
O1 - Hosts: 60.251.189.134 domainfactory.com
O1 - Hosts: 222.161.3.133 dvdfocomm.nu
O1 - Hosts: 157.95.56.15 e-kolay.com
O1 - Hosts: 85.249.23.115 eurosport.com
O1 - Hosts: 189.104.149.61 f1cd.com
O1 - Hosts: 125.162.92.234 free6.com
O1 - Hosts: 80.81.159.20 cdmworldsoftware.com
O1 - Hosts: 117.102.101.219 grafika.com
O1 - Hosts: 85.249.23.115 adware-delete.com
O1 - Hosts: 69.89.22.135 hbv.com
O1 - Hosts: 92.48.201.39 protectorsuite.com
O1 - Hosts: 128.31.1.16 howstuffworks.com
O1 - Hosts: 132.239.17.2 gns.com
O1 - Hosts: 85.249.23.117 hyena.com
O1 - Hosts: 219.139.158.59 iinfo.com67.221.174.30 tagged.com
O1 - Hosts: 204.9.178.11 typepad.com
O1 - Hosts: 74.113.152.32 istockphoto.com
O1 - Hosts: 208.94.0.38 yfrog.com
O1 - Hosts: 63.309.5.102 virustotal.com
O1 - Hosts: 123.125.50.22 126.com
O1 - Hosts: 174.36.28.11 SlideShare.com
O1 - Hosts: 213.238.60.190 xing.com
O1 - Hosts: 59.106.98.139 seesaa.net
O1 - Hosts: 184.72.253.170 hootsuite.com
O1 - Hosts: 211.151.146.16 soku.com
O1 - Hosts: 72.32.120.222 metacafe.com
O1 - Hosts: 9.105.6.98 bitdefender.com
O1 - Hosts: 204.11.109.133 tribalfusion.com
O1 - Hosts: 207.154.14.31tripadvisor.com
O1 - Hosts: 216.52.240.133 ustream.tv
O1 - Hosts: 174.36.244.132 linkwithin.com
O1 - Hosts: 121.67.203.61 scan.novirusthanks.org
O1 - Hosts: 209.172.34.139 imagevenue.com
O1 - Hosts: 91.206.232.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 103.67.101.13 trendmicro.com
O1 - Hosts: 208.85.40.80 pandora.com
O1 - Hosts: 194.116.241.57 softonic.com
O1 - Hosts: 208.83.243.15 match.com
O1 - Hosts: 202.57.69.84 nwt.com
O1 - Hosts: 65.11.53.80 nttnavi.com
O1 - Hosts: 72.51.41.235 nrk.no
O1 - Hosts: 110.16.19.157 nozonedata.com
O1 - Hosts: 76.106.43.251 nachtagenten.com
O1 - Hosts: 195.82.124.124 musicmatch.com
O1 - Hosts: 70.52.56.163 moscowtimes.com
O1 - Hosts: 124.217.235.76 gsn.com
O1 - Hosts: 61.178.63.198 mgd.com
O1 - Hosts: 174.142.24.205 mediastorm.hu
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Auzentech\X-Fi Forte 7.1\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Steam] "D:\Valve\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13906 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k LocalService
Ati2evxx.exe -Client
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1844
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"D:\Valve\Steam.exe" -silent
"C:\Program Files (x86)\Auzentech\X-Fi Forte 7.1\Volume Panel\VolPanlu.exe" /r
"C:\Windows\System32\Ctxfihlp.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Windows\SysWOW64\CTXFISPI.EXE" -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3728.5d3c400.574510145 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" "Mozilla.Firefox.5.0" -omnijar C:\Program Files (x86)\Mozilla Firefox\omni.jar 3728 \\.\pipe\gecko-crash-server-pipe.3728 plugin
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Users\Admin\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-04-14 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-01-12 2918656]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\Valve\steam.exe [2011-05-12 1242448]
"PlayNC Launcher"= []
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"=C:\Program Files (x86)\Auzentech\X-Fi Forte 7.1\Volume Panel\VolPanlu.exe [2009-05-04 241789]
"CTxfiHlp"=CTXFIHLP.EXE []
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-01-07 253672]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2008-04-17 98616]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-06-27 14:48:29 ----D---- C:\rsit
2011-06-27 14:48:29 ----D---- C:\Program Files\trend micro
2011-06-22 20:31:29 ----D---- C:\Users\Admin\AppData\Roaming\runic games
2011-06-22 20:27:07 ----D---- C:\Program Files (x86)\Runic Games
2011-06-18 14:32:48 ----D---- C:\Users\Admin\AppData\Roaming\.minecraft
2011-06-17 20:41:03 ----D---- C:\ProgramData\boost_interprocess
2011-06-17 20:38:01 ----D---- C:\ProgramData\FLEXnet
2011-06-17 20:18:38 ----D---- C:\Program Files\NVIDIA Corporation
2011-06-17 20:18:38 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2011-06-17 20:13:33 ----D---- C:\Program Files (x86)\Autodesk
2011-06-17 20:02:44 ----D---- C:\Program Files\Common Files\Softimage
2011-06-17 20:02:20 ----D---- C:\Program Files\Common Files\Alias Shared
2011-06-17 20:01:58 ----D---- C:\Program Files\Common Files\Macrovision Shared
2011-06-17 20:01:39 ----D---- C:\Program Files\Common Files\Autodesk Shared
2011-06-17 19:57:12 ----D---- C:\Program Files\Autodesk
2011-06-17 19:55:28 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2011-06-17 19:55:28 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2011-06-17 19:55:28 ----A---- C:\Windows\system32\d3dx10_40.dll
2011-06-17 19:55:28 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2011-06-17 19:55:26 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2011-06-17 19:55:26 ----A---- C:\Windows\system32\D3DX9_40.dll
2011-06-16 20:15:12 ----D---- C:\Users\Admin\AppData\Roaming\Autodesk
2011-06-16 20:15:12 ----D---- C:\ProgramData\Autodesk
2011-06-16 11:45:09 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-06-16 11:45:08 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-06-16 11:45:08 ----A---- C:\Windows\system32\drivers\afd.sys
2011-06-16 11:45:03 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-06-16 11:45:03 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-06-16 11:45:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-06-16 11:45:02 ----A---- C:\Windows\system32\win32k.sys
2011-06-16 11:45:00 ----A---- C:\Windows\system32\mshtml.dll
2011-06-16 11:44:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-06-16 11:44:57 ----A---- C:\Windows\system32\ieframe.dll
2011-06-16 11:44:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-06-16 11:44:49 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-06-16 11:44:49 ----A---- C:\Windows\system32\urlmon.dll
2011-06-16 11:44:49 ----A---- C:\Windows\system32\iertutil.dll
2011-06-16 11:44:47 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-06-16 11:44:42 ----A---- C:\Windows\system32\msfeeds.dll
2011-06-16 11:44:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-06-16 11:44:40 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-06-16 11:44:40 ----A---- C:\Windows\system32\wininet.dll
2011-06-16 11:44:39 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-06-16 11:44:39 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-06-16 11:44:39 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-06-16 11:44:39 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-06-16 11:44:39 ----A---- C:\Windows\system32\mstime.dll
2011-06-16 11:44:39 ----A---- C:\Windows\system32\ieui.dll
2011-06-16 11:44:39 ----A---- C:\Windows\system32\iepeers.dll
2011-06-16 11:44:39 ----A---- C:\Windows\system32\iedkcs32.dll
2011-06-16 11:44:38 ----A---- C:\Windows\system32\mshtmled.dll
2011-06-16 11:44:37 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-06-16 11:44:37 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-06-16 11:44:37 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-06-16 11:44:37 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-06-16 11:44:37 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-06-16 11:44:37 ----A---- C:\Windows\system32\msfeedssync.exe
2011-06-16 11:44:37 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-06-16 11:44:37 ----A---- C:\Windows\system32\licmgr10.dll
2011-06-16 11:44:37 ----A---- C:\Windows\system32\jsproxy.dll
2011-06-16 11:44:25 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-06-16 11:44:25 ----A---- C:\Windows\system32\d3d10_1.dll
2011-06-16 11:44:23 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-06-16 11:44:23 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-06-16 11:44:23 ----A---- C:\Windows\system32\drivers\srv.sys
2011-06-16 11:44:21 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-06-16 11:44:21 ----A---- C:\Windows\system32\oleaut32.dll
2011-06-16 11:44:20 ----A---- C:\Windows\system32\inetcomm.dll
2011-06-16 11:44:19 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-06-09 18:56:05 ----D---- C:\Program Files (x86)\Microsoft Works
2011-06-09 18:55:35 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2011-06-09 18:53:16 ----D---- C:\Program Files\Microsoft Office
2011-06-09 18:53:10 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-06-09 18:52:33 ----D---- C:\ProgramData\Microsoft Help
2011-06-09 18:52:33 ----D---- C:\Program Files (x86)\Microsoft Office
2011-06-09 18:50:23 ----RHD---- C:\MSOCache
2011-06-09 16:58:58 ----HD---- C:\ProgramData\CanonBJ
2011-05-29 17:35:21 ----D---- C:\ProgramData\InstallShield
2011-05-28 14:30:42 ----D---- C:\Users\Admin\AppData\Roaming\go
2011-05-28 14:30:40 ----D---- C:\ProgramData\Easybits GO

