Kontrola logu

Zpráva

Peky · #1 Příspěvek od **Peky** » 16 zář 2011 19:55

Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr Pechr at 2011-09-16 20:48:49
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 13 GB (16%) free of 81 GB
Total RAM: 894 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:49:05, on 16.9.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\WButton.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Petr Pechr\Downloads\RSIT (1).exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\WerCon.exe
C:\Users\Petr Pechr\Downloads\RSIT.exe
C:\Program Files\trend micro\Petr Pechr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [nvoqahiuxykq] C:\Windows\System32\regsvr32.exe /s "C:\Windows\system32\mtakrnbcmlar.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

--
End of file - 7050 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2007-07-02 1062184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-29 4317184]
"LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2005-07-25 32768]
"HotkeyApp"=C:\Program Files\Launch Manager\HotkeyApp.exe [2006-12-14 192512]
"LMgrVolOSD"=C:\Program Files\Launch Manager\OSD.exe [2006-12-26 180224]
"LMgrOSD"=C:\Program Files\Launch Manager\OSDCtrl.exe [2006-08-29 241664]
"Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2006-11-09 86016]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"nvoqahiuxykq"=C:\Windows\System32\regsvr32.exe [2006-11-02 14336]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.XVID"=xvidvfw.dll
"msacm.ac3filter"=ac3filter.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-01 20:18:48 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2015-03-01 20:18:47 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2015-03-01 20:18:44 ----A---- C:\Windows\system32\AvastSS.scr
2015-03-01 20:18:34 ----A---- C:\Windows\system32\MFC71.dll
2015-03-01 20:18:34 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-03-01 20:18:34 ----A---- C:\Windows\system32\aswBoot.exe
2015-03-01 20:18:27 ----D---- C:\Program Files\Alwil Software
2011-09-16 20:45:09 ----D---- C:\rsit
2011-09-16 20:20:14 ----A---- C:\Windows\system32\wininet.dll
2011-09-16 20:20:14 ----A---- C:\Windows\system32\urlmon.dll
2011-09-16 20:20:14 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-09-16 20:20:14 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-09-16 20:20:14 ----A---- C:\Windows\system32\msrating.dll
2011-09-16 20:20:14 ----A---- C:\Windows\system32\msls31.dll
2011-09-16 20:20:14 ----A---- C:\Windows\system32\mshtmler.dll
2011-09-16 20:20:14 ----A---- C:\Windows\system32\jsproxy.dll
2011-09-16 20:20:14 ----A---- C:\Windows\system32\iertutil.dll
2011-09-16 20:20:13 ----A---- C:\Windows\system32\ieui.dll
2011-09-16 20:20:13 ----A---- C:\Windows\system32\iesysprep.dll
2011-09-16 20:20:13 ----A---- C:\Windows\system32\ieframe.dll
2011-09-16 20:20:13 ----A---- C:\Windows\system32\dxtrans.dll
2011-09-16 20:20:12 ----A---- C:\Windows\system32\url.dll
2011-09-16 20:20:12 ----A---- C:\Windows\system32\iesetup.dll
2011-09-16 20:20:12 ----A---- C:\Windows\system32\iernonce.dll
2011-09-16 20:20:12 ----A---- C:\Windows\system32\ieapfltr.dll
2011-09-16 20:20:12 ----A---- C:\Windows\system32\ieapfltr.dat
2011-09-16 20:20:12 ----A---- C:\Windows\system32\ie4uinit.exe
2011-09-16 20:20:12 ----A---- C:\Windows\system32\icardie.dll
2011-09-16 20:20:12 ----A---- C:\Windows\system32\dxtmsft.dll
2011-09-16 20:20:11 ----A---- C:\Windows\system32\webcheck.dll
2011-09-16 20:20:11 ----A---- C:\Windows\system32\licmgr10.dll
2011-09-16 20:20:11 ----A---- C:\Windows\system32\inseng.dll
2011-09-16 20:20:11 ----A---- C:\Windows\system32\iedkcs32.dll
2011-09-16 20:20:10 ----A---- C:\Windows\system32\wextract.exe
2011-09-16 20:20:10 ----A---- C:\Windows\system32\vbscript.dll
2011-09-16 20:20:10 ----A---- C:\Windows\system32\mshtmled.dll
2011-09-16 20:20:10 ----A---- C:\Windows\system32\mshtml.dll
2011-09-16 20:20:10 ----A---- C:\Windows\system32\msfeeds.dll
2011-09-16 20:20:10 ----A---- C:\Windows\system32\iexpress.exe
2011-09-16 20:20:09 ----A---- C:\Windows\system32\pngfilt.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\occache.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\mshta.exe
2011-09-16 20:20:09 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\jscript9.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\jscript.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\imgutil.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\ieUnatt.exe
2011-09-16 20:20:09 ----A---- C:\Windows\system32\iepeers.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\ieakui.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\ieaksie.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\advpack.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\admparse.dll
2011-09-16 20:20:08 ----A---- C:\Windows\system32\msfeedssync.exe
2011-09-16 20:20:08 ----A---- C:\Windows\system32\ieakeng.dll
2011-09-16 20:20:08 ----A---- C:\Windows\system32\IEAdvpack.dll
2011-09-15 12:55:46 ----SHD---- C:\Config.Msi
2011-08-24 21:14:57 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 month======

2011-09-16 20:48:57 ----D---- C:\Windows\Prefetch
2011-09-16 20:48:57 ----D---- C:\Program Files\trend micro
2011-09-16 20:48:47 ----D---- C:\Windows\Temp
2011-09-16 20:38:09 ----D---- C:\Windows\system32\Tasks
2011-09-16 20:29:22 ----D---- C:\Windows
2011-09-16 20:23:57 ----RD---- C:\Windows\Offline Web Pages
2011-09-16 20:23:57 ----D---- C:\Windows\system32\wbem
2011-09-16 20:23:57 ----D---- C:\Windows\system32\migration
2011-09-16 20:23:57 ----D---- C:\Windows\system32\en-US
2011-09-16 20:23:57 ----D---- C:\Windows\PolicyDefinitions
2011-09-16 20:23:57 ----D---- C:\Program Files\Internet Explorer
2011-09-16 20:23:55 ----D---- C:\Windows\System32
2011-09-16 20:23:53 ----SD---- C:\Windows\Downloaded Program Files
2011-09-16 20:22:42 ----SHD---- C:\System Volume Information
2011-09-16 20:20:40 ----D---- C:\Windows\winsxs
2011-09-16 20:20:06 ----D---- C:\Windows\system32\catroot
2011-09-16 20:20:00 ----D---- C:\Windows\system32\catroot2
2011-09-16 20:06:03 ----D---- C:\Windows\Tasks
2011-09-16 19:53:11 ----D---- C:\Windows\Debug
2011-09-16 15:17:24 ----D---- C:\Program Files\Windows Mail
2011-09-16 15:11:40 ----A---- C:\Windows\system32\mrt.exe
2011-09-16 15:03:34 ----D---- C:\Windows\Microsoft.NET
2011-09-15 13:23:30 ----SHD---- C:\Windows\Installer
2011-09-15 13:23:17 ----RSD---- C:\Windows\assembly
2011-09-15 13:18:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-09-15 13:18:12 ----D---- C:\Windows\inf
2011-08-25 14:03:00 ----D---- C:\Windows\rescache
2011-08-25 13:44:21 ----D---- C:\Windows\system32\cs-CZ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2006-08-25 36528]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 Hotkey;Hotkey; C:\Windows\system32\drivers\Hotkey.sys [2003-04-28 9867]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-01-13 954368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-02 1668456]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-01-08 2313216]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S1 mailKmd;mailKmd; C:\Windows\system32\drivers\mailKmd.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver; C:\Windows\system32\DRIVERS\sis163u.sys [2007-01-25 218112]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2006-05-11 247808]
S4 nvatabus;nvatabus; C:\Windows\system32\drivers\nvatabus.sys [2006-07-14 105088]
S4 viamraid;viamraid; C:\Windows\system32\drivers\viamraid.sys [2006-03-31 100992]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-01-08 557056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 IviRegMgr;IviRegMgr; c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler; C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [2006-11-14 204800]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 WisLMSvc;WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [2006-11-17 118784]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-06-25 1045256]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------
Peky

#2 Příspěvek od **vyosek** » 16 zář 2011 23:58

Zdravim a pekny den preji

Mate tam docela malo RAM pameti, 864MB na Visty je sakra malo

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Peky · #3 Příspěvek od **Peky** » 17 zář 2011 19:40

Dobry den, dekuji za odpoved. Ramek opravdu neni mnoho a doplnim. Ask Toolbar jsem odstranil. Nize oba logy. Je tam nejakej "smejd" ?

OTL Extras logfile created on: 17.9.2011 7:53:15 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Users\Petr Pechr\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

893,52 Mb Total Physical Memory | 226,29 Mb Available Physical Memory | 25,33% Memory free
2,00 Gb Paging File | 1,11 Gb Available in Paging File | 55,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,76 Gb Total Space | 11,68 Gb Free Space | 14,83% Space Free | Partition Type: NTFS
Drive D: | 19,36 Gb Total Space | 18,77 Gb Free Space | 96,99% Space Free | Partition Type: NTFS