======List of files/folders modified in the last 1 months======

2011-06-27 14:51:17 ----D---- C:\Windows\Temp
2011-06-27 14:49:00 ----D---- C:\Windows\Prefetch
2011-06-27 14:48:29 ----RD---- C:\Program Files
2011-06-27 14:41:37 ----D---- C:\Windows\system32\config
2011-06-27 14:38:49 ----D---- C:\Users\Admin\AppData\Roaming\.purple
2011-06-27 13:41:49 ----D---- C:\Users\Admin\AppData\Roaming\Skype
2011-06-27 12:25:48 ----D---- C:\Program Files\Garena
2011-06-27 12:23:13 ----D---- C:\Windows\system32\Tasks
2011-06-27 00:15:15 ----D---- C:\Windows\Minidump
2011-06-27 00:15:14 ----D---- C:\Windows
2011-06-24 10:28:02 ----SHD---- C:\System Volume Information
2011-06-23 16:23:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-06-22 20:31:07 ----D---- C:\Users\Admin\AppData\Roaming\uTorrent
2011-06-22 20:27:07 ----SHD---- C:\Windows\Installer
2011-06-22 20:27:07 ----RD---- C:\Program Files (x86)
2011-06-22 20:27:02 ----D---- C:\Windows\SysWOW64
2011-06-20 19:35:45 ----D---- C:\ProgramData\Adobe
2011-06-20 19:35:02 ----SD---- C:\Users\Admin\AppData\Roaming\Microsoft
2011-06-20 19:35:02 ----D---- C:\Users\Admin\AppData\Roaming\Adobe
2011-06-20 19:33:19 ----D---- C:\Windows\winsxs
2011-06-20 19:32:48 ----D---- C:\Program Files (x86)\Adobe
2011-06-19 01:40:27 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-06-18 14:48:55 ----D---- C:\Users\Admin\AppData\Roaming\Hamachi
2011-06-17 20:41:03 ----HD---- C:\ProgramData
2011-06-17 20:08:29 ----RSD---- C:\Windows\assembly
2011-06-17 20:02:44 ----D---- C:\Program Files\Common Files
2011-06-17 20:02:44 ----D---- C:\Program Files (x86)\Common Files
2011-06-17 19:55:29 ----D---- C:\Windows\System32
2011-06-17 12:21:23 ----SD---- C:\ProgramData\Microsoft
2011-06-17 11:20:49 ----D---- C:\Windows\system32\drivers
2011-06-17 11:20:49 ----D---- C:\Program Files\Internet Explorer
2011-06-17 11:20:49 ----D---- C:\Program Files (x86)\Internet Explorer
2011-06-17 11:20:48 ----D---- C:\Windows\SYSWOW64\migration
2011-06-17 11:20:47 ----D---- C:\Windows\system32\migration
2011-06-17 11:11:26 ----A---- C:\Windows\system32\MRT.exe
2011-06-16 11:44:16 ----D---- C:\Windows\system32\catroot
2011-06-16 11:44:08 ----D---- C:\Windows\system32\catroot2
2011-06-14 18:41:50 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-06-09 23:22:50 ----RSD---- C:\Windows\Fonts
2011-06-09 23:21:28 ----A---- C:\Windows\win.ini
2011-06-09 18:55:54 ----D---- C:\Program Files (x86)\MSBuild
2011-06-09 18:55:33 ----D---- C:\Windows\ShellNew
2011-06-09 18:55:16 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-06-09 16:58:48 ----D---- C:\Windows\inf
2011-06-09 16:58:45 ----D---- C:\Windows\system32\DriverStore
2011-06-09 16:58:34 ----D---- C:\Windows\system32\FxsTmp
2011-06-08 15:28:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-06-06 19:13:43 ----D---- C:\Windows\system32\drivers\UMDF
2011-06-03 23:24:53 ----D---- C:\Windows\Logs
2011-05-30 14:20:58 ----D---- C:\Program Files\Adobe
2011-05-28 19:12:54 ----D---- C:\Program Files (x86)\Pando Networks
2011-05-28 14:35:20 ----D---- C:\Program Files (x86)\Foxit Software
2011-05-28 12:16:44 ----D---- C:\Users\Admin\AppData\Roaming\skypePM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 141264]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 170640]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-12-21 170640]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-12-21 50624]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 5352960]
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [2009-07-22 230488]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2009-07-22 695384]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS [2009-07-22 1494104]
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS [2009-07-22 95320]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2009-07-22 15960]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2009-07-22 213080]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2009-07-22 118360]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-12-21 34144]
R3 ha20x22k;Creative 20X2 HAL Driver; C:\Windows\system32\drivers\ha20x22k.sys [2009-07-22 1646680]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-05-13 33344]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2009-07-22 179800]
R3 RTL85n64;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver; C:\Windows\system32\DRIVERS\RTL85n64.sys [2009-06-10 378368]
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS [2009-07-22 230488]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2009-07-22 580696]
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS [2009-07-22 1494104]
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS [2009-07-22 95320]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2009-07-22 1602136]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2008-04-17 102712]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 952320]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-01-12 810144]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-15 2280312]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-05-12 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-05-12 79360]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 42360]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-06-17 1431888]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-12 1255736]

-----------------EOF-----------------

[vyosek]

Zdravim a pekny vecer preji

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Predpokladam, ze ten ESET Smart Security mate legalni = zakoupena licence, stejne jako tak samotne windows

[Geneiken]

Na tomhle PC jsem tak 2x do mesice, takze opravdu nevim, ale jestli je to dulezite tak se zeptam.

log tady:
info.txt logfile of random's system information tool 1.08 2011-06-27 14:48:39