Computer Name: PETR_PECHR | User Name: Petr Pechr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1CE493DC-DA7A-49F1-A6CA-C4632493A28E}" = protocol=6 | dir=in | app=c:\program files\freecall.com\freecall\freecall.exe |
"{2742A582-BF17-466F-B7BE-E97E8B9FF1A5}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{3BF6ECA9-C891-4845-912C-CF066FEDD2C7}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{4DCACEBC-C5AA-42FE-88AE-0E2BAF3F0775}" = protocol=17 | dir=in | app=c:\program files\freecall.com\freecall\freecall.exe |
"{A71C3B1B-1228-46F6-B86F-B86737472AD8}" = protocol=17 | dir=in | app=c:\program files\freecall.com\freecall\freecall.exe |
"{BBD21635-378C-4DDC-9FF9-75A970B7BF0D}" = protocol=6 | dir=in | app=c:\program files\freecall.com\freecall\freecall.exe |
"TCP Query User{01FC7145-A2BF-4F57-893E-2593AC89D125}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{0CCD9773-1FCE-4178-8EDC-D590D27F56F9}C:\program files\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"TCP Query User{193B0FEF-06B9-4491-A064-FB00A40B2B37}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{2C140E26-43D3-4BF1-8F19-FB2F2C13050D}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{4C197B0E-E86D-4C30-96FB-C5B4F8C6D04F}C:\program files\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"TCP Query User{516656A2-2125-46A5-A666-57D54F2B940C}C:\program files\realvnc\vnc4\winvnc4.exe" = protocol=6 | dir=in | app=c:\program files\realvnc\vnc4\winvnc4.exe |
"TCP Query User{5B29CE50-DA3E-49FA-B715-EC3877BE0945}C:\program files\realvnc\vnc4\winvnc4.exe" = protocol=6 | dir=in | app=c:\program files\realvnc\vnc4\winvnc4.exe |
"TCP Query User{60B8C2C0-882D-4DF0-8073-3E27A489E196}C:\zoiper_2.14_free\zoiper.exe" = protocol=6 | dir=in | app=c:\zoiper_2.14_free\zoiper.exe |
"TCP Query User{61CC6240-5EFD-4917-B68E-D866E2FE31E0}C:\program files\attractel\zoiper\zoiper.exe" = protocol=6 | dir=in | app=c:\program files\attractel\zoiper\zoiper.exe |
"TCP Query User{88E963EB-50A4-4C73-8B58-F2B45EF7E6BF}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{970CF5FA-4DE1-433E-8614-AE7D3BDDDCC0}C:\zoiper_2.14_free\zoiper.exe" = protocol=6 | dir=in | app=c:\zoiper_2.14_free\zoiper.exe |
"TCP Query User{A126DA8C-A026-4D51-92BE-C3BC8898E890}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{A76D1D93-F22A-4F3F-84D2-A4622A7E56BC}C:\dočasné soubory\pracovní\software\internet\zoiper_2.14_free\zoiper.exe" = protocol=6 | dir=in | app=c:\dočasné soubory\pracovní\software\internet\zoiper_2.14_free\zoiper.exe |
"TCP Query User{AF5BAE2C-472E-4C2F-AA4F-00B821E4E2B9}C:\program files\intervideo\dvd8\windvd.exe" = protocol=6 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
"TCP Query User{AF735005-3D55-414D-850A-1A51112B4DC2}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{BDC3A6FC-C9D7-4EE4-8371-617E4F161BAD}C:\program files\tightvnc\winvnc.exe" = protocol=6 | dir=in | app=c:\program files\tightvnc\winvnc.exe |
"TCP Query User{C3360108-0AF6-4809-AC71-9D3147ACE4F4}C:\users\petr pechr\appdata\local\temp\rar$ex00.515\zoiper.exe" = protocol=6 | dir=in | app=c:\users\petr pechr\appdata\local\temp\rar$ex00.515\zoiper.exe |
"TCP Query User{EC3A44F6-A40C-442B-9067-3E55393B5B2B}C:\program files\attractel\zoiper\zoiper.exe" = protocol=6 | dir=in | app=c:\program files\attractel\zoiper\zoiper.exe |
"TCP Query User{EEE77541-D59D-4220-9537-7774E4D61AEA}C:\program files\intervideo\dvd8\windvd.exe" = protocol=6 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
"UDP Query User{1707A1ED-53BB-4766-A08B-698D1EACBAEF}C:\zoiper_2.14_free\zoiper.exe" = protocol=17 | dir=in | app=c:\zoiper_2.14_free\zoiper.exe |
"UDP Query User{1A291B14-CFFF-4C66-B134-C515ABCAFB68}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{215A19FA-979B-41FC-B1A7-502F562CBD39}C:\program files\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"UDP Query User{265DAFC3-5E51-43D9-9AC3-4620C6477431}C:\program files\attractel\zoiper\zoiper.exe" = protocol=17 | dir=in | app=c:\program files\attractel\zoiper\zoiper.exe |
"UDP Query User{31A413B8-F212-4237-AA2C-673FABF645C2}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{50CE22D6-45B0-4880-8193-E3D11A44338C}C:\zoiper_2.14_free\zoiper.exe" = protocol=17 | dir=in | app=c:\zoiper_2.14_free\zoiper.exe |
"UDP Query User{58331064-15D2-481F-87DB-764C2018F5E1}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{63A042B8-102C-4B1C-8465-47CD65DFE735}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{7A96D758-A98B-45DE-B5B9-CB98A2F0860B}C:\program files\tightvnc\winvnc.exe" = protocol=17 | dir=in | app=c:\program files\tightvnc\winvnc.exe |
"UDP Query User{7F19F940-A0F1-4F29-B4E3-82D8164B7092}C:\users\petr pechr\appdata\local\temp\rar$ex00.515\zoiper.exe" = protocol=17 | dir=in | app=c:\users\petr pechr\appdata\local\temp\rar$ex00.515\zoiper.exe |
"UDP Query User{9C1A45E7-3D0C-469C-8ADF-8C77FDA14EB4}C:\program files\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"UDP Query User{9D832760-CE7B-4EBE-AAC9-F129477B98E7}C:\program files\attractel\zoiper\zoiper.exe" = protocol=17 | dir=in | app=c:\program files\attractel\zoiper\zoiper.exe |
"UDP Query User{C84DD904-6075-4B26-A7CE-47C05E902099}C:\program files\realvnc\vnc4\winvnc4.exe" = protocol=17 | dir=in | app=c:\program files\realvnc\vnc4\winvnc4.exe |
"UDP Query User{CFF539B7-48FF-4909-90C5-A1A9A6888018}C:\program files\intervideo\dvd8\windvd.exe" = protocol=17 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
"UDP Query User{D04253F1-F159-4A99-B729-272D3E5749DD}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{E099A110-79D6-44D6-A9EF-A4267F0F0AC9}C:\dočasné soubory\pracovní\software\internet\zoiper_2.14_free\zoiper.exe" = protocol=17 | dir=in | app=c:\dočasné soubory\pracovní\software\internet\zoiper_2.14_free\zoiper.exe |
"UDP Query User{E1D07299-32CE-428D-B92B-FC12DCC8DB55}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{FB3E617D-13E0-45BC-9B9F-F33977B77318}C:\program files\realvnc\vnc4\winvnc4.exe" = protocol=17 | dir=in | app=c:\program files\realvnc\vnc4\winvnc4.exe |
"UDP Query User{FDAE3649-DAAB-413B-8BDB-15569579A592}C:\program files\intervideo\dvd8\windvd.exe" = protocol=17 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{019749A1-F9BC-476C-2614-58D9ED0A6F40}" = ccc-core-static
"{0A21003A-E0A8-6042-F307-C7FBAE836794}" = Catalyst Control Center Localization Japanese
"{0DFCEDD8-5F43-A2FF-E63B-2FE3650C9A02}" = CCC Help English
"{0E19D441-0A05-EA5A-4158-BFBC2B24C564}" = ccc-utility
"{10FDD3F5-EFE7-2B75-B2CC-7AC661CA09DE}" = CCC Help Swedish
"{1C8808D1-CE58-18DA-3B21-CDEF8D9B0BED}" = CCC Help Turkish
"{1D787FAC-0ABE-FD00-660C-B880A31166C0}" = Catalyst Control Center Localization Arabic
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FF5B839-C9A3-79EB-49E7-5D1952776664}" = Catalyst Control Center Localization French
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{260DAAF9-00EB-D2AA-4D83-24C1EB34C6FA}" = CCC Help Norwegian
"{2E932A07-F5F6-CCC5-4854-97DB9A3AFB2E}" = Catalyst Control Center Localization Chinese Standard
"{319B3AD0-8B75-8D34-9C19-3F9AEB064C88}" = Catalyst Control Center Localization German
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33D56EDB-EC6B-2B62-1F31-FDEF7BDF941A}" = Catalyst Control Center Localization Hungarian
"{357CEB93-ED71-2916-CD74-4F8F7376542B}" = ccc-localization-da
"{361D1727-5203-D58A-5A00-98E29585207D}" = Catalyst Control Center Core Implementation
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FF9C945-3D49-6EF5-9EC3-D89A89FD1AE6}" = CCC Help Thai
"{404B19DC-6955-44B9-9DEA-0990A5146554}" = CCC Help Korean
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{4516D595-253A-1EF2-B2C5-2A43785B3B8E}" = CCC Help Danish
"{47E8C7A1-4D23-80FD-2A74-A81AB9690F05}" = Catalyst Control Center Localization Italian
"{538A1AE6-5D8B-4BF1-B1B3-AE14FDE21C09}" = Test_OnlineDiagnostic
"{57F5CF93-3F01-E826-0147-59815335CBB2}" = CCC Help Japanese
"{5C2498DD-BE37-86F7-354D-34E3101BAB74}" = Catalyst Control Center Localization Arabic
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.2
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{64CC0986-62C9-EE7B-AEC4-C029247340D8}" = CCC Help Russian
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{70C68C2A-E081-16C6-7366-3CCBD6E2028A}" = Catalyst Control Center Localization Arabic
"{745EBF89-814D-1693-6778-7E6722D089B9}" = Catalyst Control Center Graphics Light
"{788FCF58-A22D-AC6A-0422-085E5EEDC41B}" = CCC Help Czech
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84991F86-23E3-016E-F6C1-5072D1707558}" = Catalyst Control Center Localization Korean
"{858847DC-C7A9-CA65-D84E-194CFAB1176D}" = Catalyst Control Center Graphics Previews Vista
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91F3F438-C591-037B-BC98-A0FE7481CB2A}" = Catalyst Control Center Localization Arabic
"{9817BBF0-C642-D820-B3B1-5BBB6D55EABF}" = Catalyst Control Center Localization Arabic
"{A757784B-4562-C19D-18FD-2810B76348BD}" = CCC Help Spanish
"{AC768D91-EC0E-1401-62D6-1E09D42B82FF}" = Catalyst Control Center Graphics Full New
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B0020AAE-255D-9AFA-F076-C19B07E47AF4}" = CCC Help Finnish
"{C552F65D-7DCA-6542-7E0A-17EA07513FED}" = Catalyst Control Center Localization Finnish
"{C9EC23BB-9AE0-8C29-B6E4-4B8CF5AE535E}" = Catalyst Control Center Localization Spanish
"{CC7F87A1-95A9-83FC-D65C-4CA675526DC2}" = CCC Help Chinese Traditional
"{CCE41B2F-0516-AB46-3BBC-6B691634A66B}" = CCC Help French
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF7C6234-D304-0C9C-4EA4-0C07B85021FD}" = Catalyst Control Center Localization Czech
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.4.4
"{D34D82E0-4600-407B-9478-8506C1DD1029}" = Nero 7 Essentials
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D7824725-F3EB-9940-6311-F39D5F7732E1}" = Catalyst Control Center Graphics Full Existing
"{DBED4E6A-BB0E-8D0A-FA4C-A60856A62F64}" = Catalyst Control Center Localization Arabic
"{DCE907E3-4D72-4CD3-A08A-BEFC8C7A5869}" = Branding
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DE822D87-23EB-C65D-8FC4-752391F0B257}" = Skins
"{E12335FC-16B4-D2C6-3209-AAA8BB661F77}" = CCC Help Polish
"{E21C8CCF-76C4-4664-AD53-CCC8990C5B78}" = Autodesk DirectConnect 2011
"{E4C2DEEC-E608-6962-D97C-2FAB04046CD2}" = CCC Help German
"{E68A9B61-EFE8-C7B3-0D2C-0B221FA8EC6A}" = CCC Help Greek
"{E793B1DE-7542-F473-460A-8A8F7AF0D47D}" = CCC Help Dutch
"{E8E3E4B7-6A0C-EEE2-83AB-B23B421181E6}" = CCC Help Chinese Standard
"{EB196FD0-1019-D772-C266-3F7E5F5EE1FB}" = Catalyst Control Center Localization Arabic
"{EDF31891-87A1-C665-E72A-5D6C15C36F02}" = Catalyst Control Center Localization Arabic
"{EFB59A8A-BCE7-7FEB-EB54-A687088B02FC}" = Catalyst Control Center Localization Chinese Traditional
"{F0B9C15C-6804-892C-310E-8B11BD585A76}" = Catalyst Control Center Localization Greek
"{F1274811-33BC-45EB-B4F6-D05265BADBA1}" = Autodesk Showcase 2011 32-bit
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26129FD-925E-5752-E674-96F06AC82310}" = CCC Help Hungarian
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FBAD116A-A763-810D-A843-6D09D265773F}" = CCC Help Portuguese
"{FCE3FA3F-411C-CF5C-98B6-8B968E27D393}" = CCC Help Italian
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Allway Sync_is1" = Allway Sync version 11.0.0
"Any Video Converter_is1" = Any Video Converter 3.1.2
"ATI Uninstaller" = ATI Uninstaller
"avast!" = avast! Antivirus
"CCleaner" = CCleaner
"DVD Shrink_is1" = DVD Shrink 3.2
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"HD Tune_is1" = HD Tune 2.50
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.1.0 (Full)
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"rajče.net_is1" = rajče verze 57 sestavení 192
"RealVNC_is1" = VNC Free Edition 4.1.2
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR
"WoodWOP" = WoodWOP
"ydotfogqaakwyzf" = RON Tool Adservefast
"Zoiper" = Zoiper
"Zoner Photo Studio 9_is1" = Zoner Photo Studio 9

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 14.11.2007 13:55:22 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of \\PLUTO\Pracovní\Nová složka\wjv2y1en.exe:Zone.Identifier failed, 00000005.

Error - 18.12.2007 17:09:07 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2564.39187__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.DLL
failed, 00000005.

Error - 17.3.2008 13:25:20 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2564.39172__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.DLL
failed, 00000005.

Error - 26.3.2008 15:53:02 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll failed, 00000005.

Error - 15.9.2009 14:59:07 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

Error - 13.6.2010 16:01:16 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

Error - 18.8.2010 15:04:48 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

Error - 11.1.2011 9:35:58 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

Error - 5.5.2011 11:11:39 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\samlib.dll failed, 00000005.

Error - 8.8.2011 9:23:03 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

[ Application Events ]
Error - 22.8.2011 16:18:03 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x86c, čas spuštění aplikace
0x01cc610881bf8d31.

Error - 23.8.2011 16:48:13 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x764, čas spuštění aplikace
0x01cc61d2f954c97c.

Error - 24.8.2011 15:30:10 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x14f8, čas spuštění
aplikace 0x01cc6292ad3aec2c.

Error - 28.8.2011 15:31:07 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x440, čas spuštění aplikace
0x01cc65b80a1a5cac.

Error - 28.8.2011 15:34:26 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x808, čas spuštění aplikace
0x01cc65b90c1ec2f8.

Error - 28.8.2011 15:37:33 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x120, čas spuštění aplikace
0x01cc65b980a82157.

Error - 28.8.2011 15:38:50 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x117c, čas spuštění
aplikace 0x01cc65b9f02f3df1.

Error - 28.8.2011 15:39:08 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x12c, čas spuštění aplikace
0x01cc65b980a82157.

Error - 29.8.2011 16:14:18 | Computer Name = Petr_Pechr | Source = EventSystem | ID = 4609
Description =

Error - 7.9.2011 15:00:18 | Computer Name = Petr_Pechr | Source = Windows Search Service | ID = 3024
Description =

[ Media Center Events ]
Error - 14.9.2007 10:35:24 | Computer Name = PetrPechr-PC | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.SqmFlushSession failed;
Win32 GetLastError returned 0D Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 14.9.2008 14:47:10 | Computer Name = Petr_Pechr | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 14.9.2008 14:47:37 | Computer Name = Petr_Pechr | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 9.9.2009 17:16:16 | Computer Name = Petr_Pechr | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 22.9.2009 17:12:04 | Computer Name = Petr_Pechr | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

[ System Events ]
Error - 16.9.2011 15:02:31 | Computer Name = Petr_Pechr | Source = Service Control Manager | ID = 7026
Description =

Error - 16.9.2011 15:19:08 | Computer Name = Petr_Pechr | Source = DCOM | ID = 10010
Description =

Error - 16.9.2011 15:30:38 | Computer Name = Petr_Pechr | Source = Service Control Manager | ID = 7026
Description =

Error - 16.9.2011 15:33:12 | Computer Name = Petr_Pechr | Source = DCOM | ID = 10010
Description =

Error - 16.9.2011 15:36:06 | Computer Name = Petr_Pechr | Source = Service Control Manager | ID = 7026
Description =

Error - 16.9.2011 15:43:50 | Computer Name = Petr_Pechr | Source = DCOM | ID = 10010
Description =

Error - 16.9.2011 16:28:36 | Computer Name = Petr_Pechr | Source = Service Control Manager | ID = 7026
Description =

Error - 16.9.2011 16:49:57 | Computer Name = Petr_Pechr | Source = Service Control Manager | ID = 7031
Description =

Error - 16.9.2011 16:53:56 | Computer Name = Petr_Pechr | Source = DCOM | ID = 10010
Description =

Error - 17.9.2011 1:37:36 | Computer Name = Petr_Pechr | Source = Service Control Manager | ID = 7026
Description =

< End of report >

OTL logfile created on: 17.9.2011 7:53:15 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Users\Petr Pechr\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

893,52 Mb Total Physical Memory | 226,29 Mb Available Physical Memory | 25,33% Memory free
2,00 Gb Paging File | 1,11 Gb Available in Paging File | 55,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,76 Gb Total Space | 11,68 Gb Free Space | 14,83% Space Free | Partition Type: NTFS
Drive D: | 19,36 Gb Total Space | 18,77 Gb Free Space | 96,99% Space Free | Partition Type: NTFS

Computer Name: PETR_PECHR | User Name: Petr Pechr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.09.17 07:51:33 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Users\Petr Pechr\Downloads\OTL.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.04.10 23:28:12 | 001,143,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
PRC - [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.10 23:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.01.18 23:38:40 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006.12.29 12:11:00 | 004,317,184 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006.12.26 11:23:34 | 000,180,224 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\OSD.exe
PRC - [2006.12.14 16:53:28 | 000,192,512 | ---- | M] (Wistron) -- C:\Program Files\Launch Manager\HotkeyApp.exe
PRC - [2006.11.17 20:45:26 | 000,118,784 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\WisLMSvc.exe
PRC - [2006.11.14 16:07:08 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe
PRC - [2006.11.09 14:37:52 | 000,086,016 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
PRC - [2006.08.29 09:26:32 | 000,241,664 | ---- | M] () -- C:\Program Files\Launch Manager\OSDCtrl.exe
PRC - [2005.07.25 13:36:40 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe

========== Modules (No Company Name) ==========

MOD - [2009.01.18 18:15:14 | 000,344,064 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\mmmpcdmx.ax
MOD - [2009.01.11 00:17:14 | 000,536,576 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\splitter.ax
MOD - [2009.01.11 00:14:08 | 000,079,360 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkzlib.dll
MOD - [2009.01.11 00:14:06 | 000,023,552 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkunicode.dll
MOD - [2007.01.08 13:08:56 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2006.11.09 14:37:52 | 000,086,016 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
MOD - [2006.08.29 09:26:32 | 000,241,664 | ---- | M] () -- C:\Program Files\Launch Manager\OSDCtrl.exe
MOD - [2005.07.25 13:36:40 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe

========== Win32 Services (SafeList) ==========

SRV - [2010.06.25 17:32:33 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.01.18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006.11.17 20:45:26 | 000,118,784 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Program Files\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2006.11.14 16:07:08 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)

========== Driver Services (SafeList) ==========

DRV - [2009.11.25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 01:49:48 | 000,053,328 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.01.13 09:45:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007.01.25 14:16:46 | 000,218,112 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sis163u.sys -- (SIS163u)
DRV - [2007.01.08 13:16:50 | 002,313,216 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006.11.02 09:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006.11.02 09:30:56 | 000,047,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.07.14 14:55:34 | 000,105,088 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2003.04.28 11:27:06 | 000,009,867 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\HOTKEY.sys -- (Hotkey)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\..\URLSearchHook: - Reg Error: CLSID key missing. File not found
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

druha cast

Peky · #4 Příspěvek od **Peky** » 17 zář 2011 19:40

Dobry den, dekuji za odpoved. Ramek opravdu neni mnoho a doplnim. Ask Toolbar jsem odstranil. Nize oba logy. Je tam nejakej "smejd" ?

OTL Extras logfile created on: 17.9.2011 7:53:15 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Users\Petr Pechr\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

893,52 Mb Total Physical Memory | 226,29 Mb Available Physical Memory | 25,33% Memory free
2,00 Gb Paging File | 1,11 Gb Available in Paging File | 55,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,76 Gb Total Space | 11,68 Gb Free Space | 14,83% Space Free | Partition Type: NTFS
Drive D: | 19,36 Gb Total Space | 18,77 Gb Free Space | 96,99% Space Free | Partition Type: NTFS

Computer Name: PETR_PECHR | User Name: Petr Pechr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1CE493DC-DA7A-49F1-A6CA-C4632493A28E}" = protocol=6 | dir=in | app=c:\program files\freecall.com\freecall\freecall.exe |
"{2742A582-BF17-466F-B7BE-E97E8B9FF1A5}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{3BF6ECA9-C891-4845-912C-CF066FEDD2C7}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{4DCACEBC-C5AA-42FE-88AE-0E2BAF3F0775}" = protocol=17 | dir=in | app=c:\program files\freecall.com\freecall\freecall.exe |
"{A71C3B1B-1228-46F6-B86F-B86737472AD8}" = protocol=17 | dir=in | app=c:\program files\freecall.com\freecall\freecall.exe |
"{BBD21635-378C-4DDC-9FF9-75A970B7BF0D}" = protocol=6 | dir=in | app=c:\program files\freecall.com\freecall\freecall.exe |
"TCP Query User{01FC7145-A2BF-4F57-893E-2593AC89D125}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{0CCD9773-1FCE-4178-8EDC-D590D27F56F9}C:\program files\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"TCP Query User{193B0FEF-06B9-4491-A064-FB00A40B2B37}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{2C140E26-43D3-4BF1-8F19-FB2F2C13050D}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{4C197B0E-E86D-4C30-96FB-C5B4F8C6D04F}C:\program files\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"TCP Query User{516656A2-2125-46A5-A666-57D54F2B940C}C:\program files\realvnc\vnc4\winvnc4.exe" = protocol=6 | dir=in | app=c:\program files\realvnc\vnc4\winvnc4.exe |
"TCP Query User{5B29CE50-DA3E-49FA-B715-EC3877BE0945}C:\program files\realvnc\vnc4\winvnc4.exe" = protocol=6 | dir=in | app=c:\program files\realvnc\vnc4\winvnc4.exe |
"TCP Query User{60B8C2C0-882D-4DF0-8073-3E27A489E196}C:\zoiper_2.14_free\zoiper.exe" = protocol=6 | dir=in | app=c:\zoiper_2.14_free\zoiper.exe |
"TCP Query User{61CC6240-5EFD-4917-B68E-D866E2FE31E0}C:\program files\attractel\zoiper\zoiper.exe" = protocol=6 | dir=in | app=c:\program files\attractel\zoiper\zoiper.exe |
"TCP Query User{88E963EB-50A4-4C73-8B58-F2B45EF7E6BF}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{970CF5FA-4DE1-433E-8614-AE7D3BDDDCC0}C:\zoiper_2.14_free\zoiper.exe" = protocol=6 | dir=in | app=c:\zoiper_2.14_free\zoiper.exe |
"TCP Query User{A126DA8C-A026-4D51-92BE-C3BC8898E890}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{A76D1D93-F22A-4F3F-84D2-A4622A7E56BC}C:\dočasné soubory\pracovní\software\internet\zoiper_2.14_free\zoiper.exe" = protocol=6 | dir=in | app=c:\dočasné soubory\pracovní\software\internet\zoiper_2.14_free\zoiper.exe |
"TCP Query User{AF5BAE2C-472E-4C2F-AA4F-00B821E4E2B9}C:\program files\intervideo\dvd8\windvd.exe" = protocol=6 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
"TCP Query User{AF735005-3D55-414D-850A-1A51112B4DC2}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{BDC3A6FC-C9D7-4EE4-8371-617E4F161BAD}C:\program files\tightvnc\winvnc.exe" = protocol=6 | dir=in | app=c:\program files\tightvnc\winvnc.exe |
"TCP Query User{C3360108-0AF6-4809-AC71-9D3147ACE4F4}C:\users\petr pechr\appdata\local\temp\rar$ex00.515\zoiper.exe" = protocol=6 | dir=in | app=c:\users\petr pechr\appdata\local\temp\rar$ex00.515\zoiper.exe |
"TCP Query User{EC3A44F6-A40C-442B-9067-3E55393B5B2B}C:\program files\attractel\zoiper\zoiper.exe" = protocol=6 | dir=in | app=c:\program files\attractel\zoiper\zoiper.exe |
"TCP Query User{EEE77541-D59D-4220-9537-7774E4D61AEA}C:\program files\intervideo\dvd8\windvd.exe" = protocol=6 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
"UDP Query User{1707A1ED-53BB-4766-A08B-698D1EACBAEF}C:\zoiper_2.14_free\zoiper.exe" = protocol=17 | dir=in | app=c:\zoiper_2.14_free\zoiper.exe |
"UDP Query User{1A291B14-CFFF-4C66-B134-C515ABCAFB68}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{215A19FA-979B-41FC-B1A7-502F562CBD39}C:\program files\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"UDP Query User{265DAFC3-5E51-43D9-9AC3-4620C6477431}C:\program files\attractel\zoiper\zoiper.exe" = protocol=17 | dir=in | app=c:\program files\attractel\zoiper\zoiper.exe |
"UDP Query User{31A413B8-F212-4237-AA2C-673FABF645C2}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{50CE22D6-45B0-4880-8193-E3D11A44338C}C:\zoiper_2.14_free\zoiper.exe" = protocol=17 | dir=in | app=c:\zoiper_2.14_free\zoiper.exe |
"UDP Query User{58331064-15D2-481F-87DB-764C2018F5E1}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{63A042B8-102C-4B1C-8465-47CD65DFE735}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{7A96D758-A98B-45DE-B5B9-CB98A2F0860B}C:\program files\tightvnc\winvnc.exe" = protocol=17 | dir=in | app=c:\program files\tightvnc\winvnc.exe |
"UDP Query User{7F19F940-A0F1-4F29-B4E3-82D8164B7092}C:\users\petr pechr\appdata\local\temp\rar$ex00.515\zoiper.exe" = protocol=17 | dir=in | app=c:\users\petr pechr\appdata\local\temp\rar$ex00.515\zoiper.exe |
"UDP Query User{9C1A45E7-3D0C-469C-8ADF-8C77FDA14EB4}C:\program files\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"UDP Query User{9D832760-CE7B-4EBE-AAC9-F129477B98E7}C:\program files\attractel\zoiper\zoiper.exe" = protocol=17 | dir=in | app=c:\program files\attractel\zoiper\zoiper.exe |
"UDP Query User{C84DD904-6075-4B26-A7CE-47C05E902099}C:\program files\realvnc\vnc4\winvnc4.exe" = protocol=17 | dir=in | app=c:\program files\realvnc\vnc4\winvnc4.exe |
"UDP Query User{CFF539B7-48FF-4909-90C5-A1A9A6888018}C:\program files\intervideo\dvd8\windvd.exe" = protocol=17 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
"UDP Query User{D04253F1-F159-4A99-B729-272D3E5749DD}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{E099A110-79D6-44D6-A9EF-A4267F0F0AC9}C:\dočasné soubory\pracovní\software\internet\zoiper_2.14_free\zoiper.exe" = protocol=17 | dir=in | app=c:\dočasné soubory\pracovní\software\internet\zoiper_2.14_free\zoiper.exe |
"UDP Query User{E1D07299-32CE-428D-B92B-FC12DCC8DB55}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{FB3E617D-13E0-45BC-9B9F-F33977B77318}C:\program files\realvnc\vnc4\winvnc4.exe" = protocol=17 | dir=in | app=c:\program files\realvnc\vnc4\winvnc4.exe |
"UDP Query User{FDAE3649-DAAB-413B-8BDB-15569579A592}C:\program files\intervideo\dvd8\windvd.exe" = protocol=17 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{019749A1-F9BC-476C-2614-58D9ED0A6F40}" = ccc-core-static
"{0A21003A-E0A8-6042-F307-C7FBAE836794}" = Catalyst Control Center Localization Japanese
"{0DFCEDD8-5F43-A2FF-E63B-2FE3650C9A02}" = CCC Help English
"{0E19D441-0A05-EA5A-4158-BFBC2B24C564}" = ccc-utility
"{10FDD3F5-EFE7-2B75-B2CC-7AC661CA09DE}" = CCC Help Swedish
"{1C8808D1-CE58-18DA-3B21-CDEF8D9B0BED}" = CCC Help Turkish
"{1D787FAC-0ABE-FD00-660C-B880A31166C0}" = Catalyst Control Center Localization Arabic
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FF5B839-C9A3-79EB-49E7-5D1952776664}" = Catalyst Control Center Localization French
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{260DAAF9-00EB-D2AA-4D83-24C1EB34C6FA}" = CCC Help Norwegian
"{2E932A07-F5F6-CCC5-4854-97DB9A3AFB2E}" = Catalyst Control Center Localization Chinese Standard
"{319B3AD0-8B75-8D34-9C19-3F9AEB064C88}" = Catalyst Control Center Localization German
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33D56EDB-EC6B-2B62-1F31-FDEF7BDF941A}" = Catalyst Control Center Localization Hungarian
"{357CEB93-ED71-2916-CD74-4F8F7376542B}" = ccc-localization-da
"{361D1727-5203-D58A-5A00-98E29585207D}" = Catalyst Control Center Core Implementation
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FF9C945-3D49-6EF5-9EC3-D89A89FD1AE6}" = CCC Help Thai
"{404B19DC-6955-44B9-9DEA-0990A5146554}" = CCC Help Korean
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{4516D595-253A-1EF2-B2C5-2A43785B3B8E}" = CCC Help Danish
"{47E8C7A1-4D23-80FD-2A74-A81AB9690F05}" = Catalyst Control Center Localization Italian
"{538A1AE6-5D8B-4BF1-B1B3-AE14FDE21C09}" = Test_OnlineDiagnostic
"{57F5CF93-3F01-E826-0147-59815335CBB2}" = CCC Help Japanese
"{5C2498DD-BE37-86F7-354D-34E3101BAB74}" = Catalyst Control Center Localization Arabic
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.2
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{64CC0986-62C9-EE7B-AEC4-C029247340D8}" = CCC Help Russian
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{70C68C2A-E081-16C6-7366-3CCBD6E2028A}" = Catalyst Control Center Localization Arabic
"{745EBF89-814D-1693-6778-7E6722D089B9}" = Catalyst Control Center Graphics Light
"{788FCF58-A22D-AC6A-0422-085E5EEDC41B}" = CCC Help Czech
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84991F86-23E3-016E-F6C1-5072D1707558}" = Catalyst Control Center Localization Korean
"{858847DC-C7A9-CA65-D84E-194CFAB1176D}" = Catalyst Control Center Graphics Previews Vista
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91F3F438-C591-037B-BC98-A0FE7481CB2A}" = Catalyst Control Center Localization Arabic
"{9817BBF0-C642-D820-B3B1-5BBB6D55EABF}" = Catalyst Control Center Localization Arabic
"{A757784B-4562-C19D-18FD-2810B76348BD}" = CCC Help Spanish
"{AC768D91-EC0E-1401-62D6-1E09D42B82FF}" = Catalyst Control Center Graphics Full New
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B0020AAE-255D-9AFA-F076-C19B07E47AF4}" = CCC Help Finnish
"{C552F65D-7DCA-6542-7E0A-17EA07513FED}" = Catalyst Control Center Localization Finnish
"{C9EC23BB-9AE0-8C29-B6E4-4B8CF5AE535E}" = Catalyst Control Center Localization Spanish
"{CC7F87A1-95A9-83FC-D65C-4CA675526DC2}" = CCC Help Chinese Traditional
"{CCE41B2F-0516-AB46-3BBC-6B691634A66B}" = CCC Help French
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF7C6234-D304-0C9C-4EA4-0C07B85021FD}" = Catalyst Control Center Localization Czech
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.4.4
"{D34D82E0-4600-407B-9478-8506C1DD1029}" = Nero 7 Essentials
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D7824725-F3EB-9940-6311-F39D5F7732E1}" = Catalyst Control Center Graphics Full Existing
"{DBED4E6A-BB0E-8D0A-FA4C-A60856A62F64}" = Catalyst Control Center Localization Arabic
"{DCE907E3-4D72-4CD3-A08A-BEFC8C7A5869}" = Branding
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DE822D87-23EB-C65D-8FC4-752391F0B257}" = Skins
"{E12335FC-16B4-D2C6-3209-AAA8BB661F77}" = CCC Help Polish
"{E21C8CCF-76C4-4664-AD53-CCC8990C5B78}" = Autodesk DirectConnect 2011
"{E4C2DEEC-E608-6962-D97C-2FAB04046CD2}" = CCC Help German
"{E68A9B61-EFE8-C7B3-0D2C-0B221FA8EC6A}" = CCC Help Greek
"{E793B1DE-7542-F473-460A-8A8F7AF0D47D}" = CCC Help Dutch
"{E8E3E4B7-6A0C-EEE2-83AB-B23B421181E6}" = CCC Help Chinese Standard
"{EB196FD0-1019-D772-C266-3F7E5F5EE1FB}" = Catalyst Control Center Localization Arabic
"{EDF31891-87A1-C665-E72A-5D6C15C36F02}" = Catalyst Control Center Localization Arabic
"{EFB59A8A-BCE7-7FEB-EB54-A687088B02FC}" = Catalyst Control Center Localization Chinese Traditional
"{F0B9C15C-6804-892C-310E-8B11BD585A76}" = Catalyst Control Center Localization Greek
"{F1274811-33BC-45EB-B4F6-D05265BADBA1}" = Autodesk Showcase 2011 32-bit
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26129FD-925E-5752-E674-96F06AC82310}" = CCC Help Hungarian
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FBAD116A-A763-810D-A843-6D09D265773F}" = CCC Help Portuguese
"{FCE3FA3F-411C-CF5C-98B6-8B968E27D393}" = CCC Help Italian
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Allway Sync_is1" = Allway Sync version 11.0.0
"Any Video Converter_is1" = Any Video Converter 3.1.2
"ATI Uninstaller" = ATI Uninstaller
"avast!" = avast! Antivirus
"CCleaner" = CCleaner
"DVD Shrink_is1" = DVD Shrink 3.2
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"HD Tune_is1" = HD Tune 2.50
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.1.0 (Full)
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"rajče.net_is1" = rajče verze 57 sestavení 192
"RealVNC_is1" = VNC Free Edition 4.1.2
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR
"WoodWOP" = WoodWOP
"ydotfogqaakwyzf" = RON Tool Adservefast
"Zoiper" = Zoiper
"Zoner Photo Studio 9_is1" = Zoner Photo Studio 9