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
-->"C:\Program Files (x86)\Auzentech\X-Fi Forte 7.1\Program\SETUP.EXE" /S /U /W /L:ENG
-->"C:\Program Files (x86)\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files (x86)\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files (x86)\Creative Installation Information\SBCONTROL64\Setup.exe" /remove /l0x0009
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1F3306FE-913B-4E49-B241-5A6378D4F8DD}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9605AE52-2172-448F-BE56-B2086F932412}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9605AE52-2172-448F-BE56-B2086F932412}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A888BD93-6A36-4FFF-A46B-2A85A1A34DBC}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A888BD93-6A36-4FFF-A46B-2A85A1A34DBC}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BBFEFF72-227B-4130-B6F4-6BCB66596BCB}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D695808F-752F-4D61-8DF0-8FCDB40E69EC}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D695808F-752F-4D61-8DF0-8FCDB40E69EC}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9 /remove
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10t_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CS5-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Reader X (10.1.0) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
ArcSoft MediaImpression-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{531F0013-964C-4BE6-B382-4117DC8BCDF9}\SETUP.EXE" -l0x9
Autodesk Backburner 2012.0.0-->MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379}
Autodesk DirectConnect 2012 64-bit-->C:\Program Files\Common Files\Autodesk Shared\DirectConnect2012 (64-bit)\Setup_DC\Setup\Setup.exe /P {AC3E3746-8F18-4F8A-9521-1493022C6E0A} /M DIRECTCONNECT2012 /LANG en-US
Autodesk MatchMover 2012 64-bit-->MsiExec.exe /I{4529F749-C362-4119-AFA0-0A3F1CA924AB}
Autodesk Maya 2012 64-bit-->C:\Program Files\Autodesk\Maya2012\Setup\Setup.exe /P {9E6BB4E4-0B20-4922-AA37-260FA5ACFBA5} /M Maya_win-amd64 /LANG en-US
Autodesk MotionBuilder 2012 64-bit-->MsiExec.exe /X{4CE23671-5B64-40A4-9C1E-C9217D845F32}
Autodesk Mudbox 2012 64-bit - English-->C:\Program Files\Autodesk\Mudbox 2012\Setup\Setup.exe /P {CC7C5BA5-09B5-428E-B966-42899C00BD23} /M MUDBOXx64 /LANG en-US
Autodesk Softimage 2012 64-bit-->MsiExec.exe /X{7E8B0B79-FE18-446D-A0C7-F4CD3F4964BB}
Catalyst Control Center - Branding-->MsiExec.exe /I{8D7133DE-27D2-47E5-B248-4180278D32AA}
Composite 2012 64-bit-->MsiExec.exe /I{EA234BC3-39FE-4734-B72F-076086889F6D}
Counter-Strike(TM)-->MsiExec.exe /I{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}
Creative MediaSource 5-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\setup.exe" -l0x9 /remove
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Diablo II-->C:\Windows\DIIUnin.exe C:\Windows\DIIUnin.dat
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
Dolby Digital Live Pack-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BBFEFF72-227B-4130-B6F4-6BCB66596BCB}\setup.exe" -l0x9 /remove
DTS Connect Pack-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1F3306FE-913B-4E49-B241-5A6378D4F8DD}\setup.exe" -l0x9 /remove
Epson Copy Utility 3.5-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}\SETUP.EXE" -l0x9 -UnInstall
EPSON Scan-->C:\Program Files (x86)\epson\escndv\setup\setup.exe /r
Garena 2010-->C:\Program Files (x86)\Garena\uninst.exe
Hamachi 1.0.2.5-->C:\Program Files (x86)\Hamachi\uninstall.exe
Heroes of Newerth-->D:\HoN\uninstall.exe
ImgBurn-->"C:\Program Files (x86)\ImgBurn\uninstall.exe"
Java(TM) 6 Update 25-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
League of Legends-->"C:\Program Files (x86)\InstallShield Installation Information\{918A9082-6287-4D25-9002-5E5D5E4971CB}\setup.exe" -runfromtemp -l0x0409 -removeonly
Lineage II - PTS-->C:\Program Files (x86)\InstallShield Installation Information\{430B1017-1B12-420C-8F27-05D0EC2995E0}\setup.exe -runfromtemp -l0x0009 -removeonly
Lineage® II: Freya (High Five)-->"C:\Program Files (x86)\InstallShield Installation Information\{21040472-F8DF-48A9-A093-2986C1495670}\setup.exe" -runfromtemp -l0x0409 -removeonly
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053-->MsiExec.exe /X{B6E3757B-5E77-3915-866A-CCFC4B8D194C}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175-->MsiExec.exe /X{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Mozilla Firefox 5.0 (x86 en-US)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
NCsoft Launcher-->C:\Program Files (x86)\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x0009 -removeonly
NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit-->MsiExec.exe /X{FC4AD39F-9DCE-4BD0-B7D0-7C81CEB9F04B}
OpenTTD 1.1.1-->D:\tycon\uninstall.exe
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
Pidgin-->C:\Program Files (x86)\Pidgin\pidgin-uninst.exe
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB2509488)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD0DE453-0804-4495-9C91-33D0F9AA5463}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Security Update for Microsoft Office 2007 System (KB2541012)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD907315-705A-4475-A1A0-2A1245803E4D}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB2541007)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A0173254-F442-4D04-9154-43FA157B83D0}
Security Update for Microsoft Office Groove 2007 (KB2494047)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F}
Security Update for Microsoft Office InfoPath 2007 (KB2510061)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5D930261-AA5B-48D1-931F-425C9D767490}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
Security Update for Microsoft Office Publisher 2007 (KB2284697)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A4CDE54-2403-483D-8D9A-15E3264410DF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Skype™ Beta 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
TeamViewer 6-->C:\Program Files (x86)\TeamViewer\Version6\uninstall.exe
The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
Torchlight-->C:\Program Files (x86)\Runic Games\Torchlight\uninstall.exe
Turtle for Maya Premium 2012 64-bit-->MsiExec.exe /X{58443355-8640-49E5-BDC7-479E7039F780}
Update for 2007 Microsoft Office System (KB2284654)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 System (KB2539530)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Outlook 2007 (KB2509470)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1365864D-4C58-489D-9982-844D75691CCC}
Update for Outlook 2007 Junk Email Filter (KB2536413)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {95DF5260-331D-4FFD-A2D5-C64164751945}
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Warcraft III-->C:\Windows\War3Unin.exe C:\Windows\War3Unin.dat
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1B8ABA62-74F0-47ED-B18C-A43128E591B8}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{D07A61E5-A59C-433C-BCBD-22025FA2287B}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
WinRAR 4.00 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
World of Warcraft-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\World of Warcraft (2)\Uninstall.exe
X-Fi Forte 7.1-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{08CFF9D1-BD86-4CA3-BC4A-AC51EF7640A4}\setup.exe" -l0x9 /remove

======Hosts File======

67.221.174.30 tagged.com
204.9.178.11 typepad.com
74.113.152.32 istockphoto.com
208.94.0.38 yfrog.com
63.309.5.102 virustotal.com
123.125.50.22 126.com
174.36.28.11 SlideShare.com
213.238.60.190 xing.com
59.106.98.139 seesaa.net
184.72.253.170 hootsuite.com

======System event log======

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Cryptographic Services byl změněn na: stopped
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714051424.262212-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Windows Modules Installer byl změněn na: stopped
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714051424.168612-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Software Protection byl změněn na: stopped
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714051424.059412-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Windows Event Log byl změněn na: stopped
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714051424.012612-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Volume Shadow Copy byl změněn na: stopped
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714051423.934612-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: 37L4247E29-32
Event Code: 900
Message: Služba Ochrana softwaru se spouští.

Record Number: 5
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20110512135241.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20110512135043.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20110512135038.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110512135033.382400-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247E29-32
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20110512135033.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247E29-32$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110512135015.504800-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247E29-32$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110512135015.504800-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x30783
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110512135015.114800-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110512135013.305200-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110512135013.211600-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\ArcSoft\Bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Autodesk\Backburner\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 2 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0203

-----------------EOF-----------------

[vyosek]

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  netsvcs
  drivers32
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  c:\windows\*.* /U
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  /md5start
  adp3132.sys
  AGP440.sys
  ahcix86.sys
  ahcix86s.sys
  atapi.sys
  autochk.exe
  cdrom.sys
  cngaudit.dll
  cryptsvc.dll
  eNetHook.dll
  eventlog.dll
  explorer.exe
  hal.dll
  Changer.sys
  iaStor.sys
  iastorv.sys
  IdeChnDr.sys
  isapnp.sys
  JakNDis.sys
  KR10N.sys
  logevent.dll
  lsass.exe
  mv61xx.sys
  ndis.sys
  netlogon.dll
  ntelogon.dll
  nvata.sys
  nvatabus.sys
  nvgts.sys
  nvraid.sys
  nvrd32.sys
  nvstor.sys
  nvstor32.sys
  scecli.dll
  sceclt.dll
  smss.exe
  svchost.exe
  symmpi.sys
  tcpip.sys
  userinit.exe
  vaxscsi.sys
  viamraid.sys
  viasraid.sys
  ViPrt.sys
  winlogon.exe
  ws2_32.dll
  /md5stop
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job /lockedfiles
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  CREATERESTOREPOINT

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

[Geneiken]

OTL
OTL logfile created on: 27.6.2011 19:40:43 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Admin\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,30 Gb Available Physical Memory | 57,55% Memory free
8,00 Gb Paging File | 6,10 Gb Available in Paging File | 76,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 270,45 Gb Total Space | 97,83 Gb Free Space | 36,17% Space Free | Partition Type: NTFS
Drive D: | 195,21 Gb Total Space | 125,81 Gb Free Space | 64,45% Space Free | Partition Type: NTFS

Computer Name: TRISRAM | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.06.27 19:38:18 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Downloads\OTL.exe
PRC - [2011.06.16 06:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.05.24 11:17:06 | 003,921,752 | ---- | M] (Garena Online PTE LTD) -- C:\Program Files\Garena\Garena.exe
PRC - [2011.05.19 19:48:02 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2011.05.12 17:11:01 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Valve\Steam.exe
PRC - [2011.04.15 11:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.03.21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.03.11 04:37:52 | 000,048,618 | ---- | M] (The Pidgin developer community) -- C:\Program Files (x86)\Pidgin\pidgin.exe
PRC - [2011.01.12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2009.07.22 19:35:30 | 000,025,088 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe
PRC - [2009.07.22 19:30:08 | 001,292,288 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe
PRC - [2009.05.04 19:05:04 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Auzentech\X-Fi Forte 7.1\Volume Panel\VolPanlu.exe
PRC - [2009.02.23 13:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2008.04.17 14:14:00 | 000,102,712 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008.04.17 14:14:00 | 000,098,616 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe