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 14.11.2007 13:55:22 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of \\PLUTO\Pracovní\Nová složka\wjv2y1en.exe:Zone.Identifier failed, 00000005.

Error - 18.12.2007 17:09:07 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2564.39187__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.DLL
failed, 00000005.

Error - 17.3.2008 13:25:20 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2564.39172__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.DLL
failed, 00000005.

Error - 26.3.2008 15:53:02 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll failed, 00000005.

Error - 15.9.2009 14:59:07 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

Error - 13.6.2010 16:01:16 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

Error - 18.8.2010 15:04:48 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

Error - 11.1.2011 9:35:58 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

Error - 5.5.2011 11:11:39 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\samlib.dll failed, 00000005.

Error - 8.8.2011 9:23:03 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

[ Application Events ]
Error - 22.8.2011 16:18:03 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x86c, čas spuštění aplikace
0x01cc610881bf8d31.

Error - 23.8.2011 16:48:13 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x764, čas spuštění aplikace
0x01cc61d2f954c97c.

Error - 24.8.2011 15:30:10 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x14f8, čas spuštění
aplikace 0x01cc6292ad3aec2c.

Error - 28.8.2011 15:31:07 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x440, čas spuštění aplikace
0x01cc65b80a1a5cac.

Error - 28.8.2011 15:34:26 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x808, čas spuštění aplikace
0x01cc65b90c1ec2f8.

Error - 28.8.2011 15:37:33 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x120, čas spuštění aplikace
0x01cc65b980a82157.

Error - 28.8.2011 15:38:50 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x117c, čas spuštění
aplikace 0x01cc65b9f02f3df1.

Error - 28.8.2011 15:39:08 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x12c, čas spuštění aplikace
0x01cc65b980a82157.

Error - 29.8.2011 16:14:18 | Computer Name = Petr_Pechr | Source = EventSystem | ID = 4609
Description =

Error - 7.9.2011 15:00:18 | Computer Name = Petr_Pechr | Source = Windows Search Service | ID = 3024
Description =

[ Media Center Events ]
Error - 14.9.2007 10:35:24 | Computer Name = PetrPechr-PC | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.SqmFlushSession failed;
Win32 GetLastError returned 0D Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 14.9.2008 14:47:10 | Computer Name = Petr_Pechr | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 14.9.2008 14:47:37 | Computer Name = Petr_Pechr | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 9.9.2009 17:16:16 | Computer Name = Petr_Pechr | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 22.9.2009 17:12:04 | Computer Name = Petr_Pechr | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

[ System Events ]
Error - 16.9.2011 15:02:31 | Computer Name = Petr_Pechr | Source = Service Control Manager | ID = 7026
Description =

Error - 16.9.2011 15:19:08 | Computer Name = Petr_Pechr | Source = DCOM | ID = 10010
Description =

Error - 16.9.2011 15:30:38 | Computer Name = Petr_Pechr | Source = Service Control Manager | ID = 7026
Description =

Error - 16.9.2011 15:33:12 | Computer Name = Petr_Pechr | Source = DCOM | ID = 10010
Description =

Error - 16.9.2011 15:36:06 | Computer Name = Petr_Pechr | Source = Service Control Manager | ID = 7026
Description =

Error - 16.9.2011 15:43:50 | Computer Name = Petr_Pechr | Source = DCOM | ID = 10010
Description =

Error - 16.9.2011 16:28:36 | Computer Name = Petr_Pechr | Source = Service Control Manager | ID = 7026
Description =

Error - 16.9.2011 16:49:57 | Computer Name = Petr_Pechr | Source = Service Control Manager | ID = 7031
Description =

Error - 16.9.2011 16:53:56 | Computer Name = Petr_Pechr | Source = DCOM | ID = 10010
Description =

Error - 17.9.2011 1:37:36 | Computer Name = Petr_Pechr | Source = Service Control Manager | ID = 7026
Description =

< End of report >

OTL logfile created on: 17.9.2011 7:53:15 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Users\Petr Pechr\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

893,52 Mb Total Physical Memory | 226,29 Mb Available Physical Memory | 25,33% Memory free
2,00 Gb Paging File | 1,11 Gb Available in Paging File | 55,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,76 Gb Total Space | 11,68 Gb Free Space | 14,83% Space Free | Partition Type: NTFS
Drive D: | 19,36 Gb Total Space | 18,77 Gb Free Space | 96,99% Space Free | Partition Type: NTFS

Computer Name: PETR_PECHR | User Name: Petr Pechr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.09.17 07:51:33 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Users\Petr Pechr\Downloads\OTL.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.04.10 23:28:12 | 001,143,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
PRC - [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.10 23:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.01.18 23:38:40 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006.12.29 12:11:00 | 004,317,184 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006.12.26 11:23:34 | 000,180,224 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\OSD.exe
PRC - [2006.12.14 16:53:28 | 000,192,512 | ---- | M] (Wistron) -- C:\Program Files\Launch Manager\HotkeyApp.exe
PRC - [2006.11.17 20:45:26 | 000,118,784 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\WisLMSvc.exe
PRC - [2006.11.14 16:07:08 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe
PRC - [2006.11.09 14:37:52 | 000,086,016 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
PRC - [2006.08.29 09:26:32 | 000,241,664 | ---- | M] () -- C:\Program Files\Launch Manager\OSDCtrl.exe
PRC - [2005.07.25 13:36:40 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe

========== Modules (No Company Name) ==========

MOD - [2009.01.18 18:15:14 | 000,344,064 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\mmmpcdmx.ax
MOD - [2009.01.11 00:17:14 | 000,536,576 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\splitter.ax
MOD - [2009.01.11 00:14:08 | 000,079,360 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkzlib.dll
MOD - [2009.01.11 00:14:06 | 000,023,552 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkunicode.dll
MOD - [2007.01.08 13:08:56 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2006.11.09 14:37:52 | 000,086,016 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
MOD - [2006.08.29 09:26:32 | 000,241,664 | ---- | M] () -- C:\Program Files\Launch Manager\OSDCtrl.exe
MOD - [2005.07.25 13:36:40 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe

========== Win32 Services (SafeList) ==========

SRV - [2010.06.25 17:32:33 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.01.18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006.11.17 20:45:26 | 000,118,784 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Program Files\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2006.11.14 16:07:08 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)

========== Driver Services (SafeList) ==========

DRV - [2009.11.25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 01:49:48 | 000,053,328 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.01.13 09:45:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007.01.25 14:16:46 | 000,218,112 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sis163u.sys -- (SIS163u)
DRV - [2007.01.08 13:16:50 | 002,313,216 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006.11.02 09:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006.11.02 09:30:56 | 000,047,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.07.14 14:55:34 | 000,105,088 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2003.04.28 11:27:06 | 000,009,867 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\HOTKEY.sys -- (Hotkey)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\..\URLSearchHook: - Reg Error: CLSID key missing. File not found
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

druha cast

Peky · #5 Příspěvek od **Peky** » 17 zář 2011 19:40

Dobry den, dekuji za odpoved. Ramek opravdu neni mnoho a doplnim. Ask Toolbar jsem odstranil. Nize oba logy. Je tam nejakej "smejd" ?