========== Modules (SafeList) ==========

MOD - [2011.06.27 19:38:18 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Downloads\OTL.exe
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.06.17 20:01:58 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011.01.12 16:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2011.01.12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.02.11 07:29:30 | 000,952,320 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.05.12 18:17:51 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011.05.12 18:15:39 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011.04.15 11:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.23 13:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008.04.17 14:14:00 | 000,102,712 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.05.13 15:35:28 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.21 15:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.12.21 15:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.12.21 13:47:38 | 000,170,640 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2010.12.21 13:47:38 | 000,050,624 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2010.12.21 13:47:38 | 000,034,144 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2010.02.11 09:42:54 | 005,352,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.22 22:07:56 | 001,646,680 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x22k.sys -- (ha20x22k)
DRV:64bit: - [2009.07.22 22:07:38 | 001,602,136 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:64bit: - [2009.07.22 22:07:28 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2009.07.22 22:07:18 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2009.07.22 22:07:06 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2009.07.22 22:06:58 | 000,179,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2009.07.22 22:06:48 | 000,695,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:64bit: - [2009.07.22 22:06:38 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2009.07.22 22:06:28 | 001,494,104 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:64bit: - [2009.07.22 22:06:28 | 001,494,104 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:64bit: - [2009.07.22 22:06:18 | 000,095,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:64bit: - [2009.07.22 22:06:18 | 000,095,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:64bit: - [2009.07.22 22:06:08 | 000,230,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:64bit: - [2009.07.22 22:06:08 | 000,230,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:48 | 000,378,368 | ---- | M] (Realtek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL85n64.sys -- (RTL85n64)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-941968714-4190430854-3688883015-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://start.icq.com/ [binary data]
IE - HKU\S-1-5-21-941968714-4190430854-3688883015-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
IE - HKU\S-1-5-21-941968714-4190430854-3688883015-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-941968714-4190430854-3688883015-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.2.6&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.05.20 18:45:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.05.20 18:45:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.23 16:23:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.06.20 19:33:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011.05.12 17:42:36 | 000,000,000 | ---D | M]

[2011.05.12 16:39:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Extensions
[2011.06.21 11:58:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions
[2011.06.21 11:58:02 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.05.12 17:22:59 | 000,002,059 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\searchplugins\daemon-search.xml
[2011.06.21 11:59:33 | 000,002,342 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\searchplugins\icq-search.xml
[2011.06.20 10:45:18 | 000,000,168 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\searchplugins\icqplugin.gif
[2011.06.20 10:45:18 | 000,000,618 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\searchplugins\icqplugin.src
[2011.06.23 16:23:13 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\searchplugins\icqplugin.xml
[2011.06.23 16:23:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.05.12 20:21:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) --
[2011.06.16 06:17:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011.06.27 14:59:13 | 000,021,680 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 67.221.174.30 tagged.com
O1 - Hosts: 204.9.178.11 typepad.com
O1 - Hosts: 74.113.152.32 istockphoto.com
O1 - Hosts: 208.94.0.38 yfrog.com
O1 - Hosts: 63.309.5.102 virustotal.com
O1 - Hosts: 123.125.50.22 126.com
O1 - Hosts: 174.36.28.11 SlideShare.com
O1 - Hosts: 213.238.60.190 xing.com
O1 - Hosts: 59.106.98.139 seesaa.net
O1 - Hosts: 184.72.253.170 hootsuite.com
O1 - Hosts: 211.151.146.16 soku.com
O1 - Hosts: 72.32.120.222 metacafe.com
O1 - Hosts: 9.105.6.98 bitdefender.com
O1 - Hosts: 204.11.109.133 tribalfusion.com
O1 - Hosts: 207.154.14.31tripadvisor.com
O1 - Hosts: 216.52.240.133 ustream.tv
O1 - Hosts: 174.36.244.132 linkwithin.com
O1 - Hosts: 121.67.203.61 scan.novirusthanks.org
O1 - Hosts: 209.172.34.139 imagevenue.com
O1 - Hosts: 91.206.232.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 103.67.101.13 trendmicro.com
O1 - Hosts: 208.85.40.80 pandora.com
O1 - Hosts: 194.116.241.57 softonic.com
O1 - Hosts: 208.83.243.15 match.com
O1 - Hosts: 702 more lines...
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3:64bit: - HKU\S-1-5-21-941968714-4190430854-3688883015-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Auzentech\X-Fi Forte 7.1\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-941968714-4190430854-3688883015-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-941968714-4190430854-3688883015-1000..\Run: [PlayNC Launcher] File not found
O4 - HKU\S-1-5-21-941968714-4190430854-3688883015-1000..\Run: [Steam] D:\Valve\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-941968714-4190430854-3688883015-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{59b1ba7c-7ca3-11e0-b8fb-00241d6d0751}\Shell - "" = AutoRun
O33 - MountPoints2\{59b1ba7c-7ca3-11e0-b8fb-00241d6d0751}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2011.06.27 14:48:29 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.06.27 14:48:29 | 000,000,000 | ---D | C] -- C:\rsit
[2011.06.22 20:31:29 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\runic games
[2011.06.22 20:28:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torchlight
[2011.06.22 20:27:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Runic Games
[2011.06.22 20:27:07 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Runic
[2011.06.21 16:11:53 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\OpenTTD
[2011.06.21 16:09:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD
[2011.05.12 18:19:35 | 000,014,336 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2011.05.12 18:19:35 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.06.27 18:03:06 | 000,535,598 | ---- | M] () -- C:\Users\Admin\Desktop\d.png
[2011.06.27 15:22:10 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.27 15:22:10 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.27 15:13:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.27 15:13:40 | 422,195,120 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.06.27 15:13:34 | 3220,873,216 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.27 14:41:46 | 000,062,836 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000003-00000000-00000000-00001102-0000000B-00495431}.rfx
[2011.06.27 14:41:46 | 000,062,836 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000003-00000000-00000000-00001102-0000000B-00495431}.rfx
[2011.06.27 14:41:46 | 000,000,904 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000003-00000000-00000000-00001102-0000000B-00495431}.rfx
[2011.06.27 14:41:20 | 000,045,286 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\room_v3.dat
[2011.06.24 08:29:45 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.06.22 20:31:33 | 000,002,334 | -HS- | M] () -- C:\ndf
[2011.06.21 16:09:55 | 000,000,520 | ---- | M] () -- C:\Users\Public\Desktop\OpenTTD.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.06.27 18:03:06 | 000,535,598 | ---- | C] () -- C:\Users\Admin\Desktop\d.png
[2011.06.23 16:23:08 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.06.22 20:31:32 | 000,002,334 | -HS- | C] () -- C:\ndf
[2011.06.21 16:09:55 | 000,000,520 | ---- | C] () -- C:\Users\Public\Desktop\OpenTTD.lnk
[2011.05.27 13:33:49 | 000,000,132 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2011.05.26 19:24:46 | 000,045,286 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\room_v3.dat
[2011.05.15 13:53:41 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.05.14 14:23:45 | 000,046,742 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\room.dat
[2011.05.14 13:02:27 | 000,062,518 | ---- | C] () -- C:\Windows\War3Unin.dat
[2011.05.14 11:53:25 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011.05.14 11:53:25 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011.05.14 11:53:25 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011.05.14 11:53:25 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011.05.14 11:53:25 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011.05.14 11:53:25 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011.05.14 11:53:25 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011.05.14 11:53:25 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011.05.14 11:53:25 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011.05.14 11:53:25 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2011.05.14 11:53:25 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011.05.14 11:53:25 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011.05.14 11:53:25 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011.05.14 11:53:25 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011.05.14 11:53:25 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011.05.14 11:53:25 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2011.05.14 11:53:25 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2011.05.14 11:53:25 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011.05.14 11:53:25 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011.05.14 11:52:40 | 000,000,025 | ---- | C] () -- C:\Windows\CDE V30V300DEFGIPSRUk.ini
[2011.05.12 18:32:51 | 000,027,202 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2011.05.12 18:19:36 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CTXFIRES.DLL
[2011.05.12 18:19:36 | 000,000,321 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2011.05.12 18:19:35 | 000,390,609 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2011.05.12 18:19:35 | 000,051,979 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2011.05.12 18:19:35 | 000,028,127 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2011.05.12 18:19:35 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2011.05.12 18:19:35 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2011.05.12 18:19:09 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.05.12 18:19:09 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.05.12 17:53:53 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2011.05.12 17:53:53 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2011.05.12 17:53:53 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2011.05.12 15:52:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.03.16 00:13:46 | 000,057,344 | R--- | C] () -- C:\Windows\SysWow64\XSIChooser.exe
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011.06.18 14:32:48 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\.minecraft
[2011.06.27 19:41:01 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\.purple
[2011.06.17 20:41:04 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Autodesk
[2011.05.12 17:29:00 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2011.05.14 12:12:42 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\EPSON
[2011.05.12 17:46:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ESET
[2011.05.24 17:46:32 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Foxit Software
[2011.05.15 13:52:57 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GetRightToGo
[2011.06.27 12:23:00 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\go
[2011.05.23 14:49:52 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\gtk-2.0
[2011.05.22 17:25:43 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ImgBurn
[2011.05.24 21:28:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LolClient
[2011.06.22 20:31:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\runic games
[2011.05.20 21:02:48 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TeamViewer
[2011.05.20 17:35:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\The Creative Assembly
[2011.05.27 20:25:47 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TS3Client
[2011.06.27 19:44:28 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\uTorrent
[2009.07.14 07:08:49 | 000,021,256 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Steam" = "D:\Valve\steam.exe" -silent -- [2011.05.12 17:11:01 | 001,242,448 | ---- | M] (Valve Corporation)
"PlayNC Launcher" =
"AdobeBridge" =

< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.06.18 14:32:48 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\.minecraft
[2011.06.27 19:41:01 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\.purple
[2011.06.20 19:35:02 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Adobe
[2011.05.13 15:33:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ATI
[2011.06.17 20:41:04 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Autodesk
[2011.05.20 16:53:16 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Creative
[2011.05.12 17:29:00 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2011.05.26 19:32:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DivX
[2011.05.14 12:12:42 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\EPSON
[2011.05.12 17:46:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ESET
[2011.05.24 17:46:32 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Foxit Software
[2011.05.15 13:52:57 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GetRightToGo
[2011.06.27 12:23:00 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\go
[2011.05.23 14:49:52 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\gtk-2.0
[2011.06.18 14:48:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Hamachi
[2011.05.12 16:06:33 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Identities
[2011.05.22 17:25:43 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ImgBurn
[2011.05.14 11:08:08 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\InstallShield
[2011.05.24 21:28:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LolClient
[2011.05.12 18:09:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Macromedia
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Media Center Programs
[2011.06.20 19:35:02 | 000,000,000 | --SD | M] -- C:\Users\Admin\AppData\Roaming\Microsoft
[2011.05.12 16:39:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mozilla
[2011.06.22 20:31:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\runic games
[2011.06.27 13:41:49 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Skype
[2011.05.28 12:16:44 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\skypePM
[2011.05.20 21:02:48 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TeamViewer
[2011.05.20 17:35:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\The Creative Assembly
[2011.05.27 20:25:47 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TS3Client
[2011.06.27 19:44:28 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\uTorrent
[2011.05.12 16:44:24 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2011.05.13 15:25:43 | 000,010,134 | R--- | M] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Installer\{9DBCF44B-77AC-81D8-0F8E-1E60D6330AC2}\ARPPRODUCTICON.exe


< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\SysNative\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTORV.SYS >
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< End of report >

[Geneiken]

Extras
OTL Extras logfile created on: 27.6.2011 19:40:43 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Admin\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,30 Gb Available Physical Memory | 57,55% Memory free
8,00 Gb Paging File | 6,10 Gb Available in Paging File | 76,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 270,45 Gb Total Space | 97,83 Gb Free Space | 36,17% Space Free | Partition Type: NTFS
Drive D: | 195,21 Gb Total Space | 125,81 Gb Free Space | 64,45% Space Free | Partition Type: NTFS

Computer Name: TRISRAM | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-941968714-4190430854-3688883015-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{18F4F5EF-F98C-4472-B144-69BE95E9E1D6}" = ESET Smart Security
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4529F749-C362-4119-AFA0-0A3F1CA924AB}" = Autodesk MatchMover 2012 64-bit
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4CE23671-5B64-40A4-9C1E-C9217D845F32}" = Autodesk MotionBuilder 2012 64-bit
"{58443355-8640-49E5-BDC7-479E7039F780}" = Turtle for Maya Premium 2012 64-bit
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7E8B0B79-FE18-446D-A0C7-F4CD3F4964BB}" = Autodesk Softimage 2012 64-bit
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D00A8DA-650F-21C6-E787-78756733F15F}" = ATI Catalyst Install Manager
"{9E6BB4E4-0B20-4922-AA37-260FA5ACFBA5}" = Autodesk Maya 2012 64-bit
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AC3E3746-8F18-4F8A-9521-1493022C6E0A}" = Autodesk DirectConnect 2012 64-bit
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CC7C5BA5-0010-1033-B966-42899C00BD23}" = Autodesk Mudbox 2012 64-bit - English
"{CC7C5BA5-09B5-428E-B966-42899C00BD23}" = Autodesk Mudbox 2012 64-bit - English
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{E5A509B4-D9B1-4FD9-B3EF-EDB216AA8651}" = ccc-utility64
"{EA234BC3-39FE-4734-B72F-076086889F6D}" = Composite 2012 64-bit
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FC4AD39F-9DCE-4BD0-B7D0-7C81CEB9F04B}" = NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit
"Autodesk DirectConnect 2012 64-bit" = Autodesk DirectConnect 2012 64-bit
"Autodesk Maya 2012 64-bit" = Autodesk Maya 2012 64-bit
"Autodesk Mudbox 2012 64-bit - English" = Autodesk Mudbox 2012 64-bit - English
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"WinRAR archiver" = WinRAR 4.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{08CFF9D1-BD86-4CA3-BC4A-AC51EF7640A4}" = X-Fi Forte 7.1
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0FFAC7BB-50DC-CB54-6CA7-A8B74513280B}" = CCC Help Chinese Traditional
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1C802083-6D79-78ED-BF1C-601DDF908DD1}" = Catalyst Control Center Core Implementation
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21040472-F8DF-48A9-A093-2986C1495670}" = Lineage® II: Freya (High Five)
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 25
"{28728178-FF15-218B-0B63-012692F42C28}" = CCC Help Danish
"{32851025-1E46-83A3-1320-471619254E39}" = Catalyst Control Center Localization All
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2012.0.0
"{40217B2F-462B-94A4-E84E-6A1C6EDBCE2F}" = CCC Help Swedish
"{430B1017-1B12-420C-8F27-05D0EC2995E0}" = Lineage II - PTS
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{531F0013-964C-4BE6-B382-4117DC8BCDF9}" = ArcSoft MediaImpression
"{5343A801-92E5-C234-9F27-AB27EC738BF6}" = CCC Help Japanese
"{5D22226D-EBC1-C95F-7746-2E3A9F4C97BA}" = CCC Help Russian
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{600C37F2-098B-A165-C1DB-6AE2B89D8D49}" = Catalyst Control Center Graphics Previews Common
"{61F8CA2C-9A80-8A1B-D3B9-347530CB387F}" = CCC Help Norwegian
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{674B407D-EAB1-B6B6-F9BF-C34CEE4CD83F}" = Catalyst Control Center Graphics Light
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69F411C5-4851-6DA9-EA4C-160BEF8788AA}" = CCC Help French
"{6DD27E54-2598-0FEC-7CE1-BE00924C0570}" = Catalyst Control Center Graphics Previews Vista
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7C27114E-6FC8-21F5-E501-FE48F09243DF}" = CCC Help Dutch
"{80237C20-CBF3-F841-4AD5-E727AA86FBD1}" = CCC Help Italian
"{802EE127-D32A-1447-09DC-77419772BCDC}" = CCC Help Portuguese
"{836AFA32-7B8B-2C19-99D9-36EF32B42EB8}" = CCC Help Thai
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{946942CB-D078-F33A-A3CD-27E0393507FD}" = CCC Help Turkish
"{9682B99B-BB28-AD37-CA50-C1CB5BFF0FA6}" = Catalyst Control Center Graphics Full New
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DBCF44B-77AC-81D8-0F8E-1E60D6330AC2}" = Catalyst Control Center InstallProxy
"{A02CC93A-134F-0319-1438-B1E895B52577}" = CCC Help German
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7E1ADB8-162B-7C33-60FB-0561A17BD876}" = CCC Help Spanish
"{A96EEF55-155C-552E-ABB1-6FDAEF5BD944}" = CCC Help Polish
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}" = Epson Copy Utility 3.5
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{ADB25FF0-AEC4-2CFB-130C-2C60D80C5934}" = CCC Help Greek
"{B04D5DA5-11DA-830C-85C6-0FF9185787E7}" = Skins
"{BB603E9F-ECE8-7713-B0AC-7E0614E8C058}" = Catalyst Control Center HydraVision Full
"{BE232D60-AEA5-502F-ACBF-9AC188A82C21}" = CCC Help Finnish
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C15C4AB5-EF5D-5050-273C-4636E3FBE301}" = CCC Help Czech
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ Beta 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E09CD13D-7CE3-351C-1625-8DC7F21A99C0}" = ccc-core-static
"{E373E0E2-20F5-90DF-B315-615EA6E52101}" = Catalyst Control Center Graphics Full Existing
"{E6DA746E-1175-88BD-2B16-1DC62018E060}" = CCC Help Chinese Standard
"{F053BFD9-4357-6A82-6042-CF919667448F}" = CCC Help English
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F17EB02C-DA0D-EDEF-2E16-501FB700A710}" = CCC Help Hungarian
"{F5DDC0CD-F13A-83F0-5103-563A17EA306F}" = CCC Help Korean
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Diablo II" = Diablo II
"DivX Setup.divx.com" = DivX Setup
"Dolby Digital Live Pack" = Dolby Digital Live Pack
"DTS Connect Pack" = DTS Connect Pack
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"Garena" = Garena 2010
"Hamachi" = Hamachi 1.0.2.5
"hon" = Heroes of Newerth
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"ImgBurn" = ImgBurn
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"OpenTTD" = OpenTTD 1.1.1
"Pidgin" = Pidgin
"Runic Games Torchlight" = Torchlight
"TeamViewer 6" = TeamViewer 6
"The KMPlayer" = The KMPlayer (remove only)
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-941968714-4190430854-3688883015-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 24.6.2011 8:22:53 | Computer Name = Trisram | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Autodesk\Composite
2012\python\lib\distutils\command\wininst-8_d.exe se nezdařilo. Závislé sestavení
Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 24.6.2011 8:25:26 | Computer Name = Trisram | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Autodesk\Softimage
2012\Application\python\Lib\distutils\command\wininst-8_d.exe se nezdařilo. Závislé
sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 24.6.2011 8:28:19 | Computer Name = Trisram | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.