OTL Extras logfile created on: 17.9.2011 7:53:15 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Users\Petr Pechr\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

893,52 Mb Total Physical Memory | 226,29 Mb Available Physical Memory | 25,33% Memory free
2,00 Gb Paging File | 1,11 Gb Available in Paging File | 55,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,76 Gb Total Space | 11,68 Gb Free Space | 14,83% Space Free | Partition Type: NTFS
Drive D: | 19,36 Gb Total Space | 18,77 Gb Free Space | 96,99% Space Free | Partition Type: NTFS

Computer Name: PETR_PECHR | User Name: Petr Pechr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1CE493DC-DA7A-49F1-A6CA-C4632493A28E}" = protocol=6 | dir=in | app=c:\program files\freecall.com\freecall\freecall.exe |
"{2742A582-BF17-466F-B7BE-E97E8B9FF1A5}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{3BF6ECA9-C891-4845-912C-CF066FEDD2C7}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{4DCACEBC-C5AA-42FE-88AE-0E2BAF3F0775}" = protocol=17 | dir=in | app=c:\program files\freecall.com\freecall\freecall.exe |
"{A71C3B1B-1228-46F6-B86F-B86737472AD8}" = protocol=17 | dir=in | app=c:\program files\freecall.com\freecall\freecall.exe |
"{BBD21635-378C-4DDC-9FF9-75A970B7BF0D}" = protocol=6 | dir=in | app=c:\program files\freecall.com\freecall\freecall.exe |
"TCP Query User{01FC7145-A2BF-4F57-893E-2593AC89D125}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{0CCD9773-1FCE-4178-8EDC-D590D27F56F9}C:\program files\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"TCP Query User{193B0FEF-06B9-4491-A064-FB00A40B2B37}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{2C140E26-43D3-4BF1-8F19-FB2F2C13050D}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{4C197B0E-E86D-4C30-96FB-C5B4F8C6D04F}C:\program files\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"TCP Query User{516656A2-2125-46A5-A666-57D54F2B940C}C:\program files\realvnc\vnc4\winvnc4.exe" = protocol=6 | dir=in | app=c:\program files\realvnc\vnc4\winvnc4.exe |
"TCP Query User{5B29CE50-DA3E-49FA-B715-EC3877BE0945}C:\program files\realvnc\vnc4\winvnc4.exe" = protocol=6 | dir=in | app=c:\program files\realvnc\vnc4\winvnc4.exe |
"TCP Query User{60B8C2C0-882D-4DF0-8073-3E27A489E196}C:\zoiper_2.14_free\zoiper.exe" = protocol=6 | dir=in | app=c:\zoiper_2.14_free\zoiper.exe |
"TCP Query User{61CC6240-5EFD-4917-B68E-D866E2FE31E0}C:\program files\attractel\zoiper\zoiper.exe" = protocol=6 | dir=in | app=c:\program files\attractel\zoiper\zoiper.exe |
"TCP Query User{88E963EB-50A4-4C73-8B58-F2B45EF7E6BF}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{970CF5FA-4DE1-433E-8614-AE7D3BDDDCC0}C:\zoiper_2.14_free\zoiper.exe" = protocol=6 | dir=in | app=c:\zoiper_2.14_free\zoiper.exe |
"TCP Query User{A126DA8C-A026-4D51-92BE-C3BC8898E890}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{A76D1D93-F22A-4F3F-84D2-A4622A7E56BC}C:\dočasné soubory\pracovní\software\internet\zoiper_2.14_free\zoiper.exe" = protocol=6 | dir=in | app=c:\dočasné soubory\pracovní\software\internet\zoiper_2.14_free\zoiper.exe |
"TCP Query User{AF5BAE2C-472E-4C2F-AA4F-00B821E4E2B9}C:\program files\intervideo\dvd8\windvd.exe" = protocol=6 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
"TCP Query User{AF735005-3D55-414D-850A-1A51112B4DC2}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{BDC3A6FC-C9D7-4EE4-8371-617E4F161BAD}C:\program files\tightvnc\winvnc.exe" = protocol=6 | dir=in | app=c:\program files\tightvnc\winvnc.exe |
"TCP Query User{C3360108-0AF6-4809-AC71-9D3147ACE4F4}C:\users\petr pechr\appdata\local\temp\rar$ex00.515\zoiper.exe" = protocol=6 | dir=in | app=c:\users\petr pechr\appdata\local\temp\rar$ex00.515\zoiper.exe |
"TCP Query User{EC3A44F6-A40C-442B-9067-3E55393B5B2B}C:\program files\attractel\zoiper\zoiper.exe" = protocol=6 | dir=in | app=c:\program files\attractel\zoiper\zoiper.exe |
"TCP Query User{EEE77541-D59D-4220-9537-7774E4D61AEA}C:\program files\intervideo\dvd8\windvd.exe" = protocol=6 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
"UDP Query User{1707A1ED-53BB-4766-A08B-698D1EACBAEF}C:\zoiper_2.14_free\zoiper.exe" = protocol=17 | dir=in | app=c:\zoiper_2.14_free\zoiper.exe |
"UDP Query User{1A291B14-CFFF-4C66-B134-C515ABCAFB68}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{215A19FA-979B-41FC-B1A7-502F562CBD39}C:\program files\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"UDP Query User{265DAFC3-5E51-43D9-9AC3-4620C6477431}C:\program files\attractel\zoiper\zoiper.exe" = protocol=17 | dir=in | app=c:\program files\attractel\zoiper\zoiper.exe |
"UDP Query User{31A413B8-F212-4237-AA2C-673FABF645C2}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{50CE22D6-45B0-4880-8193-E3D11A44338C}C:\zoiper_2.14_free\zoiper.exe" = protocol=17 | dir=in | app=c:\zoiper_2.14_free\zoiper.exe |
"UDP Query User{58331064-15D2-481F-87DB-764C2018F5E1}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{63A042B8-102C-4B1C-8465-47CD65DFE735}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{7A96D758-A98B-45DE-B5B9-CB98A2F0860B}C:\program files\tightvnc\winvnc.exe" = protocol=17 | dir=in | app=c:\program files\tightvnc\winvnc.exe |
"UDP Query User{7F19F940-A0F1-4F29-B4E3-82D8164B7092}C:\users\petr pechr\appdata\local\temp\rar$ex00.515\zoiper.exe" = protocol=17 | dir=in | app=c:\users\petr pechr\appdata\local\temp\rar$ex00.515\zoiper.exe |
"UDP Query User{9C1A45E7-3D0C-469C-8ADF-8C77FDA14EB4}C:\program files\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"UDP Query User{9D832760-CE7B-4EBE-AAC9-F129477B98E7}C:\program files\attractel\zoiper\zoiper.exe" = protocol=17 | dir=in | app=c:\program files\attractel\zoiper\zoiper.exe |
"UDP Query User{C84DD904-6075-4B26-A7CE-47C05E902099}C:\program files\realvnc\vnc4\winvnc4.exe" = protocol=17 | dir=in | app=c:\program files\realvnc\vnc4\winvnc4.exe |
"UDP Query User{CFF539B7-48FF-4909-90C5-A1A9A6888018}C:\program files\intervideo\dvd8\windvd.exe" = protocol=17 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
"UDP Query User{D04253F1-F159-4A99-B729-272D3E5749DD}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{E099A110-79D6-44D6-A9EF-A4267F0F0AC9}C:\dočasné soubory\pracovní\software\internet\zoiper_2.14_free\zoiper.exe" = protocol=17 | dir=in | app=c:\dočasné soubory\pracovní\software\internet\zoiper_2.14_free\zoiper.exe |
"UDP Query User{E1D07299-32CE-428D-B92B-FC12DCC8DB55}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{FB3E617D-13E0-45BC-9B9F-F33977B77318}C:\program files\realvnc\vnc4\winvnc4.exe" = protocol=17 | dir=in | app=c:\program files\realvnc\vnc4\winvnc4.exe |
"UDP Query User{FDAE3649-DAAB-413B-8BDB-15569579A592}C:\program files\intervideo\dvd8\windvd.exe" = protocol=17 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{019749A1-F9BC-476C-2614-58D9ED0A6F40}" = ccc-core-static
"{0A21003A-E0A8-6042-F307-C7FBAE836794}" = Catalyst Control Center Localization Japanese
"{0DFCEDD8-5F43-A2FF-E63B-2FE3650C9A02}" = CCC Help English
"{0E19D441-0A05-EA5A-4158-BFBC2B24C564}" = ccc-utility
"{10FDD3F5-EFE7-2B75-B2CC-7AC661CA09DE}" = CCC Help Swedish
"{1C8808D1-CE58-18DA-3B21-CDEF8D9B0BED}" = CCC Help Turkish
"{1D787FAC-0ABE-FD00-660C-B880A31166C0}" = Catalyst Control Center Localization Arabic
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FF5B839-C9A3-79EB-49E7-5D1952776664}" = Catalyst Control Center Localization French
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{260DAAF9-00EB-D2AA-4D83-24C1EB34C6FA}" = CCC Help Norwegian
"{2E932A07-F5F6-CCC5-4854-97DB9A3AFB2E}" = Catalyst Control Center Localization Chinese Standard
"{319B3AD0-8B75-8D34-9C19-3F9AEB064C88}" = Catalyst Control Center Localization German
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33D56EDB-EC6B-2B62-1F31-FDEF7BDF941A}" = Catalyst Control Center Localization Hungarian
"{357CEB93-ED71-2916-CD74-4F8F7376542B}" = ccc-localization-da
"{361D1727-5203-D58A-5A00-98E29585207D}" = Catalyst Control Center Core Implementation
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FF9C945-3D49-6EF5-9EC3-D89A89FD1AE6}" = CCC Help Thai
"{404B19DC-6955-44B9-9DEA-0990A5146554}" = CCC Help Korean
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{4516D595-253A-1EF2-B2C5-2A43785B3B8E}" = CCC Help Danish
"{47E8C7A1-4D23-80FD-2A74-A81AB9690F05}" = Catalyst Control Center Localization Italian
"{538A1AE6-5D8B-4BF1-B1B3-AE14FDE21C09}" = Test_OnlineDiagnostic
"{57F5CF93-3F01-E826-0147-59815335CBB2}" = CCC Help Japanese
"{5C2498DD-BE37-86F7-354D-34E3101BAB74}" = Catalyst Control Center Localization Arabic
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.2
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{64CC0986-62C9-EE7B-AEC4-C029247340D8}" = CCC Help Russian
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{70C68C2A-E081-16C6-7366-3CCBD6E2028A}" = Catalyst Control Center Localization Arabic
"{745EBF89-814D-1693-6778-7E6722D089B9}" = Catalyst Control Center Graphics Light
"{788FCF58-A22D-AC6A-0422-085E5EEDC41B}" = CCC Help Czech
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84991F86-23E3-016E-F6C1-5072D1707558}" = Catalyst Control Center Localization Korean
"{858847DC-C7A9-CA65-D84E-194CFAB1176D}" = Catalyst Control Center Graphics Previews Vista
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91F3F438-C591-037B-BC98-A0FE7481CB2A}" = Catalyst Control Center Localization Arabic
"{9817BBF0-C642-D820-B3B1-5BBB6D55EABF}" = Catalyst Control Center Localization Arabic
"{A757784B-4562-C19D-18FD-2810B76348BD}" = CCC Help Spanish
"{AC768D91-EC0E-1401-62D6-1E09D42B82FF}" = Catalyst Control Center Graphics Full New
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B0020AAE-255D-9AFA-F076-C19B07E47AF4}" = CCC Help Finnish
"{C552F65D-7DCA-6542-7E0A-17EA07513FED}" = Catalyst Control Center Localization Finnish
"{C9EC23BB-9AE0-8C29-B6E4-4B8CF5AE535E}" = Catalyst Control Center Localization Spanish
"{CC7F87A1-95A9-83FC-D65C-4CA675526DC2}" = CCC Help Chinese Traditional
"{CCE41B2F-0516-AB46-3BBC-6B691634A66B}" = CCC Help French
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF7C6234-D304-0C9C-4EA4-0C07B85021FD}" = Catalyst Control Center Localization Czech
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.4.4
"{D34D82E0-4600-407B-9478-8506C1DD1029}" = Nero 7 Essentials
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D7824725-F3EB-9940-6311-F39D5F7732E1}" = Catalyst Control Center Graphics Full Existing
"{DBED4E6A-BB0E-8D0A-FA4C-A60856A62F64}" = Catalyst Control Center Localization Arabic
"{DCE907E3-4D72-4CD3-A08A-BEFC8C7A5869}" = Branding
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DE822D87-23EB-C65D-8FC4-752391F0B257}" = Skins
"{E12335FC-16B4-D2C6-3209-AAA8BB661F77}" = CCC Help Polish
"{E21C8CCF-76C4-4664-AD53-CCC8990C5B78}" = Autodesk DirectConnect 2011
"{E4C2DEEC-E608-6962-D97C-2FAB04046CD2}" = CCC Help German
"{E68A9B61-EFE8-C7B3-0D2C-0B221FA8EC6A}" = CCC Help Greek
"{E793B1DE-7542-F473-460A-8A8F7AF0D47D}" = CCC Help Dutch
"{E8E3E4B7-6A0C-EEE2-83AB-B23B421181E6}" = CCC Help Chinese Standard
"{EB196FD0-1019-D772-C266-3F7E5F5EE1FB}" = Catalyst Control Center Localization Arabic
"{EDF31891-87A1-C665-E72A-5D6C15C36F02}" = Catalyst Control Center Localization Arabic
"{EFB59A8A-BCE7-7FEB-EB54-A687088B02FC}" = Catalyst Control Center Localization Chinese Traditional
"{F0B9C15C-6804-892C-310E-8B11BD585A76}" = Catalyst Control Center Localization Greek
"{F1274811-33BC-45EB-B4F6-D05265BADBA1}" = Autodesk Showcase 2011 32-bit
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26129FD-925E-5752-E674-96F06AC82310}" = CCC Help Hungarian
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FBAD116A-A763-810D-A843-6D09D265773F}" = CCC Help Portuguese
"{FCE3FA3F-411C-CF5C-98B6-8B968E27D393}" = CCC Help Italian
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Allway Sync_is1" = Allway Sync version 11.0.0
"Any Video Converter_is1" = Any Video Converter 3.1.2
"ATI Uninstaller" = ATI Uninstaller
"avast!" = avast! Antivirus
"CCleaner" = CCleaner
"DVD Shrink_is1" = DVD Shrink 3.2
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"HD Tune_is1" = HD Tune 2.50
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.1.0 (Full)
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"rajče.net_is1" = rajče verze 57 sestavení 192
"RealVNC_is1" = VNC Free Edition 4.1.2
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR
"WoodWOP" = WoodWOP
"ydotfogqaakwyzf" = RON Tool Adservefast
"Zoiper" = Zoiper
"Zoner Photo Studio 9_is1" = Zoner Photo Studio 9

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 14.11.2007 13:55:22 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of \\PLUTO\Pracovní\Nová složka\wjv2y1en.exe:Zone.Identifier failed, 00000005.