Error - 24.6.2011 14:30:06 | Computer Name = Trisram | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Skype.exe, verze: 4.2.0.141, časové razítko:
0x4b1e35f4 Název chybujícího modulu: RPCRT4.dll, verze: 6.1.7600.16385, časové razítko:
0x4a5bdb3b Kód výjimky: 0xc0000005 Posun chyby: 0x0003b565 ID chybujícího procesu:
0x848 Čas spuštění chybující aplikace: 0x01cc3272932af3e0 Cesta k chybující aplikaci:
C:\Program Files (x86)\Skype\Phone\Skype.exe Cesta k chybujícímu modulu: C:\Windows\syswow64\RPCRT4.dll
ID
zprávy: fb572090-9e8f-11e0-992a-00241d6d0751

Error - 25.6.2011 5:03:13 | Computer Name = Trisram | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Autodesk\Composite
2012\python\lib\distutils\command\wininst-8_d.exe se nezdařilo. Závislé sestavení
Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 25.6.2011 5:04:55 | Computer Name = Trisram | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Autodesk\Softimage
2012\Application\python\Lib\distutils\command\wininst-8_d.exe se nezdařilo. Závislé
sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 25.6.2011 5:07:16 | Computer Name = Trisram | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.

Error - 26.6.2011 14:08:13 | Computer Name = Trisram | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 26.6.2011 15:09:03 | Computer Name = Trisram | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 26.6.2011 16:23:35 | Computer Name = Trisram | Source = Application Error | ID = 1000
Description = Název chybující aplikace: setupb.exe, verze: 1.0.69.21, časové razítko:
0x4b5f7519 Název chybujícího modulu: CEGUIBase.dll, verze: 0.0.0.0, časové razítko:
0x4ae40b42 Kód výjimky: 0xc0000005 Posun chyby: 0x0009f237 ID chybujícího procesu:
0x126c Čas spuštění chybující aplikace: 0x01cc340164d7ddb0 Cesta k chybující aplikaci:
C:\Program Files (x86)\Runic Games\Torchlight\setupb.exe Cesta k chybujícímu modulu:
C:\Program Files (x86)\Runic Games\Torchlight\CEGUIBase.dll ID zprávy: 2ad7af30-a032-11e0-93c5-00241d6d0751

[ System Events ]
Error - 23.6.2011 9:47:46 | Computer Name = Trisram | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (15:46:21, ?23.?6.?2011) bylo neočekávané.

Error - 24.6.2011 16:52:50 | Computer Name = Trisram | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (22:51:02, ?24.?6.?2011) bylo neočekávané.

Error - 24.6.2011 16:52:55 | Computer Name = Trisram | Source = BugCheck | ID = 1001
Description =

Error - 25.6.2011 4:33:21 | Computer Name = Trisram | Source = BugCheck | ID = 1001
Description =

Error - 26.6.2011 18:15:20 | Computer Name = Trisram | Source = BugCheck | ID = 1001
Description =

Error - 26.6.2011 18:15:27 | Computer Name = Trisram | Source = Service Control Manager | ID = 7038
Description = Služba WinHttpAutoProxySvc se nemohla přihlásit jako NT AUTHORITY\LocalService
s aktuálně konfigurovaným heslem z důvodu následující chyby: %%1352 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 26.6.2011 18:15:27 | Computer Name = Trisram | Source = Service Control Manager | ID = 7000
Description = Služba Služba WinHTTP WPAD neuspěla při spuštění v důsledku následující
chyby: %%1069

Error - 27.6.2011 9:13:42 | Computer Name = Trisram | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (15:12:22, ?27.?6.?2011) bylo neočekávané.

Error - 27.6.2011 9:13:45 | Computer Name = TRISRAM | Source = BugCheck | ID = 1001
Description =

Error - 27.6.2011 9:18:26 | Computer Name = Trisram | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Služba Zasílání zpráv o chybách systému
Windows bylo dosaženo časového limitu (30000 ms).


< End of report >

[vyosek]

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  IE - HKU\S-1-5-21-941968714-4190430854-3688883015-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://start.icq.com/ [binary data]
  IE - HKU\S-1-5-21-941968714-4190430854-3688883015-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
  IE - HKU\S-1-5-21-941968714-4190430854-3688883015-1000\..\URLSearchHook: - Reg Error: Key error. File not found
  FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
  FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
  FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.6&q="
  [2011.06.21 11:58:02 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
  [2011.05.12 17:22:59 | 000,002,059 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\searchplugins\daemon-search.xml
  [2011.06.21 11:59:33 | 000,002,342 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\searchplugins\icq-search.xml
  [2011.06.20 10:45:18 | 000,000,168 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\searchplugins\icqplugin.gif
  [2011.06.20 10:45:18 | 000,000,618 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\searchplugins\icqplugin.src
  [2011.06.23 16:23:13 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\searchplugins\icqplugin.xml
  O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
  O3:64bit: - HKU\S-1-5-21-941968714-4190430854-3688883015-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
  O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
  O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
  O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  O13 - gopher Prefix: missing
  O13 - gopher Prefix: missing
  O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
  O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
  O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
  O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
  O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
  O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
  O33 - MountPoints2\{59b1ba7c-7ca3-11e0-b8fb-00241d6d0751}\Shell - "" = AutoRun
  [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "AdobeAAMUpdater-1.0"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "Steam"=-
  "PlayNC Launcher"=-
  "AdobeBridge"=-
  [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
  "CTxfiHlp"=-
  "SunJavaUpdateSched"=-
  "DivXUpdate"=-
  "SwitchBoard"=-
  "AdobeCS5ServiceManager"=-
  "Adobe ARM"=-
   
  :files
  C:\Program Files (x86)\DAEMON Tools Toolbar
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[Geneiken]

All processes killed
========== OTL ==========
HKU\S-1-5-21-941968714-4190430854-3688883015-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-941968714-4190430854-3688883015-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-941968714-4190430854-3688883015-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.2.6&q=" removed from keyword.URL
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\searchplugins\daemon-search.xml moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\searchplugins\icq-search.xml moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\searchplugins\icqplugin.gif moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\searchplugins\icqplugin.src moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r96yp2zw.default\searchplugins\icqplugin.xml moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
64bit-Registry value HKEY_USERS\S-1-5-21-941968714-4190430854-3688883015-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88FED34C-F0CA-4636-A375-3CB6248B04CD}\ not found.
File {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}\ not found.
File {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59b1ba7c-7ca3-11e0-b8fb-00241d6d0751}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59b1ba7c-7ca3-11e0-b8fb-00241d6d0751}\ not found.
C:\Windows\msdownld.tmp folder deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PlayNC Launcher deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\CTxfiHlp deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
========== FILES ==========
File\Folder C:\Program Files (x86)\DAEMON Tools Toolbar not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Admin
->Temp folder emptied: 1718 bytes
->Temporary Internet Files folder emptied: 34524866 bytes
->Java cache emptied: 488 bytes
->FireFox cache emptied: 102660008 bytes
->Flash cache emptied: 12506 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10392406209 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 1693917536 bytes

Total Files Cleaned = 11 657,00 mb


[EMPTYFLASH]

User: Admin
->Flash cache emptied: 0 bytes

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.24.1 log created on 06272011_210650

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[vyosek]

Jak se chova PC

[Geneiken]

Zatim se to zda v pohode, freeze sice na zacatku byl, ale uz ne tak dlouhy a jestli mi to zase hodi modrou smrt, tak to zatim rict nemuzu.
Diky za pomoc =)

[vyosek]

Pro jistotu

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
• Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
• Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
• Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
• Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
• Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

[Geneiken]

Tak modra smrt padla par minut po mem predchozim prispevku
log tady:

2011/06/27 22:04:57.0803 1120 TDSS rootkit removing tool 2.5.6.0 Jun 27 2011 15:22:52
2011/06/27 22:04:58.0039 1120 ================================================================================
2011/06/27 22:04:58.0039 1120 SystemInfo:
2011/06/27 22:04:58.0039 1120
2011/06/27 22:04:58.0040 1120 OS Version: 6.1.7600 ServicePack: 0.0
2011/06/27 22:04:58.0040 1120 Product type: Workstation
2011/06/27 22:04:58.0040 1120 ComputerName: TRISRAM
2011/06/27 22:04:58.0040 1120 UserName: Admin
2011/06/27 22:04:58.0040 1120 Windows directory: C:\Windows
2011/06/27 22:04:58.0040 1120 System windows directory: C:\Windows
2011/06/27 22:04:58.0040 1120 Running under WOW64
2011/06/27 22:04:58.0040 1120 Processor architecture: Intel x64
2011/06/27 22:04:58.0040 1120 Number of processors: 4
2011/06/27 22:04:58.0040 1120 Page size: 0x1000
2011/06/27 22:04:58.0040 1120 Boot type: Normal boot
2011/06/27 22:04:58.0040 1120 ================================================================================
2011/06/27 22:05:01.0173 1120 Initialize success
2011/06/27 22:05:09.0422 1132 ================================================================================
2011/06/27 22:05:09.0422 1132 Scan started
2011/06/27 22:05:09.0422 1132 Mode: Manual;
2011/06/27 22:05:09.0422 1132 ================================================================================
2011/06/27 22:05:16.0766 1132 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/06/27 22:05:17.0067 1132 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/06/27 22:05:17.0190 1132 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/06/27 22:05:17.0614 1132 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/06/27 22:05:17.0846 1132 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/06/27 22:05:17.0989 1132 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/06/27 22:05:18.0473 1132 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
2011/06/27 22:05:18.0652 1132 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/06/27 22:05:18.0850 1132 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/06/27 22:05:18.0960 1132 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/06/27 22:05:19.0140 1132 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/06/27 22:05:19.0245 1132 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/06/27 22:05:19.0390 1132 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\DRIVERS\amdsata.sys
2011/06/27 22:05:19.0581 1132 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/06/27 22:05:19.0682 1132 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\DRIVERS\amdxata.sys
2011/06/27 22:05:19.0927 1132 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/06/27 22:05:20.0155 1132 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/06/27 22:05:20.0228 1132 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/06/27 22:05:20.0354 1132 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/27 22:05:20.0473 1132 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/06/27 22:05:21.0855 1132 atikmdag (aeae4abe6419923c037a0b2a157e1fc6) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/06/27 22:05:22.0719 1132 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/06/27 22:05:22.0991 1132 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/06/27 22:05:23.0215 1132 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/06/27 22:05:23.0438 1132 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/06/27 22:05:23.0568 1132 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/27 22:05:23.0696 1132 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/06/27 22:05:23.0779 1132 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/06/27 22:05:23.0921 1132 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/06/27 22:05:24.0007 1132 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/06/27 22:05:24.0083 1132 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/06/27 22:05:24.0175 1132 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/06/27 22:05:24.0396 1132 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/06/27 22:05:24.0570 1132 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/27 22:05:24.0759 1132 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/27 22:05:24.0963 1132 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/06/27 22:05:25.0173 1132 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/06/27 22:05:25.0519 1132 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/06/27 22:05:25.0605 1132 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/06/27 22:05:25.0819 1132 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/06/27 22:05:25.0909 1132 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/06/27 22:05:26.0031 1132 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/06/27 22:05:26.0150 1132 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/06/27 22:05:26.0608 1132 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
2011/06/27 22:05:26.0814 1132 CT20XUT (37142392b5b7568d88539b5c368448b4) C:\Windows\system32\drivers\CT20XUT.SYS
2011/06/27 22:05:27.0264 1132 CT20XUT.SYS (37142392b5b7568d88539b5c368448b4) C:\Windows\System32\drivers\CT20XUT.SYS
2011/06/27 22:05:27.0509 1132 ctac32k (b44d6c57240b15308acae89fee80ac30) C:\Windows\system32\drivers\ctac32k.sys
2011/06/27 22:05:27.0824 1132 ctaud2k (369779d0f7eb1cc353323b646ab33830) C:\Windows\system32\drivers\ctaud2k.sys
2011/06/27 22:05:28.0382 1132 CTEXFIFX (89eb1f73360d07730d5d186969dc8757) C:\Windows\system32\drivers\CTEXFIFX.SYS
2011/06/27 22:05:28.0571 1132 CTEXFIFX.SYS (89eb1f73360d07730d5d186969dc8757) C:\Windows\System32\drivers\CTEXFIFX.SYS
2011/06/27 22:05:28.0691 1132 CTHWIUT (6d262236d7c65fe897e395e2feee02a8) C:\Windows\system32\drivers\CTHWIUT.SYS
2011/06/27 22:05:28.0764 1132 CTHWIUT.SYS (6d262236d7c65fe897e395e2feee02a8) C:\Windows\System32\drivers\CTHWIUT.SYS
2011/06/27 22:05:28.0839 1132 ctprxy2k (86da20386b3254429e49ffd7c937ec24) C:\Windows\system32\drivers\ctprxy2k.sys
2011/06/27 22:05:28.0956 1132 ctsfm2k (5093070db560ecdf7d7b42b1aab858de) C:\Windows\system32\drivers\ctsfm2k.sys
2011/06/27 22:05:29.0213 1132 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
2011/06/27 22:05:29.0332 1132 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/06/27 22:05:29.0529 1132 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/06/27 22:05:29.0762 1132 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/06/27 22:05:30.0214 1132 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/27 22:05:30.0426 1132 eamonm (aca3fe4f18a945b7bf2618a79f6f670b) C:\Windows\system32\DRIVERS\eamonm.sys
2011/06/27 22:05:31.0531 1132 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/06/27 22:05:32.0146 1132 ehdrv (6672438bdcbfd87250d22112d458294d) C:\Windows\system32\DRIVERS\ehdrv.sys
2011/06/27 22:05:32.0569 1132 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/06/27 22:05:32.0655 1132 emupia (6d29fdacee8821b6bfc7a80753ed8ba7) C:\Windows\system32\drivers\emupia2k.sys
2011/06/27 22:05:32.0820 1132 epfw (443805b5b11c859ac8ca35297648ff0c) C:\Windows\system32\DRIVERS\epfw.sys
2011/06/27 22:05:32.0916 1132 Epfwndis (66e61bc6c9f519a99275eb0f0e530bf4) C:\Windows\system32\DRIVERS\Epfwndis.sys
2011/06/27 22:05:33.0244 1132 epfwwfp (f72c97f3d34ea5ec919c73e3901266bb) C:\Windows\system32\DRIVERS\epfwwfp.sys
2011/06/27 22:05:33.0352 1132 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/06/27 22:05:33.0511 1132 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/06/27 22:05:33.0650 1132 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/06/27 22:05:33.0765 1132 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/27 22:05:33.0845 1132 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/06/27 22:05:33.0937 1132 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/06/27 22:05:34.0056 1132 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/27 22:05:34.0260 1132 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/06/27 22:05:34.0379 1132 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/06/27 22:05:34.0464 1132 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/27 22:05:34.0724 1132 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/06/27 22:05:34.0840 1132 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/06/27 22:05:35.0696 1132 ha20x22k (0525e2e137f03a0bf04b4923c1209576) C:\Windows\system32\drivers\ha20x22k.sys
2011/06/27 22:05:36.0274 1132 ha20x2k (9b4c2f2a75e14f2f67126cc455fe13f2) C:\Windows\system32\drivers\ha20x2k.sys
2011/06/27 22:05:36.0414 1132 hamachi (f8f0851d336c3b88dbd7232b6348e09a) C:\Windows\system32\DRIVERS\hamachi.sys
2011/06/27 22:05:36.0548 1132 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/06/27 22:05:36.0785 1132 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/06/27 22:05:36.0882 1132 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/06/27 22:05:36.0967 1132 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/06/27 22:05:37.0053 1132 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/06/27 22:05:37.0130 1132 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/06/27 22:05:37.0370 1132 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/06/27 22:05:37.0512 1132 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/06/27 22:05:37.0823 1132 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/06/27 22:05:37.0911 1132 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/06/27 22:05:38.0028 1132 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/06/27 22:05:38.0284 1132 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/06/27 22:05:38.0407 1132 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/06/27 22:05:38.0539 1132 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/06/27 22:05:38.0663 1132 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/27 22:05:38.0748 1132 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/06/27 22:05:38.0835 1132 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/06/27 22:05:38.0911 1132 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/06/27 22:05:39.0042 1132 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/06/27 22:05:39.0118 1132 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/06/27 22:05:39.0277 1132 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/06/27 22:05:39.0414 1132 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/06/27 22:05:39.0531 1132 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/06/27 22:05:39.0624 1132 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/27 22:05:39.0794 1132 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/06/27 22:05:39.0912 1132 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/06/27 22:05:40.0115 1132 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/27 22:05:40.0252 1132 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/06/27 22:05:40.0338 1132 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/06/27 22:05:40.0462 1132 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/06/27 22:05:40.0578 1132 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/06/27 22:05:40.0784 1132 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/06/27 22:05:40.0865 1132 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/06/27 22:05:41.0065 1132 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/06/27 22:05:41.0232 1132 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/06/27 22:05:41.0354 1132 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/27 22:05:41.0473 1132 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/06/27 22:05:41.0636 1132 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/27 22:05:41.0714 1132 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/06/27 22:05:41.0826 1132 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/06/27 22:05:41.0898 1132 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/27 22:05:41.0998 1132 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/06/27 