Error - 18.12.2007 17:09:07 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2564.39187__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.DLL
failed, 00000005.

Error - 17.3.2008 13:25:20 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2564.39172__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.DLL
failed, 00000005.

Error - 26.3.2008 15:53:02 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll failed, 00000005.

Error - 15.9.2009 14:59:07 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

Error - 13.6.2010 16:01:16 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

Error - 18.8.2010 15:04:48 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

Error - 11.1.2011 9:35:58 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

Error - 5.5.2011 11:11:39 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\samlib.dll failed, 00000005.

Error - 8.8.2011 9:23:03 | Computer Name = Petr_Pechr | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

[ Application Events ]
Error - 22.8.2011 16:18:03 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x86c, čas spuštění aplikace
0x01cc610881bf8d31.

Error - 23.8.2011 16:48:13 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x764, čas spuštění aplikace
0x01cc61d2f954c97c.

Error - 24.8.2011 15:30:10 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x14f8, čas spuštění
aplikace 0x01cc6292ad3aec2c.

Error - 28.8.2011 15:31:07 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x440, čas spuštění aplikace
0x01cc65b80a1a5cac.

Error - 28.8.2011 15:34:26 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x808, čas spuštění aplikace
0x01cc65b90c1ec2f8.

Error - 28.8.2011 15:37:33 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x120, čas spuštění aplikace
0x01cc65b980a82157.

Error - 28.8.2011 15:38:50 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x117c, čas spuštění
aplikace 0x01cc65b9f02f3df1.

Error - 28.8.2011 15:39:08 | Computer Name = Petr_Pechr | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.19120, časové razítko
0x4e2a9406, chybující modul mshtml.dll, verze 8.0.6001.19120, časové razítko 0x4e2aaa35,
kód výjimky 0xc0000005, posun chyby 0x00067b98, ID procesu 0x12c, čas spuštění aplikace
0x01cc65b980a82157.

Error - 29.8.2011 16:14:18 | Computer Name = Petr_Pechr | Source = EventSystem | ID = 4609
Description =

Error - 7.9.2011 15:00:18 | Computer Name = Petr_Pechr | Source = Windows Search Service | ID = 3024
Description =

[ Media Center Events ]
Error - 14.9.2007 10:35:24 | Computer Name = PetrPechr-PC | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.SqmFlushSession failed;
Win32 GetLastError returned 0D Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 14.9.2008 14:47:10 | Computer Name = Petr_Pechr | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 14.9.2008 14:47:37 | Computer Name = Petr_Pechr | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 9.9.2009 17:16:16 | Computer Name = Petr_Pechr | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 22.9.2009 17:12:04 | Computer Name = Petr_Pechr | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

[ System Events ]
Error - 16.9.2011 15:02:31 | Computer Name = Petr_Pechr | Source = Service Control Manager | ID = 7026
Description =

Error - 16.9.2011 15:19:08 | Computer Name = Petr_Pechr | Source = DCOM | ID = 10010
Description =

Error - 16.9.2011 15:30:38 | Computer Name = Petr_Pechr | Source = Service Control Manager | ID = 7026
Description =

Error - 16.9.2011 15:33:12 | Computer Name = Petr_Pechr | Source = DCOM | ID = 10010
Description =

Error - 16.9.2011 15:36:06 | Computer Name = Petr_Pechr | Source = Service Control Manager | ID = 7026
Description =

Error - 16.9.2011 15:43:50 | Computer Name = Petr_Pechr | Source = DCOM | ID = 10010
Description =

Error - 16.9.2011 16:28:36 | Computer Name = Petr_Pechr | Source = Service Control Manager | ID = 7026
Description =

Error - 16.9.2011 16:49:57 | Computer Name = Petr_Pechr | Source = Service Control Manager | ID = 7031
Description =

Error - 16.9.2011 16:53:56 | Computer Name = Petr_Pechr | Source = DCOM | ID = 10010
Description =

Error - 17.9.2011 1:37:36 | Computer Name = Petr_Pechr | Source = Service Control Manager | ID = 7026
Description =

< End of report >

OTL logfile created on: 17.9.2011 7:53:15 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Users\Petr Pechr\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

893,52 Mb Total Physical Memory | 226,29 Mb Available Physical Memory | 25,33% Memory free
2,00 Gb Paging File | 1,11 Gb Available in Paging File | 55,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,76 Gb Total Space | 11,68 Gb Free Space | 14,83% Space Free | Partition Type: NTFS
Drive D: | 19,36 Gb Total Space | 18,77 Gb Free Space | 96,99% Space Free | Partition Type: NTFS

Computer Name: PETR_PECHR | User Name: Petr Pechr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.09.17 07:51:33 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Users\Petr Pechr\Downloads\OTL.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.04.10 23:28:12 | 001,143,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
PRC - [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.10 23:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.01.18 23:38:40 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006.12.29 12:11:00 | 004,317,184 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006.12.26 11:23:34 | 000,180,224 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\OSD.exe
PRC - [2006.12.14 16:53:28 | 000,192,512 | ---- | M] (Wistron) -- C:\Program Files\Launch Manager\HotkeyApp.exe
PRC - [2006.11.17 20:45:26 | 000,118,784 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\WisLMSvc.exe
PRC - [2006.11.14 16:07:08 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe
PRC - [2006.11.09 14:37:52 | 000,086,016 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
PRC - [2006.08.29 09:26:32 | 000,241,664 | ---- | M] () -- C:\Program Files\Launch Manager\OSDCtrl.exe
PRC - [2005.07.25 13:36:40 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe

========== Modules (No Company Name) ==========

MOD - [2009.01.18 18:15:14 | 000,344,064 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\mmmpcdmx.ax
MOD - [2009.01.11 00:17:14 | 000,536,576 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\splitter.ax
MOD - [2009.01.11 00:14:08 | 000,079,360 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkzlib.dll
MOD - [2009.01.11 00:14:06 | 000,023,552 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkunicode.dll
MOD - [2007.01.08 13:08:56 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2006.11.09 14:37:52 | 000,086,016 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
MOD - [2006.08.29 09:26:32 | 000,241,664 | ---- | M] () -- C:\Program Files\Launch Manager\OSDCtrl.exe
MOD - [2005.07.25 13:36:40 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe

========== Win32 Services (SafeList) ==========

SRV - [2010.06.25 17:32:33 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.01.18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006.11.17 20:45:26 | 000,118,784 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Program Files\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2006.11.14 16:07:08 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)

========== Driver Services (SafeList) ==========

DRV - [2009.11.25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 01:49:48 | 000,053,328 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.01.13 09:45:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007.01.25 14:16:46 | 000,218,112 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sis163u.sys -- (SIS163u)
DRV - [2007.01.08 13:16:50 | 002,313,216 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006.11.02 09:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006.11.02 09:30:56 | 000,047,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.07.14 14:55:34 | 000,105,088 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2003.04.28 11:27:06 | 000,009,867 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\HOTKEY.sys -- (Hotkey)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\..\URLSearchHook: - Reg Error: CLSID key missing. File not found
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

druha cast

Peky · #6 Příspěvek od **Peky** » 17 zář 2011 19:41

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O3: - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3: - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe ()
O4 - HKLM..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe ()
O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [nvoqahiuxykq] C:\Windows\System32\regsvr32.exe /s "C:\Windows\system32\mtakrnbcmlar.dll" File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O7 - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.33.1 192.168.33.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91F6F6BB-120C-43CC-B8BA-9F87287880DD}: DhcpNameServer = 192.168.33.1 192.168.33.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1C4FAD0-E341-4F02-9783-D068EBD695FB}: DhcpNameServer = 192.168.33.1 192.168.33.5
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\fsc_wallpaper1.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\fsc_wallpaper1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2015.03.01 20:18:48 | 000,023,120 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2015.03.01 20:18:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Antivirus
[2015.03.01 20:18:47 | 000,048,560 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2015.03.01 20:18:44 | 000,097,480 | ---- | C] (ALWIL Software) -- C:\Windows\System32\AvastSS.scr
[2015.03.01 20:18:34 | 001,280,480 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2015.03.01 20:18:34 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll
[2015.03.01 20:18:34 | 000,053,328 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2015.03.01 20:18:27 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2011.09.16 20:45:09 | 000,000,000 | ---D | C] -- C:\rsit
[2011.09.16 20:20:14 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.09.16 20:20:14 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.09.16 20:20:14 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.09.16 20:20:14 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.09.16 20:20:14 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.09.16 20:20:14 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.09.16 20:20:13 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.09.16 20:20:13 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.09.16 20:20:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.09.16 20:20:13 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.09.16 20:20:12 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.09.16 20:20:12 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.09.16 20:20:12 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.09.16 20:20:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.09.16 20:20:12 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.09.16 20:20:12 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.09.16 20:20:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.09.16 20:20:11 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.09.16 20:20:11 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.09.16 20:20:11 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.09.16 20:20:11 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.09.16 20:20:10 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.09.16 20:20:10 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.09.16 20:20:10 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.09.16 20:20:09 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.09.16 20:20:09 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.09.16 20:20:09 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.09.16 20:20:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.09.16 20:20:09 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.09.16 20:20:09 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.09.16 20:20:09 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.09.16 20:20:09 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.09.16 20:20:09 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.09.16 20:20:09 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.09.16 20:20:08 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.09.16 20:20:08 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.09.16 20:20:08 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009.11.19 21:08:02 | 003,749,224 | ---- | C] (Acresso Software Inc.) -- C:\Program Files\Common Files\adlmint_libFNP.dll
[2009.11.19 21:08:02 | 002,941,288 | ---- | C] (Autodesk, Inc.) -- C:\Program Files\Common Files\adlmint.dll

========== Files - Modified Within 7 Days ==========

[2015.03.01 20:18:48 | 000,001,855 | ---- | M] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2011.09.17 07:57:50 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.09.17 07:36:35 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.17 07:36:35 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.17 07:36:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.09.17 07:36:20 | 937,672,704 | -HS- | M] () -- C:\hiberfil.sys
[2011.09.16 20:20:28 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011.09.16 20:20:28 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011.09.16 20:20:14 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.09.16 20:20:14 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.09.16 20:20:14 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.09.16 20:20:14 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.09.16 20:20:14 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.09.16 20:20:14 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.09.16 20:20:13 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.09.16 20:20:13 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.09.16 20:20:13 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.09.16 20:20:13 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.09.16 20:20:12 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.09.16 20:20:12 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.09.16 20:20:12 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.09.16 20:20:12 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.09.16 20:20:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.09.16 20:20:12 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.09.16 20:20:12 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.09.16 20:20:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.09.16 20:20:11 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.09.16 20:20:11 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.09.16 20:20:11 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.09.16 20:20:11 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.09.16 20:20:10 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.09.16 20:20:10 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.09.16 20:20:10 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.09.16 20:20:09 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.09.16 20:20:09 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.09.16 20:20:09 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.09.16 20:20:09 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.09.16 20:20:09 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.09.16 20:20:09 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.09.16 20:20:09 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.09.16 20:20:09 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.09.16 20:20:09 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.09.16 20:20:09 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.09.16 20:20:08 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.09.16 20:20:08 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.09.16 20:20:08 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.09.16 19:56:23 | 000,105,984 | ---- | M] () -- C:\Users\Petr Pechr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.15 13:18:14 | 000,607,470 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.09.15 13:18:14 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.09.15 13:18:14 | 000,118,118 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.09.15 13:18:14 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2015.03.01 20:18:48 | 000,001,855 | ---- | C] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2015.03.01 20:18:34 | 000,380,928 | ---- | C] () -- C:\Windows\System32\actskin4.ocx
[2011.09.17 07:57:50 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.09.16 20:20:12 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010.06.24 20:04:54 | 000,000,000 | ---- | C] () -- C:\Windows\MTSTACK.INI
[2010.06.24 20:04:50 | 000,042,496 | ---- | C] () -- C:\Windows\System32\MTSTACK.EXE
[2010.01.27 19:15:35 | 000,000,680 | ---- | C] () -- C:\Users\Petr Pechr\AppData\Local\d3d9caps.dat
[2009.09.23 08:44:34 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.23 08:43:02 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.09.23 08:43:02 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.06.02 18:11:16 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.05.29 16:52:26 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.05.29 16:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.12.28 22:21:54 | 000,047,683 | ---- | C] () -- C:\Windows\System32\ydotfogqaakwyzf.exe
[2007.09.27 20:15:59 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.09.14 17:49:23 | 000,024,206 | ---- | C] () -- C:\Users\Petr Pechr\AppData\Roaming\UserTile.png
[2007.09.14 16:48:19 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2007.09.14 16:46:35 | 000,105,984 | ---- | C] () -- C:\Users\Petr Pechr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.09.04 12:56:10 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007.04.02 19:51:53 | 000,135,168 | ---- | C] () -- C:\Windows\System32\property.dll
[2007.04.02 10:26:25 | 000,009,867 | ---- | C] () -- C:\Windows\System32\drivers\HOTKEY.sys
[2007.04.02 10:19:00 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007.04.02 10:18:58 | 000,145,112 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2007.01.08 23:09:29 | 000,607,470 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2007.01.08 23:09:29 | 000,286,912 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2007.01.08 23:09:29 | 000,118,118 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2007.01.08 23:09:29 | 000,034,724 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,324,648 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.08.11 09:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll

========== LOP Check ==========

[2009.03.12 22:16:01 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\GHISLER
[2009.02.02 19:00:48 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\ICQ
[2009.01.19 19:30:36 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\InterVideo
[2010.10.21 09:04:36 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\Opera
[2010.12.08 18:23:46 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\AnvSoft
[2010.06.27 22:39:43 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Autodesk
[2008.12.28 22:22:50 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Free XXX Membership
[2009.09.09 21:48:03 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\FreeCall
[2009.01.26 20:55:21 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\GHISLER
[2010.08.03 23:11:05 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\ICQ
[2007.11.13 00:11:32 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\ICQ Toolbar
[2007.09.27 20:51:55 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\ICQLite
[2007.09.14 16:25:03 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\InterVideo
[2010.10.20 17:15:47 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Opera
[2007.09.14 17:49:23 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\PeerNetworking
[2010.12.27 19:00:23 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Sync App Settings
[2009.09.23 06:04:27 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\VistaCodecs
[2007.11.12 17:04:05 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Zoner
[2011.09.16 22:54:12 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2008.01.18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2007.04.02 10:04:23 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_8ed06b47\AGP440.sys
[2007.04.02 10:04:23 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16400_none_b82caac9c18a4e3b\AGP440.sys
[2007.04.02 10:04:23 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=BF34B4A0E0B64440C5389AA6B902F4AD -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20496_none_b85af81edaeb8461\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2007.04.02 10:13:25 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=78620BDA3EC87816E5D1FA86F920BC3A -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c2a1b5ae\atapi.sys
[2007.04.02 10:13:25 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=78620BDA3EC87816E5D1FA86F920BC3A -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20518_none_dbd8b4d73d81c9d0\atapi.sys
[2008.02.15 16:01:29 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.02.15 16:01:29 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.02.15 16:01:29 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_64dfd8ea\atapi.sys
[2008.02.15 16:01:29 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.10 23:27:22 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.10 23:27:22 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.18 23:33:02 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.18 21:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.18 21:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.10 21:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.10 21:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.10 21:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2008.01.18 23:34:02 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.10 23:28:20 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009.04.10 23:28:20 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2007.11.15 13:29:31 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2007.11.15 13:29:31 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.18 23:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.10 23:32:48 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: IASTOR.SYS >
[2006.05.11 11:30:52 | 000,247,808 | ---- | M] (Intel Corporation) MD5=294110966CEDD127629C5BE48367C8CF -- C:\Windows\System32\drivers\iaStor.sys
[2006.05.11 11:30:52 | 000,247,808 | ---- | M] (Intel Corporation) MD5=294110966CEDD127629C5BE48367C8CF -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_6c3369af\iaStor.sys
[2006.05.11 11:30:52 | 000,247,808 | ---- | M] (Intel Corporation) MD5=294110966CEDD127629C5BE48367C8CF -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_0d20ce62\iaStor.sys

< MD5 for: IASTORV.SYS >
[2008.01.18 23:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.18 23:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2007.04.02 10:04:23 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=2F8ECE2699E7E2070545E9B0960A8ED2 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_8ed06b47\isapnp.sys
[2007.04.02 10:04:23 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=2F8ECE2699E7E2070545E9B0960A8ED2 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16400_none_b82caac9c18a4e3b\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\drivers\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.18 23:42:16 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.18 23:42:16 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.18 23:42:16 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.18 23:42:16 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys
[2007.04.02 10:04:23 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=7B72860D7B6725B74DC8C23CDB60A29D -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20496_none_b85af81edaeb8461\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.10 23:32:50 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.10 23:32:50 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008.01.18 23:43:32 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.18 23:35:38 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVATABUS.SYS >
[2006.07.14 14:55:34 | 000,105,088 | ---- | M] (NVIDIA Corporation) MD5=7D960340BE5B0E008BB94E4C3B991339 -- C:\Windows\System32\drivers\nvatabus.sys
[2006.07.14 14:55:34 | 000,105,088 | ---- | M] (NVIDIA Corporation) MD5=7D960340BE5B0E008BB94E4C3B991339 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_27229839\nvatabus.sys

< MD5 for: NVRAID.SYS >
[2008.01.18 23:43:02 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.18 23:43:02 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.07.14 14:55:42 | 000,089,344 | ---- | M] (NVIDIA Corporation) MD5=52F54C59A0EC7920C23638313E99E43C -- C:\Windows\System32\drivers\nvraid.sys
[2006.07.14 14:55:42 | 000,089,344 | ---- | M] (NVIDIA Corporation) MD5=52F54C59A0EC7920C23638313E99E43C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_27229839\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.18 23:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.18 23:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.18 23:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2008.01.18 23:33:32 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.10 23:28:06 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.10 23:28:06 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe

< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.01.09 21:27:40 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=028061C7F6D2D03068C72E2A27E4228A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16567_none_5f6577ce925d75a7\tcpip.sys
[2009.04.10 23:33:04 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\System32\drivers\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2008.01.09 21:27:40 | 000,804,352 | ---- | M] (Microsoft Corporation) MD5=43EAE40B50FE3E60D194DD9C97EBB1FD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20689_none_5fdb7555ab898001\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2008.02.15 16:01:01 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2008.02.15 16:01:02 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.18 23:43:40 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.18 23:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.18 23:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: VIAMRAID.SYS >
[2006.03.31 02:18:30 | 000,100,992 | ---- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\Windows\System32\drivers\viamraid.sys
[2006.03.31 02:18:30 | 000,100,992 | ---- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\Windows\System32\DriverStore\FileRepository\viamraid.inf_2d6a7e3a\viamraid.sys

< MD5 for: WINLOGON.EXE >
[2009.04.10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.18 23:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2008.01.18 23:37:10 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008.01.18 23:37:10 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[17 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\9fcdec88f634ef1512e2054b50e2d1dc\*.tmp files -> C:\Windows\SoftwareDistribution\Download\9fcdec88f634ef1512e2054b50e2d1dc\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.04.15 21:45:03 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Adobe
[2007.11.12 14:05:43 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\AdobeUM
[2007.09.19 19:58:33 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Ahead
[2010.12.08 18:23:46 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\AnvSoft
[2007.09.14 16:23:43 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\ATI
[2010.06.27 22:39:43 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Autodesk
[2008.12.28 22:22:50 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Free XXX Membership
[2009.09.09 21:48:03 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\FreeCall
[2009.01.26 20:55:21 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\GHISLER
[2010.08.03 23:11:05 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\ICQ
[2007.11.13 00:11:32 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\ICQ Toolbar
[2007.09.27 20:51:55 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\ICQLite
[2007.09.14 16:23:05 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Identities
[2007.09.14 16:25:03 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\InterVideo
[2007.09.27 20:53:32 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Macromedia
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Media Center Programs
[2009.09.09 21:21:24 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Media Player Classic
[2011.05.31 20:41:57 | 000,000,000 | --SD | M] -- C:\Users\Petr Pechr\AppData\Roaming\Microsoft
[2008.12.29 12:13:16 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Mozilla
[2010.10.20 17:15:47 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Opera
[2007.09.14 17:49:23 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\PeerNetworking
[2009.09.24 00:26:15 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Real
[2009.01.26 22:42:29 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Skype
[2007.09.27 20:25:16 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Sony Corporation
[2010.12.27 19:00:23 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Sync App Settings
[2009.09.23 06:04:27 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\VistaCodecs
[2010.02.02 23:16:05 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Winamp
[2007.11.09 13:40:57 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\WinRAR
[2007.11.12 17:04:05 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2011.03.02 22:42:06 | 002,871,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Petr Pechr\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2007.04.02 19:52:16 | 006,660,096 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2007.04.02 19:52:13 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2007.04.02 19:52:17 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2007.04.02 19:52:28 | 015,712,256 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2007.04.02 19:52:31 | 006,017,024 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.09.17 07:36:35 | 000,003,168 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.17 07:36:35 | 000,003,168 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.16 20:20:09 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\admparse.dll
[2011.09.16 20:20:09 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\advpack.dll
[2011.09.16 20:20:12 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll
[2011.09.16 20:20:13 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll
[2011.09.16 20:20:13 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\html.iec
[2011.09.16 20:20:12 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll
[2011.09.16 20:20:28 | 000,008,798 | ---- | M] () -- C:\Windows\system32\icrav03.rat
[2011.09.16 20:20:12 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ie4uinit.exe
[2011.09.16 20:20:08 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll
[2011.09.16 20:20:08 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakeng.dll
[2011.09.16 20:20:09 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieaksie.dll
[2011.09.16 20:20:09 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakui.dll
[2011.09.16 20:20:12 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dat
[2011.09.16 20:20:12 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll
[2011.09.16 20:20:11 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll
[2011.09.16 20:20:13 | 009,704,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll
[2011.09.16 20:20:09 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll
[2011.09.16 20:20:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll
[2011.09.16 20:20:14 | 001,791,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll
[2011.09.16 20:20:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll
[2011.09.16 20:20:13 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll
[2011.09.16 20:20:13 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll
[2011.09.16 20:20:12 | 000,072,822 | ---- | M] () -- C:\Windows\system32\ieuinit.inf
[2011.09.16 20:20:09 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieUnatt.exe
[2011.09.16 20:20:10 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iexpress.exe
[2011.09.16 20:20:09 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll
[2011.09.16 20:20:11 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inetcpl.cpl
[2011.09.16 20:20:11 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll
[2011.09.16 20:20:09 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll
[2011.09.16 20:20:09 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll
[2011.09.16 20:20:14 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll
[2011.09.16 20:20:11 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll
[2011.09.16 15:11:40 | 046,249,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mrt.exe
[2011.09.16 20:20:10 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll
[2011.09.16 20:20:09 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll
[2011.09.16 20:20:08 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedssync.exe
[2011.09.16 20:20:09 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshta.exe
[2011.09.16 20:20:10 | 012,273,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll
[2011.09.16 20:20:09 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.tlb
[2011.09.16 20:20:11 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll
[2011.09.16 20:20:14 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll
[2011.09.16 20:20:14 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll
[2011.09.16 20:20:14 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll
[2011.09.16 20:20:09 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll
[2011.09.15 13:18:14 | 000,118,118 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2011.09.15 13:18:14 | 000,104,070 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011.09.15 13:18:14 | 000,607,470 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2011.09.15 13:18:14 | 000,595,996 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011.09.15 13:18:14 | 001,440,146 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2011.09.16 20:20:09 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll
[2011.09.16 20:20:14 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RegisterIEPKEYs.exe
[2011.09.16 20:20:14 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SetIEInstalledDate.exe
[2011.09.16 20:20:13 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tdc.ocx
[2011.09.16 20:20:28 | 000,001,988 | ---- | M] () -- C:\Windows\system32\ticrf.rat
[2011.09.16 20:20:12 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll
[2011.09.16 20:20:14 | 001,102,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll
[2011.09.16 20:20:10 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll
[2011.09.16 20:20:11 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll
[2011.09.16 20:20:10 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wextract.exe
[2011.09.16 20:20:14 | 001,126,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"StartCCC" = c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe -- [2006.11.10 12:35:24 | 000,090,112 | ---- | M] ()
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.18 23:33:10 | 000,125,952 | ---- | M] (Microsoft Corporation)
"WMPNSCFG" = C:\Program Files\Windows Media Player\WMPNSCFG.exe -- [2008.01.18 23:33:40 | 000,202,240 | ---- | M] (Microsoft Corporation)