22:05:42.0135 1132 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/27 22:05:42.0327 1132 mrxsmb10 (a8c2d7673c8a010569390c826a0efaf4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/27 22:05:42.0411 1132 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/27 22:05:42.0533 1132 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/06/27 22:05:42.0629 1132 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/06/27 22:05:42.0737 1132 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/06/27 22:05:42.0954 1132 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/06/27 22:05:43.0116 1132 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/06/27 22:05:43.0323 1132 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/27 22:05:43.0404 1132 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/27 22:05:43.0516 1132 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/06/27 22:05:43.0663 1132 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/06/27 22:05:43.0774 1132 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/06/27 22:05:43.0885 1132 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/06/27 22:05:43.0969 1132 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/06/27 22:05:44.0120 1132 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/06/27 22:05:44.0418 1132 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/27 22:05:44.0835 1132 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/06/27 22:05:44.0976 1132 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/06/27 22:05:45.0111 1132 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/27 22:05:45.0225 1132 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/27 22:05:45.0348 1132 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/27 22:05:45.0449 1132 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/06/27 22:05:45.0565 1132 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/27 22:05:45.0714 1132 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/27 22:05:45.0901 1132 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/06/27 22:05:46.0052 1132 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/06/27 22:05:46.0131 1132 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/27 22:05:46.0787 1132 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
2011/06/27 22:05:46.0896 1132 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/06/27 22:05:47.0147 1132 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
2011/06/27 22:05:47.0293 1132 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\DRIVERS\nvraid.sys
2011/06/27 22:05:47.0430 1132 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\DRIVERS\nvstor.sys
2011/06/27 22:05:47.0542 1132 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/06/27 22:05:47.0622 1132 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/06/27 22:05:48.0027 1132 ossrv (dbc83ba9cf237d0297273a9ac167694b) C:\Windows\system32\drivers\ctoss2k.sys
2011/06/27 22:05:48.0229 1132 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/06/27 22:05:48.0439 1132 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/06/27 22:05:48.0480 1132 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/06/27 22:05:48.0576 1132 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2011/06/27 22:05:48.0705 1132 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/06/27 22:05:48.0797 1132 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/06/27 22:05:49.0087 1132 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/06/27 22:05:49.0316 1132 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/27 22:05:49.0438 1132 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/06/27 22:05:49.0702 1132 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/27 22:05:50.0264 1132 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/06/27 22:05:50.0384 1132 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/06/27 22:05:50.0462 1132 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/27 22:05:50.0540 1132 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/27 22:05:50.0703 1132 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/06/27 22:05:50.0845 1132 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/27 22:05:50.0923 1132 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/27 22:05:51.0084 1132 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/06/27 22:05:51.0234 1132 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/27 22:05:51.0339 1132 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/06/27 22:05:51.0412 1132 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/27 22:05:51.0571 1132 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
2011/06/27 22:05:51.0746 1132 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/27 22:05:51.0829 1132 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/06/27 22:05:51.0946 1132 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/06/27 22:05:52.0124 1132 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/06/27 22:05:52.0292 1132 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/27 22:05:52.0567 1132 RTL85n64 (9269ef78a780a3161087df1bec117dc8) C:\Windows\system32\DRIVERS\RTL85n64.sys
2011/06/27 22:05:52.0705 1132 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
2011/06/27 22:05:52.0797 1132 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/06/27 22:05:52.0864 1132 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/06/27 22:05:52.0982 1132 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/06/27 22:05:53.0129 1132 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/06/27 22:05:53.0242 1132 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/06/27 22:05:53.0326 1132 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/06/27 22:05:53.0405 1132 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/06/27 22:05:53.0488 1132 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/06/27 22:05:53.0568 1132 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/06/27 22:05:53.0653 1132 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/06/27 22:05:53.0782 1132 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/06/27 22:05:53.0855 1132 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/06/27 22:05:53.0970 1132 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/06/27 22:05:54.0138 1132 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/06/27 22:05:54.0401 1132 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
2011/06/27 22:05:54.0607 1132 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/27 22:05:54.0749 1132 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/27 22:05:54.0901 1132 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/06/27 22:05:55.0067 1132 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
2011/06/27 22:05:55.0200 1132 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
2011/06/27 22:05:55.0277 1132 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/06/27 22:05:56.0085 1132 Tcpip (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\drivers\tcpip.sys
2011/06/27 22:05:56.0290 1132 TCPIP6 (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/27 22:05:56.0426 1132 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/27 22:05:56.0504 1132 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/06/27 22:05:56.0586 1132 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/06/27 22:05:56.0710 1132 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/27 22:05:56.0984 1132 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/06/27 22:05:57.0245 1132 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/27 22:05:57.0349 1132 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/27 22:05:57.0438 1132 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/06/27 22:05:57.0608 1132 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/27 22:05:57.0721 1132 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/06/27 22:05:57.0853 1132 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/06/27 22:05:57.0939 1132 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/06/27 22:05:58.0065 1132 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/06/27 22:05:58.0193 1132 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/06/27 22:05:58.0308 1132 usbehci (df9f9afc9aaabd8ed47975d44e38169a) C:\Windows\system32\DRIVERS\usbehci.sys
2011/06/27 22:05:58.0521 1132 usbhub (372a91bc3c6603080a793880b0873785) C:\Windows\system32\DRIVERS\usbhub.sys
2011/06/27 22:05:58.0614 1132 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/06/27 22:05:58.0719 1132 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/06/27 22:05:58.0889 1132 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/06/27 22:05:59.0003 1132 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/06/27 22:05:59.0083 1132 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/06/27 22:05:59.0243 1132 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/06/27 22:05:59.0378 1132 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/27 22:05:59.0454 1132 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/06/27 22:05:59.0566 1132 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/06/27 22:05:59.0659 1132 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/06/27 22:05:59.0823 1132 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
2011/06/27 22:05:59.0907 1132 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
2011/06/27 22:05:59.0987 1132 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/06/27 22:06:00.0163 1132 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/06/27 22:06:00.0334 1132 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/06/27 22:06:00.0504 1132 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/06/27 22:06:00.0599 1132 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/06/27 22:06:00.0678 1132 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/06/27 22:06:00.0828 1132 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/27 22:06:00.0893 1132 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/27 22:06:01.0348 1132 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/06/27 22:06:01.0621 1132 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/27 22:06:02.0209 1132 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/06/27 22:06:02.0292 1132 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/06/27 22:06:02.0588 1132 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/06/27 22:06:02.0741 1132 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/06/27 22:06:02.0844 1132 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/27 22:06:02.0929 1132 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/06/27 22:06:03.0106 1132 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/27 22:06:03.0285 1132 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/06/27 22:06:03.0363 1132 Boot (0x1200) (656ea204055ea729d3f6b52eb0a3f2bf) \Device\Harddisk0\DR0\Partition0
2011/06/27 22:06:03.0408 1132 Boot (0x1200) (d39acc4069249fdce2c884ee52fec07a) \Device\Harddisk0\DR0\Partition1
2011/06/27 22:06:03.0463 1132 Boot (0x1200) (3aa9c2ecd131ae8f67b6141d78fb1c83) \Device\Harddisk0\DR0\Partition2
2011/06/27 22:06:03.0483 1132 ================================================================================
2011/06/27 22:06:03.0483 1132 Scan finished
2011/06/27 22:06:03.0483 1132 ================================================================================
2011/06/27 22:06:03.0503 3448 Detected object count: 0
2011/06/27 22:06:03.0503 3448 Actual detected object count: 0

[vyosek]

Zabalte mi prosim obsah slozky c:\windows\minidump do raru a uploadnete mi jej sem http://vyosek.ic.cz/havet/uploader.php

[Geneiken]

Je to tam, link asi neni treba

[vyosek]

Link netreba, kolega na to mrkne v noci, je jich opravdu hodne...

zatim muzete pres noc spustit memtest http://www.viry.cz/forum/viewtopic.php?f=53&t=106788