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.09.17 07:57:50 | 000,000,512 | ---- | M] () MD5=5DE7CD87159D87C79D54F6136C87C765 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 829 bytes -> C:\Users\Petr Pechr\Documents\12_07_08.eml:OECustomProperty
@Alternate Data Stream - 665 bytes -> C:\Users\Petr Pechr\Documents\foto.eml:OECustomProperty

< End of report >

#7 Příspěvek od **vyosek** » 17 zář 2011 19:47

Jeste si tam nejaka havet hovi, tak s ni zatocime

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
E - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\..\URLSearchHook: - Reg Error: CLSID key missing. File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
O3: - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3: - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [nvoqahiuxykq] C:\Windows\System32\regsvr32.exe /s "C:\Windows\system32\mtakrnbcmlar.dll" File not found
O13 - gopher Prefix: missing
[2008.12.28 22:21:54 | 000,047,683 | ---- | C] () -- C:\Windows\System32\ydotfogqaakwyzf.exe
[2007.11.13 00:11:32 | 000,000,000 | ---D | M] -- C:\Users\Petr Pechr\AppData\Roaming\ICQ Toolbar
[17 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\9fcdec88f634ef1512e2054b50e2d1dc\*.tmp files -> C:\Windows\SoftwareDistribution\Download\9fcdec88f634ef1512e2054b50e2d1dc\*.tmp -> ]
@Alternate Data Stream - 829 bytes -> C:\Users\Petr Pechr\Documents\12_07_08.eml:OECustomProperty
@Alternate Data Stream - 665 bytes -> C:\Users\Petr Pechr\Documents\foto.eml:OECustomProperty

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"Adobe Reader Speed Launcher"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=-
 
:files
C:\Windows\system32\mtakrnbcmlar.dll
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Peky · #8 Příspěvek od **Peky** » 18 zář 2011 06:30

ok, tak tady to je

All processes killed
========== OTL ==========
HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Prev Search Bar| /E : value set successfully!
HKU\S-1-5-21-1694813138-3103882244-3525305558-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1694813138-3103882244-3525305558-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1694813138-3103882244-3525305558-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-1694813138-3103882244-3525305558-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\nvoqahiuxykq deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
C:\Windows\System32\ydotfogqaakwyzf.exe moved successfully.
C:\Users\Petr Pechr\AppData\Roaming\ICQ Toolbar folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1B60.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E28.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP38A6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP461B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6F96.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8658.tmp\ehiExtens.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8658.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9217.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP95EB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA507.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA7D2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC1C1.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD18E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD2EE.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\9fcdec88f634ef1512e2054b50e2d1dc\BIT8314.tmp deleted successfully.
ADS C:\Users\Petr Pechr\Documents\12_07_08.eml:OECustomProperty deleted successfully.
ADS C:\Users\Petr Pechr\Documents\foto.eml:OECustomProperty deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG deleted successfully.
========== FILES ==========
File\Folder C:\Windows\system32\mtakrnbcmlar.dll not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jana
->Temp folder emptied: 36958293 bytes
->Temporary Internet Files folder emptied: 71772125 bytes
->Java cache emptied: 689417 bytes
->Opera cache emptied: 662400 bytes
->Flash cache emptied: 27302 bytes

User: Petr Pechr
->Temp folder emptied: 24635576 bytes
->Temporary Internet Files folder emptied: 39616268 bytes
->Java cache emptied: 11839899 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 2881006 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3232 bytes
RecycleBin emptied: 212760 bytes

Total Files Cleaned = 181,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Jana
->Flash cache emptied: 0 bytes

User: Petr Pechr
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.28.0 log created on 09182011_071153

Files\Folders moved on Reboot...
C:\Users\Petr Pechr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Petr Pechr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGA0HPM9\afr[1].htm moved successfully.
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Peky

#9 Příspěvek od **vyosek** » 18 zář 2011 07:29

Tak jeste uklidime

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Doporucuji provest defragmentaci disku

Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
- Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
- prepnete se do zalozky Nastroje
- Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
- Toto provedte se vsemi disky
Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
- Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
- Kliknete na Analyzovat
- Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
- Postup provedte se vsemi disky
Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
- Vyhodou programku je, ze se neinstaluje
- Staci tedy jen stahnout dle verze vaseho OS a rozbalit
- Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
- Probehne analyza disku a nasledne i defragmentace

Poprosim o novy log z RSIT a napiste jak se chova PC

Peky · #10 Příspěvek od **Peky** » 18 zář 2011 08:33

OK, tak tady to je. Defragmentaci provedu pozdeji je to na dlouho

Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr Pechr at 2011-09-18 09:20:16
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 12 GB (15%) free of 81 GB
Total RAM: 894 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:22:04, on 18.9.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\WButton.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\ehome\ehtray.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\users\Petr Pechr\Downloads\RSIT.exe
C:\Program Files\trend micro\Petr Pechr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1694813138-3103882244-3525305558-1001\..\Run: [] (User 'Jana')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

--
End of file - 6138 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2007-07-02 1062184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-29 4317184]
"LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2005-07-25 32768]
"HotkeyApp"=C:\Program Files\Launch Manager\HotkeyApp.exe [2006-12-14 192512]
"LMgrVolOSD"=C:\Program Files\Launch Manager\OSD.exe [2006-12-26 180224]
"LMgrOSD"=C:\Program Files\Launch Manager\OSDCtrl.exe [2006-08-29 241664]
"Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2006-11-09 86016]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.XVID"=xvidvfw.dll
"msacm.ac3filter"=ac3filter.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-01 20:18:48 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2015-03-01 20:18:47 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2015-03-01 20:18:44 ----A---- C:\Windows\system32\AvastSS.scr
2015-03-01 20:18:34 ----A---- C:\Windows\system32\MFC71.dll
2015-03-01 20:18:34 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-03-01 20:18:34 ----A---- C:\Windows\system32\aswBoot.exe
2015-03-01 20:18:27 ----D---- C:\Program Files\Alwil Software
2011-09-18 09:20:16 ----D---- C:\rsit
2011-09-18 09:17:23 ----D---- C:\doc
2011-09-16 20:20:14 ----A---- C:\Windows\system32\wininet.dll
2011-09-16 20:20:14 ----A---- C:\Windows\system32\urlmon.dll
2011-09-16 20:20:14 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-09-16 20:20:14 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-09-16 20:20:14 ----A---- C:\Windows\system32\msrating.dll
2011-09-16 20:20:14 ----A---- C:\Windows\system32\msls31.dll
2011-09-16 20:20:14 ----A---- C:\Windows\system32\mshtmler.dll
2011-09-16 20:20:14 ----A---- C:\Windows\system32\jsproxy.dll
2011-09-16 20:20:14 ----A---- C:\Windows\system32\iertutil.dll
2011-09-16 20:20:13 ----A---- C:\Windows\system32\ieui.dll
2011-09-16 20:20:13 ----A---- C:\Windows\system32\iesysprep.dll
2011-09-16 20:20:13 ----A---- C:\Windows\system32\ieframe.dll
2011-09-16 20:20:13 ----A---- C:\Windows\system32\dxtrans.dll
2011-09-16 20:20:12 ----A---- C:\Windows\system32\url.dll
2011-09-16 20:20:12 ----A---- C:\Windows\system32\iesetup.dll
2011-09-16 20:20:12 ----A---- C:\Windows\system32\iernonce.dll
2011-09-16 20:20:12 ----A---- C:\Windows\system32\ieapfltr.dll
2011-09-16 20:20:12 ----A---- C:\Windows\system32\ieapfltr.dat
2011-09-16 20:20:12 ----A---- C:\Windows\system32\ie4uinit.exe
2011-09-16 20:20:12 ----A---- C:\Windows\system32\icardie.dll
2011-09-16 20:20:12 ----A---- C:\Windows\system32\dxtmsft.dll
2011-09-16 20:20:11 ----A---- C:\Windows\system32\webcheck.dll
2011-09-16 20:20:11 ----A---- C:\Windows\system32\licmgr10.dll
2011-09-16 20:20:11 ----A---- C:\Windows\system32\inseng.dll
2011-09-16 20:20:11 ----A---- C:\Windows\system32\iedkcs32.dll
2011-09-16 20:20:10 ----A---- C:\Windows\system32\wextract.exe
2011-09-16 20:20:10 ----A---- C:\Windows\system32\vbscript.dll
2011-09-16 20:20:10 ----A---- C:\Windows\system32\mshtmled.dll
2011-09-16 20:20:10 ----A---- C:\Windows\system32\mshtml.dll
2011-09-16 20:20:10 ----A---- C:\Windows\system32\msfeeds.dll
2011-09-16 20:20:10 ----A---- C:\Windows\system32\iexpress.exe
2011-09-16 20:20:09 ----A---- C:\Windows\system32\pngfilt.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\occache.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\mshta.exe
2011-09-16 20:20:09 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\jscript9.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\jscript.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\imgutil.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\ieUnatt.exe
2011-09-16 20:20:09 ----A---- C:\Windows\system32\iepeers.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\ieakui.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\ieaksie.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\advpack.dll
2011-09-16 20:20:09 ----A---- C:\Windows\system32\admparse.dll
2011-09-16 20:20:08 ----A---- C:\Windows\system32\msfeedssync.exe
2011-09-16 20:20:08 ----A---- C:\Windows\system32\ieakeng.dll
2011-09-16 20:20:08 ----A---- C:\Windows\system32\IEAdvpack.dll
2011-08-24 21:14:57 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 month======

2011-09-18 09:21:57 ----D---- C:\Windows\Temp
2011-09-18 09:20:26 ----D---- C:\Program Files\trend micro
2011-09-18 08:47:43 ----D---- C:\Windows
2011-09-18 07:12:18 ----D---- C:\Windows\system32\drivers\etc
2011-09-18 07:11:56 ----D---- C:\Windows\System32
2011-09-17 09:35:05 ----SHD---- C:\System Volume Information
2011-09-17 09:10:54 ----RSD---- C:\Windows\assembly
2011-09-17 09:10:54 ----D---- C:\Windows\Microsoft.NET
2011-09-17 07:48:15 ----D---- C:\Windows\Prefetch
2011-09-17 07:41:23 ----SHD---- C:\Windows\Installer
2011-09-17 07:41:21 ----RD---- C:\Program Files
2011-09-16 21:03:03 ----D---- C:\Windows\system32\catroot2
2011-09-16 20:55:20 ----D---- C:\Windows\rescache
2011-09-16 20:38:09 ----D---- C:\Windows\system32\Tasks
2011-09-16 20:23:57 ----RD---- C:\Windows\Offline Web Pages
2011-09-16 20:23:57 ----D---- C:\Windows\system32\wbem
2011-09-16 20:23:57 ----D---- C:\Windows\system32\migration
2011-09-16 20:23:57 ----D---- C:\Windows\system32\en-US
2011-09-16 20:23:57 ----D---- C:\Windows\PolicyDefinitions
2011-09-16 20:23:57 ----D---- C:\Program Files\Internet Explorer
2011-09-16 20:23:53 ----SD---- C:\Windows\Downloaded Program Files
2011-09-16 20:20:40 ----D---- C:\Windows\winsxs
2011-09-16 20:20:06 ----D---- C:\Windows\system32\catroot
2011-09-16 20:06:03 ----D---- C:\Windows\Tasks
2011-09-16 19:53:11 ----D---- C:\Windows\Debug
2011-09-16 15:17:24 ----D---- C:\Program Files\Windows Mail
2011-09-16 15:11:40 ----A---- C:\Windows\system32\mrt.exe
2011-09-15 13:18:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-09-15 13:18:12 ----D---- C:\Windows\inf
2011-08-25 13:44:21 ----D---- C:\Windows\system32\cs-CZ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2006-08-25 36528]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 Hotkey;Hotkey; C:\Windows\system32\drivers\Hotkey.sys [2003-04-28 9867]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-01-13 954368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-02 1668456]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-01-08 2313216]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S1 mailKmd;mailKmd; C:\Windows\system32\drivers\mailKmd.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver; C:\Windows\system32\DRIVERS\sis163u.sys [2007-01-25 218112]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2006-05-11 247808]
S4 nvatabus;nvatabus; C:\Windows\system32\drivers\nvatabus.sys [2006-07-14 105088]
S4 viamraid;viamraid; C:\Windows\system32\drivers\viamraid.sys [2006-03-31 100992]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-01-08 557056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 IviRegMgr;IviRegMgr; c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler; C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [2006-11-14 204800]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 WisLMSvc;WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [2006-11-17 118784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-06-25 1045256]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

#11 Příspěvek od **vyosek** » 18 zář 2011 10:01

Log jiz vypada cisty, co PC

Peky · #12 Příspěvek od **Peky** » 18 zář 2011 18:52

ok, diky. Je to lepsi. Zbytek bude nutne poresit RAMKOU, defragmentaci.

Peky

#13 Příspěvek od **vyosek** » 18 zář 2011 19:33

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na rozloucenou Vam zahraje nase kapela :guitar:

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu